{"report_id":"5e0d3df5-4728-479b-bdf5-4583ebf44df8","version":6,"status":"done","tags":[],"date":"2026-03-06T10:16:10Z","url":{"schema":"http","addr":"zxswy.com","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":0,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"zxswy.com/index/index/index/jumplang/en-cn.html","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"title":"zxswy.com/index/index/index/jumplang/en-cn.html","dom":{"size":30225,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (758)","md5":"cd8957f6a5acc364496586abf75e53ae","sha1":"b52065bd9f2bf81ad6f48202850e7a8b255d2e09","sha256":"a37bd0e1c628e4c3099da706b5ec49d7ff99fd78fd0776b782d6d2d017dad4d7","sha512":"68948cf5e271a607288527c4ef7cbdfeedd7bc106826e1d315191ace1dc7b7ca977b8afb0b3125e709e2ea3dbeaf85be86d80695b801c920f7a85dd16b689c00","ssdeep":"384:FjJVIXMPZlTvxi/JLq0xxz7EXou4bbBTfi/rc:FjJ+XMPfTvc9xxz7EXou4vBTfio","tlshash":"d0d2f03006ee28b7006602e6a535276cacdb5e02d7139851f2ff4256a7cec947c5b5da","dom_hash":"domhash56ae7e5edd934c640901f9be3490f9fd","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zxswy.com","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":0,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-10T10:16:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"zxswy.com","ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"domain_registered":"2021-12-11","domain_rank":0,"first_seen":"2025-07-20T14:10:54.340814Z","last_seen":"2025-07-20T14:10:54.340814Z","alert_count":59,"request_count":59,"received_data":2436202,"sent_data":30970,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Zepto","description":"","website":"https://zeptojs.com","common_platform_enumeration":"","icon":"Zepto.png","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"zxswy.com/layer3.1/layer.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","size":22104,"data":"","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-06-07T12:12:51.412732Z","times_seen":5691,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/index/index/index/jumplang/en-cn.html","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5287119092d8c95da9162bbed0babba7","sha1":"bda158f8be9dfd5dbbdbf76bcfed30cc7945910a","sha256":"a0a469204de956debdc163261a396fa914a6d9abd1ef9fc0f0a9552450b38846","sha512":"839654f741816975cac19ccb96d3fd93693b726d6b92d089a9ee55f5c411e4b7365e4bf547412836693f6c73b3f7a53da2a3a67e6e1b80c7a7e6fd371f02cb00","ssdeep":"","tlshash":"2111ed487bb665b5e057203ad5ff80c01f4e259bd14aa690feed54aa0f212d4b0b3a0f","size":996,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-05-30T01:00:28.010777Z","times_seen":264,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/common.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bbaa3ba82eabac17365b789a50885a52","sha1":"72daa321d794ab876e580a3d74c8c93c7bf3ec91","sha256":"ce9f8f9bb4e5eef2462667de0e76e65bd65c6e670cef61b5e76ed47be6813cf9","sha512":"0004dc6643aa9a056edd186964e70964886558ad9dfd8208c8d8183faffb84a636728447817e5c89f2102cc0b5ef85aeceb6a64571b5562a84cbef7f2c4a312b","ssdeep":"","tlshash":"a4713098b34c912b10f673319abf1909d83ba5734103d408f95ca0853ff825eb3a6ee9","size":3807,"data":"","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-05-30T01:00:27.986607Z","times_seen":353,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"5287119092d8c95da9162bbed0babba7","sha1":"bda158f8be9dfd5dbbdbf76bcfed30cc7945910a","sha256":"a0a469204de956debdc163261a396fa914a6d9abd1ef9fc0f0a9552450b38846","sha512":"839654f741816975cac19ccb96d3fd93693b726d6b92d089a9ee55f5c411e4b7365e4bf547412836693f6c73b3f7a53da2a3a67e6e1b80c7a7e6fd371f02cb00","ssdeep":"","tlshash":"2111ed487bb665b5e057203ad5ff80c01f4e259bd14aa690feed54aa0f212d4b0b3a0f","size":996,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-05-30T01:00:28.010777Z","times_seen":264,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/weui.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2d509279b32ca4e47fc1b9208f604f7","sha1":"9d5157bf10eb7e2a24593ec7168ae95289299899","sha256":"e292ce67ecbecc4ff34ee38d51c8dda6e71597f7ae44a2e9980f1da0be246c50","sha512":"3525e32a00a8f3b6f4c52e90143cd8811d04aa382e5c4fa85dda30d18e44a6c143627ac484c1a15fdc03b2b999b52b1e3f0ca19b3ee5822f66f5d3a7c4a79ca4","ssdeep":"384:CuQzFSVlyfFD364d7X7fhFuZgkmQUxXe8NcztGcpnGcu6O1/cbivDFA7B2a/RaVW:MjXZ7fNkmQU88Ncz1talRcbEDf+iD1O","tlshash":"a1f2d7983281b4e623d350b5443f560fb33a4c3a98077400b7b4d9e56fb89ea56b7f29","size":36806,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-06-06T17:19:11.910111Z","times_seen":684,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/zepto.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2dd2e0f33e6b0fe9d4800aef6199e605","sha1":"50e5731db220ebef453bc8b45b0653faca6f8b99","sha256":"29fd5016efe08849f1124ff05b0658d6579e6826fda0569fc1b77598c0e56036","sha512":"c0c380eafa19ff621cc7d74fa8b782b28b7c8bb2e72d88a6887d0367f5710befe616b8d33903cec1cf4d671ef27f2e25ce58914b9cf770a4ddc48140a732f740","ssdeep":"384:WRWPO3mlNwpEiFT4wQpNWdkLSDei2uFHs0YB35FYQtoskIX9:jxlNwpjoERT2KHXYp5JkIX9","tlshash":"59d272ccb2c2b46707a7b1b8506f624bf23a6889380e4454f169e8e57c7890e9577f7c","size":29237,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-06-06T17:19:11.897502Z","times_seen":778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/common.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bbaa3ba82eabac17365b789a50885a52","sha1":"72daa321d794ab876e580a3d74c8c93c7bf3ec91","sha256":"ce9f8f9bb4e5eef2462667de0e76e65bd65c6e670cef61b5e76ed47be6813cf9","sha512":"0004dc6643aa9a056edd186964e70964886558ad9dfd8208c8d8183faffb84a636728447817e5c89f2102cc0b5ef85aeceb6a64571b5562a84cbef7f2c4a312b","ssdeep":"","tlshash":"a4713098b34c912b10f673319abf1909d83ba5734103d408f95ca0853ff825eb3a6ee9","size":3807,"data":"","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-05-30T01:00:27.986607Z","times_seen":353,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/index/index/index/jumplang/en-cn.html","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"92a328a5cbddf300431e812a6a8fe405","sha1":"a6d7ea0ac0371ee697122fa6d6cbfc0e80897f81","sha256":"830a8e9973e2364d3d791485fc0a3bf976e9bb3c0fbef5f328db9e75b2e1a9de","sha512":"0e27632151f7dadcf5c276123db417178e19bf035cf84daad9b4a91ce1382b79c174cf0f111bf6aeef479f6423ee9fbf63ec87889a0dfe043db823bf94d4fdfc","ssdeep":"","tlshash":"8e014908e795195579b6304ecc7f3ec81e32a8033ec10c5a395c30f0bf9ba29e925e18","size":678,"data":"","first_seen":"2025-03-11T04:18:30.807446Z","last_seen":"2026-05-12T09:58:36.386104Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/index/index/index/jumplang/en-cn.html","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"59ac69dbd041d7381e3a781c587b259f","sha1":"8b6ad5d7ef6dc30a354f104219e6531d4151f4f8","sha256":"11095bc26ca936d222434738da05ed801ee0a141e08efd4fa4f981883125fed4","sha512":"da1de957856c6823908aa481f6468f5e19c2b295b14daa017889aa2cd466306b1f34f05330cec57b62a9001b48235583abe56341513921ce42ce85b58750985a","ssdeep":"","tlshash":"4cd0a784530c343953b7cc65847ca2010e7c1944504bd4be40c18cc4c9e713507dad94","size":234,"data":"","first_seen":"2024-05-01T16:53:09Z","last_seen":"2026-05-12T09:58:36.386681Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/jquery.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-06-07T12:17:52.805232Z","times_seen":68493,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/plugin/swiper/yy.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05ed2352d599c6fbebbbf11feb5991d2","sha1":"b6d563caec0f9a8d45649ad9bcc08fd0c3b857b5","sha256":"6d8df9de53c93ee22a1079caf784d80da2fb435ac9d6ec196335004ef5aae438","sha512":"04d86028bc84e3eba9a93ddf308ec4d9e52328900e1faa94962f79dcb5de5cd63459d759eea3f4b701519c8daea7761aaf42de01cd412268d44bdfb3fc800493","ssdeep":"","tlshash":"ad318de69a769305526ae029579f3f2321b308771008e8947a4dc7086fed3cb061fbad","size":1745,"data":"","first_seen":"2024-06-02T21:14:46Z","last_seen":"2026-05-12T09:58:36.356145Z","times_seen":82,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/zepto.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2dd2e0f33e6b0fe9d4800aef6199e605","sha1":"50e5731db220ebef453bc8b45b0653faca6f8b99","sha256":"29fd5016efe08849f1124ff05b0658d6579e6826fda0569fc1b77598c0e56036","sha512":"c0c380eafa19ff621cc7d74fa8b782b28b7c8bb2e72d88a6887d0367f5710befe616b8d33903cec1cf4d671ef27f2e25ce58914b9cf770a4ddc48140a732f740","ssdeep":"384:WRWPO3mlNwpEiFT4wQpNWdkLSDei2uFHs0YB35FYQtoskIX9:jxlNwpjoERT2KHXYp5JkIX9","tlshash":"59d272ccb2c2b46707a7b1b8506f624bf23a6889380e4454f169e8e57c7890e9577f7c","size":29237,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-06-06T17:19:11.897502Z","times_seen":778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/layer3.1/layer.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","size":22104,"data":"","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-06-07T12:12:51.412732Z","times_seen":5691,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/jquery.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-06-07T12:17:52.805232Z","times_seen":68493,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/plugin/swiper/swiper-3.4.2.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb13ef3e875ca3497ede35d3774be9d3","sha1":"ab0743a89d522438c17ae7eaf5943fd4590ee3d0","sha256":"4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083","sha512":"7b9fba1a93c724bc53e1dd4e27e59534430076346ddc73b24fcb71c9b7cb831321a70ffa38797185f7108ee64a18f1fa08cf2b7ccf2dbfc03e767b23187814c5","ssdeep":"1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTR:LTX73uTq/","tlshash":"0d93d66eb314f3e295d3214a675ac64122f21706b809dae870b54c4a68bcc5d03bffbd","size":96419,"data":"","first_seen":"2023-03-07T01:17:19Z","last_seen":"2026-06-07T06:45:39.268953Z","times_seen":3477,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/plugin/swiper/yy.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05ed2352d599c6fbebbbf11feb5991d2","sha1":"b6d563caec0f9a8d45649ad9bcc08fd0c3b857b5","sha256":"6d8df9de53c93ee22a1079caf784d80da2fb435ac9d6ec196335004ef5aae438","sha512":"04d86028bc84e3eba9a93ddf308ec4d9e52328900e1faa94962f79dcb5de5cd63459d759eea3f4b701519c8daea7761aaf42de01cd412268d44bdfb3fc800493","ssdeep":"","tlshash":"ad318de69a769305526ae029579f3f2321b308771008e8947a4dc7086fed3cb061fbad","size":1745,"data":"","first_seen":"2024-06-02T21:14:46Z","last_seen":"2026-05-12T09:58:36.356145Z","times_seen":82,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/weui.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2d509279b32ca4e47fc1b9208f604f7","sha1":"9d5157bf10eb7e2a24593ec7168ae95289299899","sha256":"e292ce67ecbecc4ff34ee38d51c8dda6e71597f7ae44a2e9980f1da0be246c50","sha512":"3525e32a00a8f3b6f4c52e90143cd8811d04aa382e5c4fa85dda30d18e44a6c143627ac484c1a15fdc03b2b999b52b1e3f0ca19b3ee5822f66f5d3a7c4a79ca4","ssdeep":"384:CuQzFSVlyfFD364d7X7fhFuZgkmQUxXe8NcztGcpnGcu6O1/cbivDFA7B2a/RaVW:MjXZ7fNkmQU88Ncz1talRcbEDf+iD1O","tlshash":"a1f2d7983281b4e623d350b5443f560fb33a4c3a98077400b7b4d9e56fb89ea56b7f29","size":36806,"data":"","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-06-06T17:19:11.910111Z","times_seen":684,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"zxswy.com/image/weui.css","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/weui.css HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Jan 2024 09:26:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65aa4030-c5296\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":807574,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (786)","md5":"9ff14bfa1b8db0f075ef08c1d7fbc75b","sha1":"9aabe00c4282e3c48ab4891ce4e6d8da3fbef864","sha256":"a06eb942ce0197d887cbcf7da8f356c0898b67b7492ad2dcafa0bc73960d3d77","sha512":"02daadfec11b8613e04d49be034ad2cf59c32845f7c814a51659175db036dcbeaec672e8a27fb3d0fe34a9238423bd5806b357f6501845560e1126025cedd73d","ssdeep":"12288:PcNlDoIcChMhwlsssrAcE7WHsUbk2jsu2PIb2vO3+y6NdG7XzUftCFIJlpGn4hQF:PcNllcChMhkrG","tlshash":"bc053aef9e587605b41e570a71c3da5ba32b5543249261ce98ddf280cf3aacf72e052c","first_seen":"2024-05-01T16:53:09Z","last_seen":"2026-05-12T09:58:36.379728Z","times_seen":195,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/zepto.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/zepto.min.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-7235\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29237,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29237), with no line terminators","md5":"2dd2e0f33e6b0fe9d4800aef6199e605","sha1":"50e5731db220ebef453bc8b45b0653faca6f8b99","sha256":"29fd5016efe08849f1124ff05b0658d6579e6826fda0569fc1b77598c0e56036","sha512":"c0c380eafa19ff621cc7d74fa8b782b28b7c8bb2e72d88a6887d0367f5710befe616b8d33903cec1cf4d671ef27f2e25ce58914b9cf770a4ddc48140a732f740","ssdeep":"384:WRWPO3mlNwpEiFT4wQpNWdkLSDei2uFHs0YB35FYQtoskIX9:jxlNwpjoERT2KHXYp5JkIX9","tlshash":"59d272ccb2c2b46707a7b1b8506f624bf23a6889380e4454f169e8e57c7890e9577f7c","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-06-06T17:19:11.897502Z","times_seen":778,"resource_available":true,"data":null}},"time_used":339,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":339,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/nav_icon_1.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/nav_icon_1.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c2e-10e2\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4322,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"243898897798afc237a02919dc231f87","sha1":"7fde85148bbc029b49bab5b22cc31f4a39984ef8","sha256":"d032cd3e3944ec6ddc59100c977ca8871cefc4ec99a921d9c8c7f90a96d6b45f","sha512":"9d05f7f1ba3112ba9c99c9ee401c4430b42cdc136d35731df15f6410c846fca958c17bdff794286dda1aae7cd4c0afc8511feb9d47f19435e318167192b71003","ssdeep":"96:2m0GptgO1FSyTWPdsCElMoxkV0+e4/DdEj8DlrUp:ftXXrCwlBxW0+e4pEcAp","tlshash":"c4917f5b0301cef0141ba277365742c331f72504055b3b44929f7eee9b9a69b31e87e6","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-05-12T09:58:36.352054Z","times_seen":147,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":347,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/nav_icon_8.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/nav_icon_8.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:19:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c35-19da\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6618,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"42a23a8291ce089f5c7768230eb2dea0","sha1":"de9691aba3b82bcb53253267d897500125386860","sha256":"8b67eebad2e63b7ce2605bad392af06aa2abdc4aa0affeb87aef02f3ac849c43","sha512":"ee04d7154c5edc3286bbe2821e5fad2d9d6d3eacc8e24d96bcbd44f7201465b0e5fe8d198c20e8070c4a49e19c1e6d7bc509ba688cdbeee2c69ffa612cf6495c","ssdeep":"96:kbDlhpDd1XCiLTEu+Wn6BjNR6cHfEanzBKA6uz4wvo0myVltLC8fbBUZVFaKXi6O:6hpxNr61fFMWBKK/v1jND6ZCKX2QHc","tlshash":"c0d18d739b51a2396c483fa7607d632bda9e1852f7fd2f172c4cc9982700210196bb33","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-05-12T09:58:36.375255Z","times_seen":150,"resource_available":false,"data":null}},"time_used":619,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":619,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/index/index/index/jumplang/en-cn.html","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-06T10:15:51.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /index/index/index/jumplang/en-cn.html HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zxswy.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Zepto","description":"","website":"https://zeptojs.com","common_platform_enumeration":"","icon":"Zepto.png","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8396,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"a2dab81f6b44500f8f8f293045ec6ac6","sha1":"202a82f7a4d21349c867272d8d04ccde2d94ed6f","sha256":"81c1026ac5bb409658d921e5ff467acfb3b265a848c6381d0318c3fef09ce619","sha512":"a8576654d3f19122dd2e71c4be7d79a85f0b8735909c23bfc20755200a0a930e74b6d2fafdfe57ac2425736ae3cdaffcb555b5abaaf360023730895cb6a15acf","ssdeep":"192:iIDfZNEvxucMeoUWp9eHSO6VKZO8/lhUP:iIDfZNEvxi/J4lhM","tlshash":"27026524a78d1da700131561b2356bdda43f6e02ca138911f1ff165bafe9dc4ac3b85b","first_seen":"2025-08-12T16:38:40.50221Z","last_seen":"2026-05-09T20:20:30.593013Z","times_seen":20,"resource_available":true,"data":null}},"time_used":380,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":380,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/202311143.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/202311143.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 08 Jan 2024 16:52:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"659c283a-2abe3\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":175075,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1280x956, components 3","md5":"4d761e1f94a4db25fed48d4f08bc304b","sha1":"dbbe40388a2b4417eb3dfed3307ae8d6ae5913f2","sha256":"cd83bee4b58fee4bb5370776b92c83cb7e59e61e4d0364dc83a937142ab37f6a","sha512":"69b30d609338980b1408f0f8c65c2158d7660b25c82cccff7b7deaaaf42fb2f632980b321444832297d34b003b1a78a54ebb030f6f29f81221bcfca1c8199409","ssdeep":"3072:awQv2APqxleOWfTCteEdC/hQJZ9vbbUtpcBf2dO4p9tfSzwEqiYPxnA:awnKqGT4eEtpyzdOIVSzw3P2","tlshash":"9104128749ea4418cef13e3ce37924e3026ffe21605cd7d64aabfb2095279bc8579416","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-05-12T09:58:36.37182Z","times_seen":149,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/202311144.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/202311144.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 08 Jan 2024 16:26:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"659c223a-203fb\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":132091,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1280x720, components 3","md5":"49eaa0c616649d483fb7dd743734e5eb","sha1":"9c14fba9384ab4bd7b14886990f977fbd5d28beb","sha256":"12046319753ef51b126145845ff46a66c87f49bdfd6414ae3080467b56ab01a6","sha512":"06f04d05ae73cc88f90af9a04a3776782c820ee2edf4237a7d86c1fcfcb6689d6982146839a5de891eeaf6fa4e7fdd1c3cc7775ad013cd11017d22998bd15779","ssdeep":"3072:tiIFwYOXtWAHPmlE9aniwjr0CLr4abHUgp88Py:tYYOXUUPmvniqrhRbHs86","tlshash":"58d312b2e58fb7751191d99882aaf43c7bc9742c943470ce2a25a253b1b95a4031fbcf","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-05-12T09:58:36.372699Z","times_seen":149,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/nav6.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/nav6.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 14 Feb 2023 06:34:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63eb2b8c-11c7\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4551,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced","md5":"2b48a5119ae2577ba771b1a56255cf21","sha1":"4b76aa263b1500ebbdd664c57236c06aec5042da","sha256":"352d1d21f87dd1eb47b34b0355728f0d9a15cdda8c7ef5141115c09333896ae1","sha512":"e9292c7a2c1f75db0f3de77d7f287c57b67207d52c5b8910fc13a3638695149cd733df621046e9c59a6b4012d4b3a87a943dc995ad0e161e7ef2359de84e2319","ssdeep":"96:OSMllcHitlIxv9vk7C1+I4wWHLihk/x8TvsczDwULotvw5EQT9jb:OSHIIHUCD4waCrJB0tvhQJjb","tlshash":"a4916dcb8584459c10090a6d3467db4f9aa39554d3debf248ebd930e9111c72bc75bcf","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-05-30T01:00:28.003778Z","times_seen":296,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/BCH-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/BCH-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:42:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dfac-c04\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3076,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"fcfb7466550d39410a0e2758aaf9ff2a","sha1":"26a356bee175ce6b7ef55c6ce470eff379217945","sha256":"bbc99d3b87bcf83df144951705c018abc5964a929e598311ee1e11728cf462c5","sha512":"41e7a27ea5cdefdd81bba731588a52e541c4abbb21a9d78e63973c8b910024763a632ed6ea7b3fb2d28c19398caa0d806fcdc2b1a023b767edc75e0792a6b39c","ssdeep":"","tlshash":"1c515dc6667a101e8e8e961f6d957276757359994804880ee08139466cf6d5380772d2","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-05-12T09:58:36.349783Z","times_seen":170,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/zepto.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/zepto.min.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-7235\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29237,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29237), with no line terminators","md5":"2dd2e0f33e6b0fe9d4800aef6199e605","sha1":"50e5731db220ebef453bc8b45b0653faca6f8b99","sha256":"29fd5016efe08849f1124ff05b0658d6579e6826fda0569fc1b77598c0e56036","sha512":"c0c380eafa19ff621cc7d74fa8b782b28b7c8bb2e72d88a6887d0367f5710befe616b8d33903cec1cf4d671ef27f2e25ce58914b9cf770a4ddc48140a732f740","ssdeep":"384:WRWPO3mlNwpEiFT4wQpNWdkLSDei2uFHs0YB35FYQtoskIX9:jxlNwpjoERT2KHXYp5JkIX9","tlshash":"59d272ccb2c2b46707a7b1b8506f624bf23a6889380e4454f169e8e57c7890e9577f7c","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-06-06T17:19:11.897502Z","times_seen":778,"resource_available":true,"data":null}},"time_used":1267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/plugin/swiper/swiper-3.4.2.min.css","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /plugin/swiper/swiper-3.4.2.min.css HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Sep 2020 09:36:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5f4f678e-455f\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17759,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17459)","md5":"6af34d0737ad0ca608111771cf74cc79","sha1":"15d0417baa08a741c6aee19fdfbf4813635f98f8","sha256":"47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812","sha512":"74b738d66a9da306308153c683bfe1fc784bdf34166492eb4e76ea015c32bdf1f01c5f97a6c7eee5459c13b04e8dc63f7ffd20579e6808fed467e0896abe4baa","ssdeep":"192:bgG0GpaNCO8jrfg5WHmXgyXyzSHF68DJB0SwD:bgG52CXfgWHfyXyzSl68Pe","tlshash":"2982832c17002067f6324f1947c9e77c9715c893ae0368ef6650de48cbbb5a9227f796","first_seen":"2023-04-05T14:33:33Z","last_seen":"2026-06-07T12:40:53.585274Z","times_seen":5219,"resource_available":false,"data":null}},"time_used":1262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/common.css","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/common.css HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 16 Dec 2023 08:35:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"657d616f-2292\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8850,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text","md5":"5efc94146d41959a0ed7be06f2557cc7","sha1":"2e03a6b70ae7fd2474771a2e14a6c78b985fc750","sha256":"6968ee2e91a3c244a1f4b86e168ec713219739e1104df3244a7aa316d64031d1","sha512":"6452172b442435d301b0f63993b953a8457f995e133487cea6dc7cb171f618fbe609544bf10025b75cc2f08fabeb7c8621a9816c53a3d15679393b0ab52c4bab","ssdeep":"96:epXQmxdt9YxYk6mC+rd++Zaj1Bjx6CNvxVUWxWR08uNwiSHrKi:eamhWOk6mC+c+mBj4QxVUWER08uNri","tlshash":"a4027429da162104f163f2fbbee5978a17298107d6130afdb5a43661db8e1dc04b3bcd","first_seen":"2024-08-20T01:27:55.762213Z","last_seen":"2026-05-12T09:58:36.350851Z","times_seen":96,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/202311142.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/202311142.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 10:35:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"659143dd-3f6d\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16237,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 640x320, components 3","md5":"4d1fe6ab7c741f7f97fa4f9a8b12b154","sha1":"6cc39f5f1390174c06f77cb88c50a8b3d48ba0b8","sha256":"18379f1348f23ddbd4db662dffbe34488ce5e8ecb9650e8e0b649f9482839e2f","sha512":"4171dd3dce135edafbb5f0e13d762c3464b417ebce7e54cdcfc8d9ffcedd81b6dd5f4b462596c6fa6af1d52a2fa0e2c7d58d336bf59725f6e4043d157b514841","ssdeep":"384:KgqixN4KmQeerDVHp2VZT75KoFfaCZqG5e:KgB4KmfEDVoT75JauM","tlshash":"a472d0896b308337c6ecf074eba5c646f35f9e42da06dce44148a2f949a34d4dea16d1","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-05-12T09:58:36.376563Z","times_seen":146,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/TRX-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/TRX-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:42:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dfd0-11b0\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4528,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"1d77da93520c88008e6efc75e954edf3","sha1":"e2b795820521385e41a0bfaa0e12d208db8ebfa6","sha256":"324c88420af365a9424bc78e7f7092d27b9b36882e4c51ce2c6cf73512101b88","sha512":"1e1e0e2290ee8c98303bea2fd4b4a4ca243fee7c4de542e8e3377cb2739cfde020422322b739047609b6bbf1d8633f7d68a796d36fd442ddab69fcd29d27e588","ssdeep":"96:/Ar5oyIISYQlwwcZD/75QXlv27KkrwrCgevbvOtutIe98:/Ar5VIiQlwhzWXl2+CXvWq8","tlshash":"0c916c4b3402f30bbf35ee663129bb2c955a3c341fa0201f2699906adb0cb7da977056","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-05-12T09:58:36.382299Z","times_seen":174,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/nav_icon_5.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/nav_icon_5.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c32-10af\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4271,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"54653dda2da5de0aeb60b829f9724e9b","sha1":"3b6c5b6fa622ee5ab61440daf134f44f0d865641","sha256":"751864391549cc69b9d70063c9fb14e6f012a9d31a3bf32f141f585a2143e73e","sha512":"462282e54bd4f08d68cd628ed8027316e9c6fb4d481a31a93daf2ebd7eb08ab2e2ecbdf29f95d52af803763bd33baf42870aff91930e7fcfcea8a8d1b6682059","ssdeep":"96:p/nqM3OA+Ca0PA4GqqYcOVTN/PdYARJ48dT7XKGwYQRrbB4:z34f0ozzPOVTZrRJ48dX3hQ9B4","tlshash":"fa914ac38f528db860f2ffe189f9e1a26961851d5ba4ae5c489cf8010007a76aac5e13","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-05-12T09:58:36.341791Z","times_seen":152,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-06T10:15:48.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:48 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: think_var=en-cn; path=/\nPHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2; path=/; HttpOnly\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Zepto","description":"","website":"https://zeptojs.com","common_platform_enumeration":"","icon":"Zepto.png","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":8396,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"a2dab81f6b44500f8f8f293045ec6ac6","sha1":"202a82f7a4d21349c867272d8d04ccde2d94ed6f","sha256":"81c1026ac5bb409658d921e5ff467acfb3b265a848c6381d0318c3fef09ce619","sha512":"a8576654d3f19122dd2e71c4be7d79a85f0b8735909c23bfc20755200a0a930e74b6d2fafdfe57ac2425736ae3cdaffcb555b5abaaf360023730895cb6a15acf","ssdeep":"192:iIDfZNEvxucMeoUWp9eHSO6VKZO8/lhUP:iIDfZNEvxi/J4lhM","tlshash":"27026524a78d1da700131561b2356bdda43f6e02ca138911f1ff165bafe9dc4ac3b85b","first_seen":"2025-08-12T16:38:40.50221Z","last_seen":"2026-05-09T20:20:30.593013Z","times_seen":20,"resource_available":true,"data":null}},"time_used":1777,"timings":{"blocked":697,"dns":56,"connect":316,"send":0,"wait":383,"receive":0,"ssl":322},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/weui.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/weui.min.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-8fc6\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36806,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30581)","md5":"b2d509279b32ca4e47fc1b9208f604f7","sha1":"9d5157bf10eb7e2a24593ec7168ae95289299899","sha256":"e292ce67ecbecc4ff34ee38d51c8dda6e71597f7ae44a2e9980f1da0be246c50","sha512":"3525e32a00a8f3b6f4c52e90143cd8811d04aa382e5c4fa85dda30d18e44a6c143627ac484c1a15fdc03b2b999b52b1e3f0ca19b3ee5822f66f5d3a7c4a79ca4","ssdeep":"384:CuQzFSVlyfFD364d7X7fhFuZgkmQUxXe8NcztGcpnGcu6O1/cbivDFA7B2a/RaVW:MjXZ7fNkmQU88Ncz1talRcbEDf+iD1O","tlshash":"a1f2d7983281b4e623d350b5443f560fb33a4c3a98077400b7b4d9e56fb89ea56b7f29","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-06-06T17:19:11.910111Z","times_seen":684,"resource_available":true,"data":null}},"time_used":1265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/plugin/swiper/swiper-3.4.2.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /plugin/swiper/swiper-3.4.2.min.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Sep 2020 09:36:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5f4f678e-178a3\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96419,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31999)","md5":"fb13ef3e875ca3497ede35d3774be9d3","sha1":"ab0743a89d522438c17ae7eaf5943fd4590ee3d0","sha256":"4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083","sha512":"7b9fba1a93c724bc53e1dd4e27e59534430076346ddc73b24fcb71c9b7cb831321a70ffa38797185f7108ee64a18f1fa08cf2b7ccf2dbfc03e767b23187814c5","ssdeep":"1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTR:LTX73uTq/","tlshash":"0d93d66eb314f3e295d3214a675ac64122f21706b809dae870b54c4a68bcc5d03bffbd","first_seen":"2023-03-07T01:17:19Z","last_seen":"2026-06-07T06:45:39.268953Z","times_seen":3477,"resource_available":true,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/index/okx/market/type/2.html","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"POST /index/okx/market/type/2.html HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nOrigin: https://zxswy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17253,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"9928525c0e62b6618dbf2df67ccd71c7","sha1":"fa559224981b3fec7f97eafb497b9bb62aee9ae3","sha256":"69a6a8f3d2da58c76004bb7d1a76b62cda072132084db1c812fc3c6061fd7062","sha512":"0edc74be586b40baef037c433930f2d6b468a69010b293535a0a3984c57a1b22782d379bfc24c5131581dae9954d88b863f45fbd1185eefba46618b72a5a0a81","ssdeep":"192:YaVraVPaVbxaVtaVOaVBaVuaVgaVqaVhaVzaVVaVVaVB:JC2Mkv4PBLY688B","tlshash":"6f72213118beb113126643b86179267ebc430d4ffb73590066aab359eb8dc04b98add8","first_seen":"2026-03-06T10:16:13.368332Z","last_seen":"2026-03-06T10:16:13.368332Z","times_seen":1,"resource_available":false,"data":null}},"time_used":533,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":533,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/ETH-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/ETH-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:41:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405df84-d60\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3424,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"0238fdc6d1d9ba2111134f8f53c27267","sha1":"a3628e2a0ea8736d9a3bfbae07222758a390e89d","sha256":"31862adaf2e2ac7b7636af6fa53d81d2dbbbc23668b8a922469edd7e1b55f952","sha512":"a49c894824687fd1fc2b8a7808a34a3e036f9ecb90dff68421fd87e1a1e55ff44f89d1357651e40785306b0b44fb23acb8aa725a87d13f49f0188c3b3f3329ed","ssdeep":"","tlshash":"46617d661f25a2f4e4751b184f18df31aad22c64c101f84fad8323e43d4d21245aefd4","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-05-12T09:58:36.381672Z","times_seen":167,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/XRP-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/XRP-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:44:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405e02e-eab\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3755,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"336e89752e43f0420d730aba7079db57","sha1":"b3a07bf4a3ddb0fc9195f4f66418647f5e04acfb","sha256":"238a85ea6f23f3385103514d346a85b4fc4ba740617a7e8010ac1910bb6420c9","sha512":"ce626edbddc0589adae16de97c4d178b8a706d6f32c0f766e97c4edb183b81aa70a0607f88c3680e2bfb56b87b712805c2af7f66b7ed6ca7cd23e3f58cf9e244","ssdeep":"","tlshash":"72713ae99a674323ff1670c10abd0fb8ed3dc32546e529e82b1d2e84ef035c00a68884","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-05-12T09:58:36.375933Z","times_seen":175,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/common.css","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/common.css HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 16 Dec 2023 08:35:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"657d616f-2292\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8850,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text","md5":"5efc94146d41959a0ed7be06f2557cc7","sha1":"2e03a6b70ae7fd2474771a2e14a6c78b985fc750","sha256":"6968ee2e91a3c244a1f4b86e168ec713219739e1104df3244a7aa316d64031d1","sha512":"6452172b442435d301b0f63993b953a8457f995e133487cea6dc7cb171f618fbe609544bf10025b75cc2f08fabeb7c8621a9816c53a3d15679393b0ab52c4bab","ssdeep":"96:epXQmxdt9YxYk6mC+rd++Zaj1Bjx6CNvxVUWxWR08uNwiSHrKi:eamhWOk6mC+c+mBj4QxVUWER08uNri","tlshash":"a4027429da162104f163f2fbbee5978a17298107d6130afdb5a43661db8e1dc04b3bcd","first_seen":"2024-08-20T01:27:55.762213Z","last_seen":"2026-05-12T09:58:36.350851Z","times_seen":96,"resource_available":false,"data":null}},"time_used":1262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/jquery.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/jquery.min.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-169d5\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-06-07T12:17:52.805232Z","times_seen":68493,"resource_available":true,"data":null}},"time_used":339,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":339,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/nav_icon_2.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/nav_icon_2.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c2f-1252\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4690,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"3c08c6452a2aa332ea43ca5a61ad823c","sha1":"55228e0c667594e5c7f185aeebb4b38aecdd61bb","sha256":"0f8ccc06f4a0bf3aa31379d887b8a85a6765d8b8de9cf4c709a243c6426f5cde","sha512":"af611f593568e5620a35fe0366035fed8482a135726e14448af29fc8963174e2c85a6e19a99d064aa7af63614859b0b5f93c8cb42ed82b0c9fee574ff30db3a0","ssdeep":"96:pLmm2om5GBPx82M4HfFHUfZOW4v4HIWPDeq0gRX/65cRdt:pGtIBPx82M4/csvcIGDDRX/zn","tlshash":"53a17c9b8b263b01042e41c62bdeeab6444984dccdd20806e14faca6b91ea9061f5c37","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-05-12T09:58:36.368411Z","times_seen":147,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/nav_icon_4.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/nav_icon_4.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c32-2fae\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12206,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x375, components 3","md5":"fc3f80768c2e19a7603d79869a4e2256","sha1":"292ce293568486f8afe0187730c025bbfca10d6d","sha256":"eab0f5eda748f82ab0cf809c0b77353146840d28058321b01fdafedaa02d35dc","sha512":"c7cf6ba064f1e425a89d62777097ae90a641c8e89ccc610d988facf13bffe7508a67e3e4eeee2f83bd19107b1b38590aa49b57a7df28cefbeb68a6e0b4d98fa0","ssdeep":"192:I/fJdOoTx8VQD/Kkn0FFcqYuBJNI58x0KhU7MG0JictCrV1L7gnKhrdsJ3hqGJq:uhdHd8VQDW6i67+octCr/L7d/G0GQ","tlshash":"d042ad573b68563dda75693b066a0be83f823e4404306827e86be1d494ceb341ddf6d3","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-05-12T09:58:36.357884Z","times_seen":146,"resource_available":false,"data":null}},"time_used":619,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":619,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/LTC-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/LTC-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:38:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405deae-188b\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6283,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"dca3baa74655281c8b110af414301239","sha1":"91270f66491c87379658135e36085e6135ec7711","sha256":"e7bff393a9638d5f5d6a705704dbf525179c17e79938cce1dbcf843834c0e319","sha512":"a84b5e9288569f2470edd56cdc285d442488b5b70e715c026cd459bc95e8804624fe13097d7637403d623b1595c916ddac0e0deba9580191f0ab4d6bb6867868","ssdeep":"192:CIHVMUsen10sEX6QcfbjVFyy1Fuazs5eilreriVN:CeuLenisEKp8UFuEi/VN","tlshash":"73d1ae11b2cfd571221b3e96f41282990f7a32398cc8aebf8a470514c40bd889e56f73","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-05-12T09:58:36.354655Z","times_seen":173,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/LINK-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/LINK-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:39:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405deea-aa4\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2724,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"9d8794d5f0af4ba9cc148e220721efb4","sha1":"fc0834249a27b37715a8ec73d6311a128b342a97","sha256":"68f6bf170e0cc6f176a00bff0dad9765ef1479d1f57df702132a1c565d6aa80a","sha512":"242b297da1dd6b24f3fdd3c778b057cce8af59e43f91c10f3709f5c01ed5e2cc1ad7540ee11ae038623d50358a66514eac85b9f0ab5c50a3dc2aebce2bf40554","ssdeep":"","tlshash":"db516c43c60e16ec4a091417d6a7acffa7b1e903463c1ba36685ac3cac2b08d20d6688","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-05-12T09:58:36.377193Z","times_seen":172,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/plugin/swiper/yy.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /plugin/swiper/yy.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 02 Jun 2024 07:55:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"665c257d-6d1\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1745,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"05ed2352d599c6fbebbbf11feb5991d2","sha1":"b6d563caec0f9a8d45649ad9bcc08fd0c3b857b5","sha256":"6d8df9de53c93ee22a1079caf784d80da2fb435ac9d6ec196335004ef5aae438","sha512":"04d86028bc84e3eba9a93ddf308ec4d9e52328900e1faa94962f79dcb5de5cd63459d759eea3f4b701519c8daea7761aaf42de01cd412268d44bdfb3fc800493","ssdeep":"","tlshash":"ad318de69a769305526ae029579f3f2321b308771008e8947a4dc7086fed3cb061fbad","first_seen":"2024-06-02T21:14:46Z","last_seen":"2026-05-12T09:58:36.356145Z","times_seen":82,"resource_available":true,"data":null}},"time_used":1259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/plugin/swiper/swiper-3.4.2.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /plugin/swiper/swiper-3.4.2.min.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Sep 2020 09:36:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5f4f678e-178a3\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96419,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31999)","md5":"fb13ef3e875ca3497ede35d3774be9d3","sha1":"ab0743a89d522438c17ae7eaf5943fd4590ee3d0","sha256":"4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083","sha512":"7b9fba1a93c724bc53e1dd4e27e59534430076346ddc73b24fcb71c9b7cb831321a70ffa38797185f7108ee64a18f1fa08cf2b7ccf2dbfc03e767b23187814c5","ssdeep":"1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTR:LTX73uTq/","tlshash":"0d93d66eb314f3e295d3214a675ac64122f21706b809dae870b54c4a68bcc5d03bffbd","first_seen":"2023-03-07T01:17:19Z","last_seen":"2026-06-07T06:45:39.268953Z","times_seen":3477,"resource_available":true,"data":null}},"time_used":1259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/plugin/swiper/swiper-3.4.2.min.css","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /plugin/swiper/swiper-3.4.2.min.css HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Sep 2020 09:36:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5f4f678e-455f\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17759,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17459)","md5":"6af34d0737ad0ca608111771cf74cc79","sha1":"15d0417baa08a741c6aee19fdfbf4813635f98f8","sha256":"47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812","sha512":"74b738d66a9da306308153c683bfe1fc784bdf34166492eb4e76ea015c32bdf1f01c5f97a6c7eee5459c13b04e8dc63f7ffd20579e6808fed467e0896abe4baa","ssdeep":"192:bgG0GpaNCO8jrfg5WHmXgyXyzSHF68DJB0SwD:bgG52CXfgWHfyXyzSl68Pe","tlshash":"2982832c17002067f6324f1947c9e77c9715c893ae0368ef6650de48cbbb5a9227f796","first_seen":"2023-04-05T14:33:33Z","last_seen":"2026-06-07T12:40:53.585274Z","times_seen":5219,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":339,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/UNI-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/UNI-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:38:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dec0-18c3\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6339,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"261fbb817252346260b9ce0b6f6f951c","sha1":"76b5c24ff99404da8d4e9135f256c86db0dfc814","sha256":"ca5848d2e54909c1045e562b08e3dda2e3ceff28c5acbcb171e7d7f66476ebfc","sha512":"d9f424bd7dda043c6be7bdf163291a9efe2d6e120fc9519ac37512e9fdebf0f1acf60a6460f695e8e302e9af866b06c525f59b7e15ce1be7ff0213cdd4573e8c","ssdeep":"96:TbcqH/sPEdDNRb5oyD7FECXcAQIPh+jpHELTFUeg1/MjWd4hNbYt0:TbRH/WEJ/H0OhIpH+iqGRK","tlshash":"41d1ae33b2bd16b4759e00e6e0ec70243ef1958857f3655e88b03cb7a58f07ba668865","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-05-12T09:58:36.343667Z","times_seen":170,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/AAVE-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/AAVE-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:42:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dfba-1680\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5760,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"3493cff3bc1a5c0fab9e2b4e3d56d02d","sha1":"e59f811144da48fea79af0e88af77236d4db35b9","sha256":"1170e6b6853e8a1289dd1bc53e0d50ff051e01a0a85db14b7132962138de2904","sha512":"96f68a8d893eea9971c29500349552ddb92136d0808f6219727e54f774256ae13971d88be2aade654c7487e644469b291d5a8b1c879d5d072b28cb2f59cacf28","ssdeep":"96:iRnB+OYStZ8p72ZLMI4W5xdFccHdNVOrNj8+GrDSvf79JFKpgKdd0XrXnLjK2bN:e+OD8ZMLMI4WLf9LC4ZDSv5J4p/ojLNh","tlshash":"6cc18e8978d6beb7e0e59d144788f1f4b28021646873da7fda9cd3c624251373eb628c","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-05-12T09:58:36.367746Z","times_seen":169,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/nav_icon_3.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/nav_icon_3.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c31-1c4f\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7247,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x450, components 3","md5":"4b4859e0e22787403478697c59363298","sha1":"6b1f35be403f9692cd3aaf23c83337f292f74a43","sha256":"05ecb8dbe9bd556cf96e70e2f18fd3719fdc831685edfae07fdca148ed7d8e2a","sha512":"4d2c1ba4ac3643049182bbba53edabf878f3e6988f2a991b5e61674c2a57dbdc336805044b0da6723fd1fc0b9a415646b892c273ece9da83561d89e01e521b52","ssdeep":"96:FIxXrpMMpBvnt2AvbjG7Bih/LUHQ0uO444emKKKnKKcJ8hKKQKK6KKKGKK4orDqI:gtdnXb+Bih/LUv444Lb4+vTSyz23","tlshash":"5ee1171ebf403066cb239bb51fa89b72ef16fe04845d9727d81504d38a8f2f26d1a9c1","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-05-12T09:58:36.37844Z","times_seen":150,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/nav_icon_6.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/nav_icon_6.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 Dec 2023 12:18:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65915c33-2cda\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11482,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x450, components 3","md5":"e322787468fe4f8c92fa5aecf763f271","sha1":"babd8bdb46bfa06658011d65beec581bdab2eda1","sha256":"efe609a452a95993d4fff47ec36c2c5fcb5bc15a0ba2a850c6a0347348c14640","sha512":"6d459477b07033b9aac4ad5b0bb7a98e1c39c55d919f09936af7b21969a7f4c7372936856e89a4eb5ec0b63fa03ea1817d5bd582d61f61094a97f5c98085ab39","ssdeep":"192:0YnUvmjXwyNA1ILIGUhhhhhhhCB68pGUI2vhiB1kdPByPG/QDrfOiAWWepuKQauY:0YUv2XZGILshhhhhhhCBP/hkOyPYQDiq","tlshash":"47328e7e364870a5d80199f7019493470f2ebf625868fbdd5591d2c747ecde428c288b","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-05-12T09:58:36.345816Z","times_seen":146,"resource_available":false,"data":null}},"time_used":616,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":616,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/BTC-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/BTC-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:26:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dc04-1376\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"dce448708dbde74d8918b888de94c5ec","sha1":"6d567a4c470e21718e8448a50d88af49824f743e","sha256":"1a8495170f83ef4d9500d826134cbe44fa780e71e98d5246447e8e9ab7c9668f","sha512":"9183429b9d8002b6e3eb7418966231df222057e036214d4cdd7b01bb8b9e086e5e7850dc8590f9a270f7b82358aab565ae7e70b9737980346711a6e8cb43db5a","ssdeep":"96:QqmzEAvOLh8v+czzgs0wPYcGQjNMwEH4MeNU00RVp3ISeDpsEtPE7bx6K:OYRLaHzzwejNVEYMejYVOSeVFts7D","tlshash":"f2a17e8e830c6f35296705f31c1743ee157d8ea3dd6acbaf015997fa04086e94ea5f40","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-05-12T09:58:36.353051Z","times_seen":173,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/weui.css","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/weui.css HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/index/index/index/lang/en-cn.html","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-06T10:15:50.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /index/index/index/lang/en-cn.html HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nset-cookie: think_var=en-cn; path=/\r\ncache-control: no-cache,must-revalidate\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8396,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":641,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":641,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/layer3.1/layer.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /layer3.1/layer.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 05 Jun 2021 10:36:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60bb5394-5664\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22116,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22020)","md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-06-07T12:12:51.412732Z","times_seen":5691,"resource_available":true,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/DOGE-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/DOGE-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:39:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405df16-1577\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5495,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"eeca9e553e2b0bad66dd74237c2a152f","sha1":"3c4b7af63de3fb551ec51bb693543dbcefa140e1","sha256":"e021a9b4d08a84de4051a6d5e479b3da62327d650be0523b16086d5fd617cfc5","sha512":"cf0206e5c499adeaf3d046de83b5750229488576df767a16b30cbf006e1f778f52d44991b79358b1f4dff08dc37950c33f5b0e2906a7c55c4917096ad621381e","ssdeep":"96:wWdPZaIrmboZH77JLIxxSMJkV/EF8RG4vg6JORzQCqpGhZZRdrd+ZyCk:NjaImEZH7xYxSMJkVcOG4vbJUsmb+ZyJ","tlshash":"abb18e734563b2c40eaded86ae831569e221425d101364f98fe63ce58e85736c72886d","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-05-12T09:58:36.369641Z","times_seen":171,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/iconfont.css","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/iconfont.css HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 19 Dec 2021 14:48:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61bf463c-63ce\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25550,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20698)","md5":"7636674a9cc00e0ab274c0118bf30792","sha1":"f27a0be01fbbbf273a89d3c422379aec2764e686","sha256":"9fa256777e1db1a122b57fc40c30257f8f850a678bed98019d471e6df77eef75","sha512":"d689560eb32216bc369b734a97df8a0fd12cb53dfd23f9c424cb44199fbf151e5eda7764c88b97a31009627931522b7608f2917153ab0aceb94bd5c62d7bd735","ssdeep":"384:LBCVGK9CWi1Frac1AzSvwRf/S6a4ukK0SlgOLkQ3PJv4IpQCKWPlNU3PLLg1UXav:to/V6mc1lHFkKdXvZ4KVKWdNsrav","tlshash":"87b23cf499bd5ca41306e4d53342a760ef0d66a48d8b4d5bf3a73c9cb7e32018186aec","first_seen":"2023-05-09T00:01:32Z","last_seen":"2026-06-06T17:19:11.893616Z","times_seen":564,"resource_available":false,"data":null}},"time_used":1263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/bootstrap.min.css","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/bootstrap.min.css HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 16 Dec 2021 08:15:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61baf5be-1da71\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65369)","md5":"7f89537eaf606bff49f5cc1a7c24dbca","sha1":"b0972fdcce82fd583d4c2ccc3f2e3df7404a19d0","sha256":"6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11","sha512":"0e8a7fbd6de23ad6b27ab95802a0a0915af6693af612bc304d83af445529ce5d95842309ca3405d10f538d45c8a3a261b8cff78b4bd512dd9effb4109a71d0ab","ssdeep":"768:rf7Gxw/Tc/hOWlJ+UtVIuiHlqAmQI4X8OAdXFxbv8KIf2BdU+JdOMx1iVvH1FS:sw/YGGIuiHlqAmO8l1bNXdOqT","tlshash":"0dc3c7a0f21031ea7333c55a71d0fd872219a153e6664eb7f22f25d88f846ca1673f1a","first_seen":"2023-03-07T12:03:40Z","last_seen":"2026-06-07T11:07:11.646388Z","times_seen":19992,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/layer3.1/theme/default/layer.css?v=3.1.1","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /layer3.1/theme/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 05 Jun 2021 10:36:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60bb5394-381f\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14367,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14367), with no line terminators","md5":"3d2e0d91c5c0b96abb8dbdc2234aba77","sha1":"9d55e153b30fd7414fada5718e20918e9c7f65e7","sha256":"e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc","sha512":"42bf3eff281998d088ce012b9a5910f72951c91715595572bb968fbfc5fa2b1cddacef3ca683a1734eb41114b302b6a4dad8b7432c5877b3563a080a2547ae05","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXiK6nMLPD2OtLzXyPHL/LztJDzyv2OQ7KGx1jyd2/SWz:1WmLr2OtSrzzt42OQ7KGx1jCWR2b+RcU","tlshash":"2e5221e144811299b0278721d6dc7eba32f88d43e5630daef257381f874c6dba2b6647","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-06-07T05:39:54.06985Z","times_seen":6531,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/index/okx/market/type/1.html","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"POST /index/okx/market/type/1.html HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nOrigin: https://zxswy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7341,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"f048e9cce9aa8f0af6449191dfffe794","sha1":"ab1958a560715166ad78ce22b897a8b2dd603849","sha256":"d99a8a57f71d51fafb76026e35a9eaac061cb5747e22c0ac0bb963f27c63c0c7","sha512":"7b9b00e9d55a8452512ff65acfe73b23a3ed7d96c8de11665c945411a4ca0ddaa5cf57db0a29f2836e212df076b13c0aa35995939aed3c7646f6312a2b49cb4d","ssdeep":"48:YdX9C7cbR1UGQcyMx13gc81rpq7c9+1z+cc1Ijcu1c777cg1Odcj1hYcR1cHcX1y:/MusS+E+Myg7ZnJTAO0EQ","tlshash":"c5e18332257bb1a321538bb521e92a3f7553884cfe33c77052e5b619e78dc08de61e68","first_seen":"2026-03-06T10:16:13.389681Z","last_seen":"2026-03-06T10:16:13.389681Z","times_seen":1,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":441,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/ADA-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/ADA-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:42:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dfc4-14bd\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5309,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"e5c101c65496e6dc77dfa8fb8e67af67","sha1":"277ac9fba0d01b62dc4baeb37c542d58365071df","sha256":"0e6079f8406dbf5ef1796f8f9729193e04533cec705b9139d22e05272f455722","sha512":"dfc6ba3782c721ebd4ff21d0a4332be7b147c0c52a86cd8487839404c7c33ec3f0a21c81934b9a140b2110d12895fdf14207f6d8cf083df6554aae7d5d08d320","ssdeep":"96:FfyiASh3QtDNDEz3p994XVRlhV8blURe4BC53Ty9714T9UG0crd:FfyeQ9NAuRlhVC+A3TQ14Z5d","tlshash":"bab18d6e204fcd5ee1554e56560334312ede7808e88bd37c2a32360a188677dbbb75b3","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-05-12T09:58:36.346922Z","times_seen":168,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/en-cn.jpg","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/en-cn.jpg HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-07T08:18:02.147442Z","times_seen":523690,"resource_available":true,"data":null}},"time_used":370,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":370,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/bootstrap.min.css","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/bootstrap.min.css HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 16 Dec 2021 08:15:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61baf5be-1da71\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65369)","md5":"7f89537eaf606bff49f5cc1a7c24dbca","sha1":"b0972fdcce82fd583d4c2ccc3f2e3df7404a19d0","sha256":"6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11","sha512":"0e8a7fbd6de23ad6b27ab95802a0a0915af6693af612bc304d83af445529ce5d95842309ca3405d10f538d45c8a3a261b8cff78b4bd512dd9effb4109a71d0ab","ssdeep":"768:rf7Gxw/Tc/hOWlJ+UtVIuiHlqAmQI4X8OAdXFxbv8KIf2BdU+JdOMx1iVvH1FS:sw/YGGIuiHlqAmO8l1bNXdOqT","tlshash":"0dc3c7a0f21031ea7333c55a71d0fd872219a153e6664eb7f22f25d88f846ca1673f1a","first_seen":"2023-03-07T12:03:40Z","last_seen":"2026-06-07T11:07:11.646388Z","times_seen":19992,"resource_available":false,"data":null}},"time_used":1271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/common.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/common.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 16 Nov 2023 07:13:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6555c132-edf\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3807,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"bbaa3ba82eabac17365b789a50885a52","sha1":"72daa321d794ab876e580a3d74c8c93c7bf3ec91","sha256":"ce9f8f9bb4e5eef2462667de0e76e65bd65c6e670cef61b5e76ed47be6813cf9","sha512":"0004dc6643aa9a056edd186964e70964886558ad9dfd8208c8d8183faffb84a636728447817e5c89f2102cc0b5ef85aeceb6a64571b5562a84cbef7f2c4a312b","ssdeep":"","tlshash":"a4713098b34c912b10f673319abf1909d83ba5734103d408f95ca0853ff825eb3a6ee9","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-05-30T01:00:27.986607Z","times_seen":353,"resource_available":true,"data":null}},"time_used":1264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/weui.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/weui.min.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-8fc6\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36806,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30581)","md5":"b2d509279b32ca4e47fc1b9208f604f7","sha1":"9d5157bf10eb7e2a24593ec7168ae95289299899","sha256":"e292ce67ecbecc4ff34ee38d51c8dda6e71597f7ae44a2e9980f1da0be246c50","sha512":"3525e32a00a8f3b6f4c52e90143cd8811d04aa382e5c4fa85dda30d18e44a6c143627ac484c1a15fdc03b2b999b52b1e3f0ca19b3ee5822f66f5d3a7c4a79ca4","ssdeep":"384:CuQzFSVlyfFD364d7X7fhFuZgkmQUxXe8NcztGcpnGcu6O1/cbivDFA7B2a/RaVW:MjXZ7fNkmQU88Ncz1talRcbEDf+iD1O","tlshash":"a1f2d7983281b4e623d350b5443f560fb33a4c3a98077400b7b4d9e56fb89ea56b7f29","first_seen":"2023-03-07T16:38:18Z","last_seen":"2026-06-06T17:19:11.910111Z","times_seen":684,"resource_available":true,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/ETC-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/ETC-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:37:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405de8e-cbe\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"1b20cac397cc00bc2bcbd9ffe6c5edd9","sha1":"e4ff0b671fb41c003c8c1854768c606ad16b2b69","sha256":"30316aed28b32e076a6366fab2e42431d26260ce847033086a873d7be9776b7d","sha512":"e5d0174251865febd4e3bd57726caf146d5ea2a4faad09b1b88c8cb74599be8072be20facecb7e9d25200b368c4e7ac79e04106b42a17a723b573fe713133918","ssdeep":"","tlshash":"83616d92f46d0c27446d43060eb0c3de7be16e738a525fd15d727000b16b0ce15764eb","first_seen":"2023-07-31T18:35:56Z","last_seen":"2026-05-12T09:58:36.370377Z","times_seen":171,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/layer3.1/layer.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /layer3.1/layer.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 05 Jun 2021 10:36:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60bb5394-5664\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22116,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22020)","md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-06-07T12:12:51.412732Z","times_seen":5691,"resource_available":true,"data":null}},"time_used":1265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/plugin/swiper/yy.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /plugin/swiper/yy.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 02 Jun 2024 07:55:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"665c257d-6d1\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1745,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"05ed2352d599c6fbebbbf11feb5991d2","sha1":"b6d563caec0f9a8d45649ad9bcc08fd0c3b857b5","sha256":"6d8df9de53c93ee22a1079caf784d80da2fb435ac9d6ec196335004ef5aae438","sha512":"04d86028bc84e3eba9a93ddf308ec4d9e52328900e1faa94962f79dcb5de5cd63459d759eea3f4b701519c8daea7761aaf42de01cd412268d44bdfb3fc800493","ssdeep":"","tlshash":"ad318de69a769305526ae029579f3f2321b308771008e8947a4dc7086fed3cb061fbad","first_seen":"2024-06-02T21:14:46Z","last_seen":"2026-05-12T09:58:36.356145Z","times_seen":82,"resource_available":true,"data":null}},"time_used":339,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":339,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/202311141.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/202311141.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 08 Jan 2024 16:52:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"659c2846-2d355\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":185173,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1080x720, components 3","md5":"b51ec5f591c32cb8729bd25ebf9bef3b","sha1":"8878c68006235349403c722024b53f93aa975970","sha256":"170e30d822d1efbe0f22f83ddcfb5f2308a95d17c817c3db4c299e03831559e0","sha512":"66c75a1676de4432803adbc4679709e0c539f65fcb82fd15795f388b2c1db9a6ea57bd5b35f8b0207978858a757fbfa3f2bbf3a9b8034cbee25ec69a54a7a173","ssdeep":"3072:fbe2H0uETlaTcIf9lBfNoFlQCkAXvhrwc7Gc4OBdYvTITXG3ia+X/bx/KbMj/Nrx:f6ZTlElOQCBkc7368DGyHbx/7jVrMCn","tlshash":"710423bd56dbc5dc599d45ebc90bccba0618c1dfc13923b0be46fd33a099ba424e0895","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-05-12T09:58:36.377812Z","times_seen":146,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/SOL-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/SOL-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:43:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405dfde-1036\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4150,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"9a764deaa696ddcae23b50878da2275b","sha1":"e50fcf53a6a257bd8c67dec07f82aeafa9b550d8","sha256":"b373e46d6f482af8a3f2f496ae07cb1ff98d45519b3d63cab03022821dc26503","sha512":"04c3e665cec122d3019da71291758b780cb7dfedc19e295381cd9358dd9cf3c56f20b08541d5cd89987c7d20417fbbe26e8ffa2bf35fa07199650027a7591952","ssdeep":"96:954fwDRa+Mt8RqN+fTqLnNjmRKsdj/UPqu4DCRuLIBeYH/Gn:954fwf487fTq5aRKsdbhrVLAeaGn","tlshash":"3f817dc4d7044d58217c2027a3b2ba7a82f25c33b654f0c2fdb618d5e925fe0a0a648b","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-05-12T09:58:36.373943Z","times_seen":174,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/common.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/common.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 16 Nov 2023 07:13:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6555c132-edf\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3807,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"bbaa3ba82eabac17365b789a50885a52","sha1":"72daa321d794ab876e580a3d74c8c93c7bf3ec91","sha256":"ce9f8f9bb4e5eef2462667de0e76e65bd65c6e670cef61b5e76ed47be6813cf9","sha512":"0004dc6643aa9a056edd186964e70964886558ad9dfd8208c8d8183faffb84a636728447817e5c89f2102cc0b5ef85aeceb6a64571b5562a84cbef7f2c4a312b","ssdeep":"","tlshash":"a4713098b34c912b10f673319abf1909d83ba5734103d408f95ca0853ff825eb3a6ee9","first_seen":"2024-03-03T07:44:42Z","last_seen":"2026-05-30T01:00:27.986607Z","times_seen":353,"resource_available":true,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/nav_icon_7.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/nav_icon_7.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Nov 2023 09:43:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6548b546-12e0\"\r\nexpires: Sun, 05 Apr 2026 10:15:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4832,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"98c3a8d3c87360d7ffbd7580bb7c1ff1","sha1":"53ac23a821c9cffdeca7c0a16d5e63e14a7b2dd0","sha256":"66d47904f1e797c923fa05c70b363a77f511a090aceb13dbe50ca3c0f131debe","sha512":"4d8f916c82d9e8c420be03e7b8dff61f8fd9450f848373702f0a4c0db533e801e9a5af319b881d71c0e57f655060c6d53182d0b66716b201b19718c6bf499cf9","ssdeep":"96:HydQblafDjvSN4vff5dr4B4ENTesVckps6Ey2lr/L3zcekFBTL+p5:HydQRgXpXDoTesVNz2lDL04","tlshash":"8fa16c12bc2cfa17a32301d2be72013e5e767a9f26838a2541d5b46a66e7f224512b1c","first_seen":"2024-03-03T07:44:43Z","last_seen":"2026-05-12T09:58:36.367055Z","times_seen":150,"resource_available":false,"data":null}},"time_used":616,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":616,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/FIL-USDT.png","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/FIL-USDT.png HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 06 Mar 2023 12:41:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6405df76-dae\"\r\nexpires: Sun, 05 Apr 2026 10:15:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3502,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"67a897eeeca6348fe248fbd96cf42e00","sha1":"a1fe7560b4286e14d95d9436797c01af7be49605","sha256":"8d236c01af163784f1a77c45a7127732fd2a6d6202b9c4f9dac99f60d9f1d313","sha512":"4a5ccafc16b5c016c3403d3138aec8a0f7136942a2b834b20ce24b9a1b1045ba7ab132474bf74713160af1bfac4b1032e31f5477818268db801cf0b6ae6cc7b3","ssdeep":"","tlshash":"04714ce25dfa87f62750f2120932e3314adab3244fda5cabcc3449279171e5478a8d98","first_seen":"2023-07-31T18:35:57Z","last_seen":"2026-05-12T09:58:36.363555Z","times_seen":170,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/iconfont.css","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:52.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/iconfont.css HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 19 Dec 2021 14:48:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61bf463c-63ce\"\r\nexpires: Fri, 06 Mar 2026 22:15:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25550,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20698)","md5":"7636674a9cc00e0ab274c0118bf30792","sha1":"f27a0be01fbbbf273a89d3c422379aec2764e686","sha256":"9fa256777e1db1a122b57fc40c30257f8f850a678bed98019d471e6df77eef75","sha512":"d689560eb32216bc369b734a97df8a0fd12cb53dfd23f9c424cb44199fbf151e5eda7764c88b97a31009627931522b7608f2917153ab0aceb94bd5c62d7bd735","ssdeep":"384:LBCVGK9CWi1Frac1AzSvwRf/S6a4ukK0SlgOLkQ3PJv4IpQCKWPlNU3PLLg1UXav:to/V6mc1lHFkKdXvZ4KVKWdNsrav","tlshash":"87b23cf499bd5ca41306e4d53342a760ef0d66a48d8b4d5bf3a73c9cb7e32018186aec","first_seen":"2023-05-09T00:01:32Z","last_seen":"2026-06-06T17:19:11.893616Z","times_seen":564,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/favicon.ico","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zxswy.com/index/index/index/jumplang/en-cn.html","date":"2026-03-06T10:15:53.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/index/index/index/jumplang/en-cn.html\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:53 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-07T08:18:02.147442Z","times_seen":523690,"resource_available":true,"data":null}},"time_used":383,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zxswy.com/image/jquery.min.js","fqdn":"zxswy.com","domain":"zxswy.com","tld":"com"},"ip":{"addr":"192.238.133.158","port":443,"asn":395954,"as":"LEASEWEB-USA-LAX","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zxswy.com/","date":"2026-03-06T10:15:49.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ccnrs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 16:55:20 GMT","end":"Wed, 13 May 2026 16:55:19 GMT"},"fingerprint":{"sha1":"9C:48:32:D8:AD:C6:C7:7D:46:BB:38:91:4B:B9:85:77:5D:56:D8:6F","sha256":"1A:F2:A1:38:9E:31:CC:E2:C8:5A:55:85:A7:40:78:C5:1D:DC:05:6C:9B:56:AF:B1:35:E8:71:EA:D2:CB:E0:3A"}}},"request":{"raw":"GET /image/jquery.min.js HTTP/1.1\r\nHost: zxswy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zxswy.com/\r\nCookie: think_var=en-cn; PHPSESSID=h8t5854fl0eqkgrm5ahdk71nq2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 06 Mar 2026 10:15:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 09 Dec 2021 13:13:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61b200e6-169d5\"\r\nexpires: Fri, 06 Mar 2026 22:15:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92629,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-06-07T12:17:52.805232Z","times_seen":68493,"resource_available":true,"data":null}},"time_used":1266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"zxswy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}