{"report_id":"6216142c-4312-4fe8-8599-e21b68c4f52e","version":0,"status":"done","tags":[],"date":"2026-06-11T12:44:44Z","url":{"schema":"http","addr":"vns9394.com","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":0,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"final":{"url":{"schema":"https","addr":"vns9394.com/","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"title":"澳门威尼斯官网 - 尊享奢华赌场与独特娱乐体验","dom":{"size":19951,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13833)","md5":"25c52de0c7e4f9e67fe071dd434f7c72","sha1":"6a46ee60fbc0f2106379ab395fdc54bbc6695168","sha256":"55b0a086f2844b7e34e37eb01d02ed4fb6e85f52e4bd3d5a73dd88ab777ce93a","sha512":"225b3a434e7d240291ff6617550e72bf981e229d6b1f81e674408efe4d2e66d2970ab89062e8f400065ffe52a021029f0e1f6a241489c4abd131b0c67e666b42","ssdeep":"192:syuyRJKhyIvJZDswI3cpdqGPt7Gc0LGsQguzL+FBp8R2gq+ywpMrnxSXwXax:syuyRIhyIXDaMvzPt77FeQ9ywwnxSYO","tlshash":"7d92a337e046787f45a759eca568b38eb0d7912ec76b8e05b6fad3c80fc6d80055221e","dom_hash":"domhash8850402d1a878fa339638e0693820fdd","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"vns9394.com","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":0,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-16T12:44:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"vns9394.com","ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":108,"request_count":27,"received_data":2131595,"sent_data":13476,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"sdk.51.la","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2005-01-17","domain_rank":347679,"first_seen":"2021-03-08T16:03:51Z","last_seen":"2026-06-09T11:41:42.588563Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":453,"comment":"","tags":null,"fingerprints":null},{"fqdn":"154.204.28.53","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":0,"sent_data":552,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"vns9394.com/","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"e534a5cbd2df3aaed4e2bb405780d2a7","sha1":"bd4ac483c7629ef832aaa724291e5f3c97013e14","sha256":"4df2c5608d78458b37f68c0612223902a6b6ea8d31ff8124ed0eff7589fc03be","sha512":"4a5e434560cf6e8e9c071dd0cc5e8c2442dafdfbcba638c0c7e90bdc5a74deee42bbd2a2a1b7452addb1a807443c6c4db4eb30e1cb2629ebe39320e9c7d36662","ssdeep":"","tlshash":"d4f0dcae9c51e178abc338ac9bafda88c16e1026110ecc03a9d9c5ce3c38fc8042134c","size":492,"data":"","first_seen":"2025-05-26T01:34:30.601443Z","last_seen":"2026-06-22T06:23:21.353553Z","times_seen":145,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/e/dongpo/tz/tz.js","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2de02817ac5ff7e2e2e352db0fe1ba7","sha1":"1108e2fd9f1777b86486310b5e798c0ae8297b3d","sha256":"1b77dda8f7ffcd6fef90d337b161d431d2f61a55fe74a019541ba8d5c8736184","sha512":"1089cfb972c6c2c1f27ee76685ee63943aec9ef5930739ce6412385903fa137aad0a2a5604ff3c7e02babad12f872d28cf090274dc95119087ce5908424c1dab","ssdeep":"","tlshash":"fc215c7fae631154911691592bba776c3a3a001b6701c8307afcbe685f52f429487bd4","size":1158,"data":"","first_seen":"2026-06-08T19:26:41.283541Z","last_seen":"2026-06-21T02:35:36.593116Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/bootstrap/js/bootstrap.bundle.min.js","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","size":80821,"data":"","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-06-22T07:26:19.586074Z","times_seen":2271,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/swiper/js/swiper-bundle.min.js","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","size":140562,"data":"","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-22T08:23:35.759264Z","times_seen":4784,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/bootstrap/js/home.js","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","size":5802,"data":"","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-06-22T09:38:46.497176Z","times_seen":919,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/e/dongpo/tz/tj.js","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bf60b5cf9c764caf9e85228dc7bfc33","sha1":"22b0d1971d7ec1ec3bb55ff4771752db18eab9ef","sha256":"1a32c475f692c3c84f550cc194a92fff3df6368293bbec3b8e67a42bc2d92306","sha512":"681c26eab518649736ea2c6302120b5a61e0b0749375c8933c7c890b6195de0c6e09a4184c9af8c5fd0f5e5eeda63ba803574bee4c44737899ccd18ce14c97c9","ssdeep":"","tlshash":"8601f11f7c25e13463921c2d23bbdadcf5ad2016101dc80654dec4ad6c34ff9042ab4c","size":808,"data":"","first_seen":"2026-03-03T01:17:34.078046Z","last_seen":"2026-06-22T06:23:21.339167Z","times_seen":536,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"vns9394.com/skin/swiper/css/swiper-bundle.min.css","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.969Z","timestamp":1781181853969,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/swiper/css/swiper-bundle.min.css HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 08 Jul 2025 08:36:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"686cd89a-4691\"\r\nexpires: Fri, 12 Jun 2026 00:44:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18065,"size_decoded":5190,"mime_type":"text/css","magic":"ASCII text, with very long lines (17812)","md5":"ea28ae0aaf82709381c57d6a7daa7a05","sha1":"a7c528dc9018aeefed9a52337168decb220e2f61","sha256":"af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2","sha512":"9c63402a957e06b7c365a6cf5f53baaba991953e7bfda99d8feeaf177db6a2782a28004b1d82df2dcde362d5556e4891f6da300d63cf13d816144dadb1920f66","ssdeep":"192:1VmUJbiKne0JlXZHZ+Sme+jexS4nxep/a2GZb0Q5nfufKlAYfg5fyeesedOJ9A5Q:1gUbe0JdZHZ+W+SFnZ24tlWfF4XYz","tlshash":"d08245a85340282753274f364b71cbb9dd7444d20f9389ae91c0ee48d7f6db9132f6a9","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-22T07:26:19.580891Z","times_seen":5341,"resource_available":false,"data":null}},"time_used":514,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":514,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/swiper/js/swiper-bundle.min.js","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.977Z","timestamp":1781181853977,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/swiper/js/swiper-bundle.min.js HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Jul 2025 23:58:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6865c79e-22512\"\r\nexpires: Fri, 12 Jun 2026 00:44:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":140562,"size_decoded":39953,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65283)","md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-06-22T08:23:35.759264Z","times_seen":4784,"resource_available":true,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/departments1-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.990Z","timestamp":1781181853990,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/departments1-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 79856\r\nlast-modified: Mon, 11 May 2026 21:21:06 GMT\r\netag: \"6a024842-137f0\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79856,"size_decoded":80129,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 701x394, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f2bc5f12e6b6a6bd98d4c7fabcdf2be5","sha1":"7d12c5affb5137ec0c3d4f0bd1b44f601e035814","sha256":"6e4aac7431b917f31d60000c909def7a0c618bb6f828acfd94f0564e7a74494d","sha512":"a7d7bd25eb84d9ba5d1272c88bb643ecc41e41b0686b22a80e5174eb89131e2df7f31b4c5e6018f880e0d85e7456a2c2e0f73f29ddf4b607591cc02b806e54eb","ssdeep":"1536:EX7cL25oxkWrKYFc2qHnk1Xu1tKFSanmmziDhe+zD0Tc3/QGhcpHs+31Q/y:EXax7KYG2Z4YVmmWhzlCM+wy","tlshash":"8173128a32c278e10fd86aebd1b33174448bbf655a9cc20cc9f9003164eda978d26f25","first_seen":"2026-06-11T12:44:49.935979Z","last_seen":"2026-06-11T12:50:37.575761Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":749,"receive":771,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/judge3-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.997Z","timestamp":1781181853997,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/judge3-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 67496\r\nlast-modified: Mon, 11 May 2026 21:21:06 GMT\r\netag: \"6a024842-107a8\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67496,"size_decoded":67769,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 661x440, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7d58a2af136618e4715be47a29c98c06","sha1":"6077f30e05de6d7117ca70607058d9294a33feb9","sha256":"90a049159f89f68dcb3a7811321783c5cb43b12f8331e72fc68801e44b59eb85","sha512":"91c854560bf0ae19d377de3ebb09b34c2fd4d4f69b0cf17949ed2658fb2d129cfe346ee38a66bf811142b1676ddb4017262d11684f4a3e15b17d847af9485350","ssdeep":"1536:gxoHULd3zIYEYYHtgF0Xov3qe1+5VsjStsYODiUe/qS96im6r:goHUp3sYatgF04iKk5tsvif/qSwiF","tlshash":"a663026329ba34791e4e4336f6e9068ad43a249fd11e59c06cdb339d4fe620a104d9ff","first_seen":"2026-06-11T12:44:49.937537Z","last_seen":"2026-06-11T12:50:37.57244Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1514,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":743,"receive":771,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/judge4-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.998Z","timestamp":1781181853998,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/judge4-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 135642\r\nlast-modified: Mon, 11 May 2026 21:21:07 GMT\r\netag: \"6a024843-211da\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":135642,"size_decoded":135916,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 742x493, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9ea495212356abf24cf1771f63fb9093","sha1":"13298b591fa9002a98ac6932750cf79e55d6f84e","sha256":"ae12d4b34035683238176fae6c8a936a4432c23dcacf2b70370143b7d770c049","sha512":"7de83c7e9a7ce0cff9242e9c95752c87ae2434982e8561565da4e1f904d2e0f4935c0f770b94631ed1ba462624994d915bacc4f4e97ce0f85d23f01fd4c5cae5","ssdeep":"3072:RRBCU3m5LRWVpiZ0yndOItgtKK3dplT0TjmLI:LBCU3yLR20GsaT0Tjmc","tlshash":"e9d322a15397c5ac0b7ceed5890efcc8d1376e6a04c3a4613c9076c67811ea8fd8de58","first_seen":"2026-06-11T12:44:49.9385Z","last_seen":"2026-06-11T12:50:37.57408Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1514,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":742,"receive":772,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T12:44:11.998Z","timestamp":1781181851998,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:13 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19660,"size_decoded":5783,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14792), with no line terminators","md5":"f2f33697fe03128bc4257ff2df018c91","sha1":"0bf9f7c97797ff86c47feb90e69b8404e5229520","sha256":"625fe924ef3bfcd3fdf3542f6a0f4dfc79c637d84ce6860d16c195cc1e8404ae","sha512":"1e734b0e32d86c2df8e6dc1b3274964d56c42e84808978671a2afea84d1811ef217cc24eb57c0ab31b1248a11e822b10d69fa6ee8ff26036ecedcddae8901149","ssdeep":"192:kyoy3gOJy+Dsw5gcpdvGPt7Gc0LGsQguzL+FBp8R2gq+ywp11o:kyoywwy+DzDv+Pt77FeQ9ywpo","tlshash":"0882b437f146787f45a759eca558b38eb0d7912ec77b8a44b6fad3c80bc6c80064221e","first_seen":"2026-06-11T12:44:49.939397Z","last_seen":"2026-06-11T12:50:37.623061Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1651,"timings":{"blocked":-1,"dns":371,"connect":256,"send":0,"wait":508,"receive":0,"ssl":516},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/judge1-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.995Z","timestamp":1781181853995,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/judge1-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 107506\r\nlast-modified: Mon, 11 May 2026 21:21:06 GMT\r\netag: \"6a024842-1a3f2\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":107506,"size_decoded":107780,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 684x456, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9d3c93ce40b5abb577250a2ee3d8b9b3","sha1":"012edce08fe171a28dd6cbe0841da40459eb5a59","sha256":"dd5a83f0025e9eece1be3b6b104337e07f0b1b9024ab75d6c75d6cac914767ec","sha512":"39905de2e0b06ae71dfb497dd2eba267dc03259c566df81f7c9ac4e86c85b762acfbf5640523e5630bcb528b54f091bf9ee01b3ba52f8096a1f1f3dcc5b7256e","ssdeep":"3072:xPVZyXqJwqwRwa1aqFnqmqxOWPF3hnGXF:lVZyX7RHcqbYBPFx2F","tlshash":"83b31262df22d859f93673039baa020497e61d1f4c33c256b6f46b93272da684237d5c","first_seen":"2026-06-11T12:44:49.940576Z","last_seen":"2026-06-11T12:50:37.579301Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":745,"receive":771,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/judge2-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.996Z","timestamp":1781181853996,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/judge2-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 31272\r\nlast-modified: Mon, 11 May 2026 21:21:06 GMT\r\netag: \"6a024842-7a28\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31272,"size_decoded":31544,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 591x394, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"080a2c2bd56835d268ba89cf0b59baca","sha1":"75418b8650931cdd129e3ee56a5c1f4773c3b61a","sha256":"a7f230faf37b179707da6e1ce0e3a959e66c6971a3a0e4ab4b4f770459b876f7","sha512":"b188ee7e51d46dc6fef377246374231e73b55b41a44e802cafdf230e73d9bdc6be13d94ef900315229269252133f8e4cf7743c347045fe4c01d9debbab67c8c1","ssdeep":"768:Fx/1SL/xZeUUJTSseYcFUWJCJIL5B8xtJFRaFzC9ZiWfEDjW:FxdG/DyKkJIdwbEFmjiWf5","tlshash":"34e2e1a8171c4ba4d8e4eeadffa938668d40626bf7cdaf1e5360651c40047e17336e78","first_seen":"2026-06-11T12:44:49.941441Z","last_seen":"2026-06-11T12:50:37.620707Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":744,"receive":514,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/fontawesome/css/all.min.css","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.970Z","timestamp":1781181853970,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/fontawesome/css/all.min.css HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Jul 2025 22:17:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68645e64-1907e\"\r\nexpires: Fri, 12 Jun 2026 00:44:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102526,"size_decoded":23140,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"c43cd173eeeba2f72aa6b431d06b8c07","sha1":"427a692f7f39eabb3d5b8510aee2743025daf813","sha256":"c880eb3d25c765d399840aa204fec22b3230310991089f14781f09a35ed80b8a","sha512":"02f6f6422b83104bc1e1b64961d7edda63635528417ed2dd3c6f0527457b8ab4cb43c528d2a70fc61e0f96aec6e6d1a6d2b53ed523e1568b6d78ba41111c1393","ssdeep":"1536:vwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9ZpgmLCq:P709gMGFiyPG9ZimLCq","tlshash":"4fa3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2024-01-04T18:36:36Z","last_seen":"2026-06-22T09:38:46.480991Z","times_seen":11827,"resource_available":false,"data":null}},"time_used":768,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":768,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/e/dongpo/tz/tj.js","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.980Z","timestamp":1781181853980,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /e/dongpo/tz/tj.js HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 808\r\nlast-modified: Tue, 05 May 2026 19:43:53 GMT\r\netag: \"69fa4879-328\"\r\nexpires: Fri, 12 Jun 2026 00:44:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1159,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (554)","md5":"1bf60b5cf9c764caf9e85228dc7bfc33","sha1":"22b0d1971d7ec1ec3bb55ff4771752db18eab9ef","sha256":"1a32c475f692c3c84f550cc194a92fff3df6368293bbec3b8e67a42bc2d92306","sha512":"681c26eab518649736ea2c6302120b5a61e0b0749375c8933c7c890b6195de0c6e09a4184c9af8c5fd0f5e5eeda63ba803574bee4c44737899ccd18ce14c97c9","ssdeep":"","tlshash":"8601f11f7c25e13463921c2d23bbdadcf5ad2016101dc80654dec4ad6c34ff9042ab4c","first_seen":"2026-03-03T01:17:34.078046Z","last_seen":"2026-06-22T06:23:21.339167Z","times_seen":536,"resource_available":true,"data":null}},"time_used":760,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":759,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/about2-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.988Z","timestamp":1781181853988,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/about2-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 78506\r\nlast-modified: Mon, 11 May 2026 21:21:05 GMT\r\netag: \"6a024841-132aa\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78506,"size_decoded":78779,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 561x374, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d394f810422688adc7f151240bae5053","sha1":"9f6356f3fb546ed046b26fd9a47893e7c5490e3e","sha256":"53d82d4e735e0296c455bd8475ad72bc85e7789d29517da730f20668ed09c97e","sha512":"63b723be3c86d5b10f76cc2bc3caaf3c9927ce6c1f4512235504892c8d8c5b7249e6bc91ba983b5c306aa8f3ff04c8d8446ee73e0b4dae8727b2e03c11900e8d","ssdeep":"1536:rhCNkMCU6y3IIErbPptyNe61yH+0P3d/01chiM3gbATtRsxYW:ENkx24ZptoyHZWLExXuYW","tlshash":"327312e550c9d24c87423889d827aed1fee5fa4b34661f9af1840061f5b02f99f7a742","first_seen":"2026-06-11T12:44:49.943907Z","last_seen":"2026-06-11T12:50:37.599668Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":751,"receive":771,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/app-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:14.000Z","timestamp":1781181854000,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/app-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 165172\r\nlast-modified: Mon, 11 May 2026 21:21:07 GMT\r\netag: \"6a024843-28534\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":165172,"size_decoded":165446,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 840x599, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9cce82665a1b2fe067bdf8aeeedff969","sha1":"e1a5bbcaadb8108aaa3024dc1a623023c8cb060b","sha256":"6c095b2f389a564edf7434e28cbc438e81459babe589371d7ec31e5e0924c0d5","sha512":"84c5abf6877de5d4d214b6cf842dc3268365324abb243e32f154ae199d7d2fabe728887a5d1e39a865c5292d750a39357336ece49076cde2460a789fab50ee7a","ssdeep":"3072:3aZFgn7Plh0my22UANTTebOOxFVvlM5ORgoKBtDNtDxFJPvrX5QsIYmJ1h5Ro:og7P46ANTqbOOIAWoKBBN1VvfIYmJ1h0","tlshash":"0df312cc7a680354a9aaf71d41f8b317a243ba47f225b77914dd1a93e095bfa3407cc8","first_seen":"2026-06-11T12:44:49.944822Z","last_seen":"2026-06-11T12:50:37.605586Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1513,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":740,"receive":773,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/e/dongpo/tz/tz.js","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.974Z","timestamp":1781181853974,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /e/dongpo/tz/tz.js HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 10 Jun 2026 11:53:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a295037-486\"\r\nexpires: Fri, 12 Jun 2026 00:44:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1158,"size_decoded":850,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d2de02817ac5ff7e2e2e352db0fe1ba7","sha1":"1108e2fd9f1777b86486310b5e798c0ae8297b3d","sha256":"1b77dda8f7ffcd6fef90d337b161d431d2f61a55fe74a019541ba8d5c8736184","sha512":"1089cfb972c6c2c1f27ee76685ee63943aec9ef5930739ce6412385903fa137aad0a2a5604ff3c7e02babad12f872d28cf090274dc95119087ce5908424c1dab","ssdeep":"","tlshash":"fc215c7fae631154911691592bba776c3a3a001b6701c8307afcbe685f52f429487bd4","first_seen":"2026-06-08T19:26:41.283541Z","last_seen":"2026-06-21T02:35:36.593116Z","times_seen":71,"resource_available":true,"data":null}},"time_used":764,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":764,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/bootstrap/js/home.js","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.978Z","timestamp":1781181853978,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/bootstrap/js/home.js HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 14 Jul 2025 11:49:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6874eee6-16aa\"\r\nexpires: Fri, 12 Jun 2026 00:44:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5802,"size_decoded":2098,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-06-22T09:38:46.497176Z","times_seen":919,"resource_available":true,"data":null}},"time_used":760,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":760,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/departments4-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.993Z","timestamp":1781181853993,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/departments4-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 99168\r\nlast-modified: Mon, 11 May 2026 21:21:06 GMT\r\netag: \"6a024842-18360\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99168,"size_decoded":99441,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 582x351, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8c83225c9230af5d9a8867a242b0283d","sha1":"e718bf2d79cff6687a6eb930e30b5e7a7ab97512","sha256":"ba2d7c8990dc15662d45412074585002c0dc13a9f685114bfd02a32ec869f581","sha512":"1d1faaa6b48ebb53c608aa089351d362d69ebc2a6e3eb3a12b969e9cd63eae2bb0d0fec172f89f0dbf503fcdf5fa1c77763dbe704eff438024df91c8e88bc9f2","ssdeep":"1536:KUA2ureNe7jxXrx9+1esw9CQ30KGcu8Vz72SxCvbdPwMboNf9h5LzcLq:seN0jlJ/7HZVpsVwg6fv54q","tlshash":"8da302e2f6f017a40447182016116238c39de205faeff682ded6ec5a157be2e59ed027","first_seen":"2026-06-11T12:44:49.946729Z","last_seen":"2026-06-11T12:50:37.615224Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1517,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":746,"receive":771,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/bootstrap/js/bootstrap.bundle.min.js","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.976Z","timestamp":1781181853976,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 01 Jul 2025 23:41:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6864723c-13bb5\"\r\nexpires: Fri, 12 Jun 2026 00:44:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80821,"size_decoded":24420,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-06-22T07:26:19.586074Z","times_seen":2271,"resource_available":true,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/fontawesome/webfonts/fa-regular-400.woff2","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:14.845Z","timestamp":1781181854845,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/skin/fontawesome/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 25472\r\nlast-modified: Fri, 13 Dec 2024 08:50:06 GMT\r\netag: \"675bf53e-6380\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25472,"size_decoded":25744,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 25472, version 775.1280","md5":"89672701a5874b80be27649e0494e354","sha1":"e9b6f5b842be227e2423733feb961dd6cb804066","sha256":"e3456d1283b9d75337a773dfd147bf908fd02c01b4bf48576d8603a69b13cbe5","sha512":"8c4246a9511873c28d98097754cf657e6893d8d274015db6e87b5b6f4c85d9bcac4d27e8d7ac60816d3775ac1568e16a1408bdd532e893b403582af011214b23","ssdeep":"768:4lvmuh29bgRdmKFG8vanzmvlXrnU8tVzO:6mubvc8CnKvZrnU8tc","tlshash":"9db2f18a515b8da2f54a5ebfcb6e7e743cf3a3832262c3bd74938104d367478052256b","first_seen":"2024-12-28T09:31:55.480915Z","last_seen":"2026-06-22T08:38:01.19723Z","times_seen":10509,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":669,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:15.196Z","timestamp":1781181855196,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /js-sdk-pro.min.js HTTP/1.1\r\nHost: sdk.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T09:29:48.149669Z","times_seen":16632516,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/about1-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.987Z","timestamp":1781181853987,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/about1-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 79878\r\nlast-modified: Mon, 11 May 2026 21:21:05 GMT\r\netag: \"6a024841-13806\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79878,"size_decoded":80151,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 843x562, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a30c02a0ba4a89c0bbf8d2b8b39f0d3d","sha1":"7375ee590034ef2ba8b2b13efef3f4926a63c472","sha256":"ef36fdcffbe7637d362113171528a8fa775f5185981e376dd9aeb524020d8c7e","sha512":"53967ec8b5d7605c90a063177d9efada9b6ea3fbe0086bfef9a4134341b1f88e6dfb7bb850e246129db7c79f9a7d5ac928ed0b1356007ea529f7c282d5f2231b","ssdeep":"1536:HWFN7ZLuvO33rjN3F/1H4maFLeYRbiKGHjJBBfuMJ/OYDOKjtaH9R:HWN7dBFpymoLeybiZdBVpjtaHj","tlshash":"cc7312751de5c49249dcfabc0d66c5820362715bbbb937a3b1ece164fa3586e0ee1803","first_seen":"2026-06-11T12:44:49.949118Z","last_seen":"2026-06-11T12:50:37.625487Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":752,"receive":771,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/departments2-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.991Z","timestamp":1781181853991,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/departments2-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 77676\r\nlast-modified: Mon, 11 May 2026 21:21:06 GMT\r\netag: \"6a024842-12f6c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77676,"size_decoded":77949,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 598x398, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ce553654a46435bec8e0d47f31eb47b8","sha1":"2bad5353850cd6e814b920de6f45ab4802254442","sha256":"7ba1135444ebf5e0ca6869af359e7feda0ff5c25bee675323b8a81777b8ea187","sha512":"81c8d6ed9c20f3bf6d3a259185558009f2763cb9c587534c7440f3eb3e00ef8059cff6eadeffbb5dd9a83361694d998b360e3206af3e534e7c24ed8d1533c2a2","ssdeep":"1536:vQzFoSyqEqAHwaUdW3mzm9Wy29nabwkhgslBY/zeQvfu7NI66Kv67KUAxn:vzRoAHuVohh9lBYb7fKiRAxn","tlshash":"cc7302d90898c8c24c337d74d64309c5be019f2b2ffc75e16a25b7f82b174979986c62","first_seen":"2026-06-11T12:44:49.949966Z","last_seen":"2026-06-11T12:50:37.611932Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":748,"receive":771,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/ico/favicon28.ico","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:15.630Z","timestamp":1781181855630,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/ico/favicon28.ico HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:15 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 16958\r\nlast-modified: Wed, 09 Jul 2025 03:42:24 GMT\r\netag: \"686de520-423e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16958,"size_decoded":17232,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"a3e0f60e54eb824863586b9a6902bdd3","sha1":"39b773f3b39baf4b134c5dd72c5694afa2b1071c","sha256":"43d839efce78aa4ac1e617de6ee13e767f2280dbd03d869884fc7dd9f5d147c2","sha512":"3415c4c09e89cc070dc0fbdb234ee8eb47c9423a892c5a2c7b8d08055be47596931757213cd83b003356f3da26fb1fc840dc33874d934469101108675789afb7","ssdeep":"384:/5YTYYRYYYYYYUYYYFYYYYYYYYYYYYYgYYYYYYYYYYYYYSWYYYYYYYYYYYYYaYYE:sUY","tlshash":"ee72c7fba5f78e0bfc279cf4a45fa96883971d994a9280345b53fa58f5986f200dc013","first_seen":"2026-04-13T01:34:31.645197Z","last_seen":"2026-06-20T04:58:59.028088Z","times_seen":12,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/bootstrap/css/bootstrap.min.css","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.965Z","timestamp":1781181853965,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/bootstrap/css/bootstrap.min.css HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Jul 2025 22:17:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68645e64-38a52\"\r\nexpires: Fri, 12 Jun 2026 00:44:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":232018,"size_decoded":32163,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"50c95aae1a6c1e089c11681d1e1906f8","sha1":"a65e4fd8db9bd0440de2d6d73c9e7cd00fce4a8d","sha256":"cd1826581e4f2b80af4f1e05897b316c7698441063cffaefbbdeec382ee4cd72","sha512":"7f0edff9370c8d36fb6e96cb25994ff20d98e17702c85656f2ecbc1ec459b07fd2c1b330d2994a1c51ebf7d0cdde5d3856c60dc2fce27145ffeaababbc8c5bc7","ssdeep":"1536:v9xnXGi9GfJkfvq5wlP7cQZDR9uvV982sYRElV6V6pz600I41r:HnXp9GfrV98II6V6pz600I41r","tlshash":"d03482d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2025-06-19T07:12:41.126365Z","last_seen":"2026-06-22T07:26:19.594812Z","times_seen":2237,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/departments5-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.994Z","timestamp":1781181853994,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/departments5-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 73296\r\nlast-modified: Mon, 11 May 2026 21:21:06 GMT\r\netag: \"6a024842-11e50\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73296,"size_decoded":73569,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 792x528, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a4c0bd39afff2ba58f7be6d6a0f0f2fd","sha1":"ce16ea0dd259de53056a9cf0a68dde69352bf4b6","sha256":"8cb31854467d1d01b00f9ab5aa0975e498c72959c83edc1b501e7d2f57ff447d","sha512":"e7576d59f1a90bd83b1cf54e94581740dd29afcc0fd021d67543185a7c5621eef13a5bd361c5ab14e380355d6e1caebcaaba405cd9dc1655e5cd5a078195c8ce","ssdeep":"1536:7kEMH6587Axdfsu4VYDIa6oVa0+neeS/MRBoKqv9jg9LWEdRlcqbYAz0bp7TT:gEcaF342DIaTo0+eeWMDxUVufN0d7v","tlshash":"926312d24843620855c32f42ee5a3f50b1e15a393f975bf2f0322675ed08a406997e7f","first_seen":"2026-06-11T12:44:49.952661Z","last_seen":"2026-06-11T12:50:37.617726Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":745,"receive":771,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"154.204.28.53:41669/","fqdn":"154.204.28.53","domain":"154.204.28.53","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:15.188Z","timestamp":1781181855188,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 154.204.28.53:41669\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T09:29:48.149669Z","times_seen":16632516,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/bootstrap/css/module.css","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.967Z","timestamp":1781181853967,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/bootstrap/css/module.css HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 24 Jul 2025 20:07:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68829272-28112\"\r\nexpires: Fri, 12 Jun 2026 00:44:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":164114,"size_decoded":32362,"mime_type":"text/css","magic":"ASCII text, with very long lines (65518)","md5":"67e45932bedd92dd7bc2a7de1653677e","sha1":"b15f3b2e370d9a7c2c40ea991c8f4a839617702d","sha256":"6e25cdc64273a412026df8a7b3510d9ba7dd6cd75653dd3eb884371b4ace73e8","sha512":"d6130c594f82eefca5109421095dc8c0603b44c4c714bdb8956e64278c9c1625263a531a1ad401fa344f180c2f1cbe95af8246c9e33dc6a28316ab243f448591","ssdeep":"1536:qiVj2AhHm0CfrtrPr7AhhTQbdS6U8H2GXVxICl1gGqotJFFp4L/Xzbv9ALVTFCew:sAhhTQg6U8p45s5Q","tlshash":"c6f397309984202cf11bc5eae5d0abef32649801f663077ef66370a6d6c21ef577674a","first_seen":"2025-10-09T23:37:04.753197Z","last_seen":"2026-06-22T09:38:46.498774Z","times_seen":880,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/logo/vns9394com/logo.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.986Z","timestamp":1781181853986,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/logo/vns9394com/logo.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3970\r\nlast-modified: Mon, 11 May 2026 21:21:05 GMT\r\netag: \"6a024841-f82\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3970,"size_decoded":4240,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x140, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"77223117639bca9d4bd04effff766049","sha1":"00ed56caa26ece387972842b47421a5ab1e1f073","sha256":"3b4cc885c2ec22d88e6fd80c8ff3b1bac34a150d8f80614b83e4abd20ac8825f","sha512":"79c45d1f8325501493a7786137a230764cac916697d9964d06d1e274735df1d2601c446765c05212a417ab35a7bfcf8f5ba7c591344bc03a12789d75828e58a9","ssdeep":"","tlshash":"90818da0a0fed20ce7e149fa468a63f5f6c658be0013d827394b1eacf67cc8c5d5150a","first_seen":"2026-06-11T12:44:49.954334Z","last_seen":"2026-06-11T12:50:37.629323Z","times_seen":2,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":753,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/departments3-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.992Z","timestamp":1781181853992,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/departments3-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 82906\r\nlast-modified: Mon, 11 May 2026 21:21:06 GMT\r\netag: \"6a024842-143da\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":82906,"size_decoded":83179,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 672x448, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"97eb2964aa640a1a1ed9dadbf39b4d84","sha1":"303b04b52bededf1bca08dec200d3fcc881c4888","sha256":"ba241c9d22e1c34ce53efd4adfe08ab12e9f71184113f23ee6c7f1b76b9adda5","sha512":"a274688e61fdbf266d4f152e013851c8b9d171fbfc07cb1bb7ba8f475f674ce67c97e930907c23c02d6c20c692c795c60f4f831f4997e896d108d942b1c4a809","ssdeep":"1536:T2z/YUBuF/Ffo1tKmEKhYR6K597wjklntKIcqtspt1DRX:CzgU6/FgHH1eRF77DnMmS1D1","tlshash":"86831255f5f04c08d5f538f1bad003edaa46dd40fba2b89dcf0c515279a4422a912fe3","first_seen":"2026-06-11T12:44:49.956363Z","last_seen":"2026-06-11T12:50:37.631386Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":747,"receive":771,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/cover/vns9394com/judge5-28.webp","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:13.999Z","timestamp":1781181853999,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/cover/vns9394com/judge5-28.webp HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: image/webp\r\ncontent-length: 75044\r\nlast-modified: Mon, 11 May 2026 21:21:07 GMT\r\netag: \"6a024843-12524\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75044,"size_decoded":75317,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 817x544, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"155ffd8ae6371cb92ea73bc808e7da77","sha1":"8750762bb36ad8d07fdad845edea0dff62a0cf7b","sha256":"1d0144d670e3bf4c93884bb28c7386054ea804a73d20ae954d83a0c4fabfb213","sha512":"227108dd36a04358dccd58662fcd936954ffd2b783340bd6880db2ccacd432cabc227bd869afc71d7bc14efdae2a6947eea46dced8be69bf620f430ca556ff22","ssdeep":"1536:s9dH7xvTRj0zP8RZMEGHzpvd+p1Z2f7U/CeyCopZ6zdgXBgDtkTvy:s7H7xbRgzP8RZN4pvdu2zU/Ceyr1XiD/","tlshash":"057302ce13c6dd256c4d2aa42df063033ab159f9c977e99ca744cd03588c72daa4ac7a","first_seen":"2026-06-11T12:44:49.957251Z","last_seen":"2026-06-11T12:50:37.635963Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1513,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":741,"receive":772,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vns9394.com/skin/fontawesome/webfonts/fa-solid-900.woff2","fqdn":"vns9394.com","domain":"vns9394.com","tld":"com"},"ip":{"addr":"168.76.225.170","port":443,"asn":137951,"as":"ASLINE LIMITED","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://vns9394.com/","date":"2026-06-11T12:44:14.844Z","timestamp":1781181854844,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vns06.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 22:49:07 GMT","end":"Sun, 09 Aug 2026 22:49:06 GMT"},"fingerprint":{"sha1":"87:59:14:2C:EB:CE:9D:8B:73:DA:31:A7:9B:89:DF:94:72:1B:84:2E","sha256":"3A:FB:13:F1:C4:F7:02:5B:EC:CE:31:28:94:89:3F:74:F4:24:54:29:4A:61:1C:24:A7:D3:62:AA:83:BE:7C:52"}}},"request":{"raw":"GET /skin/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: vns9394.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://vns9394.com/skin/fontawesome/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:44:14 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 158220\r\nlast-modified: Fri, 13 Dec 2024 08:50:06 GMT\r\netag: \"675bf53e-26a0c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":158220,"size_decoded":158494,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 158220, version 775.1280","md5":"4a6591ab5460ae5cbff1ecbd6e52193a","sha1":"7cd8afd6501962fda35d66f0e4c3b8815ac471d8","sha256":"aa75998623a391e61c6901794ace832e3ecdd288b56d608f21bea0411acc0b8e","sha512":"96c5d3283b71613b595b6b0420333bef5d64451af05c59dde27ec5b3e7cfe6e9549c604cddfbcb79cbc0fd4cd6f2e22a130c9a220b1b7ef933ac9df8c8e695d6","ssdeep":"3072:RauSB5FANIRLpsBaBrJGNG3ECNQztRvHHqkqLrlF:guSqN6ptrJGo3POh9KT9F","tlshash":"0ef312a710c6b95684a3a51b336adeb52c3ed363fcb6cd73be340114689da9c2e4d190","first_seen":"2024-12-19T10:41:23.153533Z","last_seen":"2026-06-22T08:38:01.209934Z","times_seen":29888,"resource_available":false,"data":null}},"time_used":670,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":669,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"vns9394.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"vns9394.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}