{"report_id":"65c0fc53-f6e8-4cab-8bbd-fa879edafb40","version":0,"status":"done","tags":[],"date":"2026-06-30T21:41:01Z","url":{"schema":"http","addr":"cheshihtml1.mybmtest999.net","fqdn":"cheshihtml1.mybmtest999.net","domain":"mybmtest999.net","tld":"net"},"ip":{"addr":"172.67.194.229","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"cheshihtml1.mybmtest999.net/","fqdn":"cheshihtml1.mybmtest999.net","domain":"mybmtest999.net","tld":"net"},"title":"कर दंड सूचना - भारत सरकार","dom":{"size":8863,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"56e1f6be5ce3081e52ecf397b9e1be69","sha1":"e14a68110ab219ecfb20b59a198a572d7d92c3f0","sha256":"ed54ea07736e743d76ccfdc46b443c24a7b302dbf2428a01088b4e42edc4c74b","sha512":"ab96fd530d64d0cf00f320894ee5b7afafb91f7e80365ca2766d0fce98ead8fb1d684015fc865d23ec852c779368330828a81b5c49be400741ee3625cb1f66d5","ssdeep":"192:zFQU/q/4sicnKG9lyyJLWcm2ycFtTunzkVfT:zFD/FsPlWwEnzUfT","tlshash":"bc02621ed7f37125685ab8a83bba1b3366a06133d34bc8553d9c6398cf89de0459338d","dom_hash":"domhash1edf993c28b0dc4c68673e35f712ae2c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cheshihtml1.mybmtest999.net","fqdn":"cheshihtml1.mybmtest999.net","domain":"mybmtest999.net","tld":"net"},"ip":{"addr":"172.67.194.229","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-04T21:41:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-30","alert":"Phishing Block","trigger":"cheshihtml1.mybmtest999.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cheshihtml1.mybmtest999.net","ip":{"addr":"172.67.194.229","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-31","domain_rank":0,"first_seen":"2026-06-30T06:26:04.232848Z","last_seen":"2026-06-30T06:26:04.232848Z","alert_count":16,"request_count":4,"received_data":44457,"sent_data":2053,"comment":"","tags":null,"fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cheshihtml1.mybmtest999.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"cheshihtml1.mybmtest999.net","domain":"mybmtest999.net","tld":"net"},"ip":{"addr":"172.67.194.229","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-07-02T15:08:06.259533Z","times_seen":384307,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cheshihtml1.mybmtest999.net/","fqdn":"cheshihtml1.mybmtest999.net","domain":"mybmtest999.net","tld":"net"},"ip":{"addr":"172.67.194.229","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-30T21:40:36.635Z","timestamp":1782855636635,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mybmtest999.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 09:27:51 GMT","end":"Sat, 29 Aug 2026 09:45:19 GMT"},"fingerprint":{"sha1":"05:B3:45:D1:60:69:A7:9F:FE:FA:5C:BA:51:A8:97:86:DC:0D:39:E7","sha256":"B0:54:1B:2E:C9:DB:79:56:53:4A:E7:9F:08:92:34:E5:76:5A:EC:5C:91:47:5E:7F:D0:43:79:13:71:32:71:66"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cheshihtml1.mybmtest999.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Tue, 30 Jun 2026 21:40:37 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: PHPSESSID=siml4920hj49phphh86ftclsfr; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nx-robots-tag: noindex, nofollow\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pdpohSguLZI0o26DlSdeZiqM7hoG2Gk1PoSTZ8uHkoWt1VQDaHxb7twqj9F2SAlrlA4f6yMP7dUIzThONzLDg0PRaqL8cXf8MPQj8adL9UD9NGNvfkbXJoFnDmJHcQxM5scfXmseXfXhy5D%2Fsn4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a1405491f8e156ab-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9127,"size_decoded":3903,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"99f01c501b3d1242a8732cc98e6fb737","sha1":"ec6e9f16ea0f2bfda3ebe7c066145af5e4439d64","sha256":"29c8211ae0ea6a3acf20b18a0c9d03067d2f65ab6e2d7707d8b48346a5f7ca1c","sha512":"91d423f94b854606865a7e19facf88e9881558de88c2ae4a63a8f0845d7de322005e5f2a245394a661dd567a07d005978ea7dbcd662edcc4cf495d5b595d55de","ssdeep":"192:zFQU/q/4sicnKG9lyyJLfcm2ycFtTunzkVfzOGVM:zFD/FsPlfwEnzUfzOGVM","tlshash":"ce12841ed7f37125685ab8a83bba1b3365a06133d34bc8543d9c6398cf85ee0555334d","first_seen":"2026-06-30T21:41:01.391002Z","last_seen":"2026-06-30T21:41:01.391002Z","times_seen":1,"resource_available":true,"data":null}},"time_used":966,"timings":{"blocked":-1,"dns":53,"connect":73,"send":0,"wait":840,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-30","alert":"Phishing Block","trigger":"cheshihtml1.mybmtest999.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cheshihtml1.mybmtest999.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"cheshihtml1.mybmtest999.net","domain":"mybmtest999.net","tld":"net"},"ip":{"addr":"172.67.194.229","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cheshihtml1.mybmtest999.net/","date":"2026-06-30T21:40:37.844Z","timestamp":1782855637844,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mybmtest999.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 09:27:51 GMT","end":"Sat, 29 Aug 2026 09:45:19 GMT"},"fingerprint":{"sha1":"05:B3:45:D1:60:69:A7:9F:FE:FA:5C:BA:51:A8:97:86:DC:0D:39:E7","sha256":"B0:54:1B:2E:C9:DB:79:56:53:4A:E7:9F:08:92:34:E5:76:5A:EC:5C:91:47:5E:7F:D0:43:79:13:71:32:71:66"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: cheshihtml1.mybmtest999.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=siml4920hj49phphh86ftclsfr\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\nexpires: Thu, 02 Jul 2026 21:40:37 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uEfbvbSG%2B0neALizDrGimqYeg8wDYmNS1%2Fl9jUOaGSS64WgQ8yHBnS%2FeT%2FkUqI4rMA1SmCyyJvTN1CjF3t03Mp9hjJLUh76adRtekkkgyU3KSlmBCUVSayJojveB%2FntX0f3BL9d%2Br9yohacgxE0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ndate: Tue, 30 Jun 2026 21:40:37 GMT\r\nserver: cloudflare\r\ncf-ray: a1405498b90b56ab-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":1312,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-07-02T15:08:06.259533Z","times_seen":384307,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-30","alert":"Phishing Block","trigger":"cheshihtml1.mybmtest999.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cheshihtml1.mybmtest999.net/123.png","fqdn":"cheshihtml1.mybmtest999.net","domain":"mybmtest999.net","tld":"net"},"ip":{"addr":"172.67.194.229","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cheshihtml1.mybmtest999.net/","date":"2026-06-30T21:40:37.848Z","timestamp":1782855637848,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mybmtest999.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 09:27:51 GMT","end":"Sat, 29 Aug 2026 09:45:19 GMT"},"fingerprint":{"sha1":"05:B3:45:D1:60:69:A7:9F:FE:FA:5C:BA:51:A8:97:86:DC:0D:39:E7","sha256":"B0:54:1B:2E:C9:DB:79:56:53:4A:E7:9F:08:92:34:E5:76:5A:EC:5C:91:47:5E:7F:D0:43:79:13:71:32:71:66"}}},"request":{"raw":"GET /123.png HTTP/1.1\r\nHost: cheshihtml1.mybmtest999.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=siml4920hj49phphh86ftclsfr\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Tue, 30 Jun 2026 21:40:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 11 May 2026 06:09:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0172a8-791e\"\r\nexpires: Thu, 30 Jul 2026 06:25:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 54895\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=whu7RdeGOZkDckuE4a5EZJanfb0vyRWGVRDTJgM1DmNchIkCOca1acCCYrfsgSNPFmB%2Bs3182fMni%2FLbguVadNjFLno7ENPzZeWR4FGaOOTGt9Rz1fb3byc0FLSLo3pn4XABovS7QU1RIXJOE3k%3D\"}]}\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a1405498b90c56ab-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31006,"size_decoded":31536,"mime_type":"image/png","magic":"PNG image data, 578 x 126, 8-bit/color RGBA, non-interlaced","md5":"7ea55e75fca43a25edfaccff9fb9108b","sha1":"6993d51531859971c747e8ef2723b972210c2438","sha256":"ef93712576cb347b85bc8758a0e1a1a524f97238487f91206a7a1452b85bbd5a","sha512":"ba810a060ff828f6d8b70d7e51f399e3f2d9ac2bfecfb15290d5d1f12bf89dec3420465ac2a410ad6f9e94aad944ed4303e3195bf10eef121df766d94a790649","ssdeep":"768:8qTVp4KdCM1nZwIoyJtNm12WdOE7T5qtFGI6oVKV1Ogu9LIy:tt1nemRm1cE7TAtFGI6oqANX","tlshash":"cbd2d0893d94ec605c2d723c062b93d6dab42a8f5d41ba75e6cb85e08605b610177d3e","first_seen":"2025-11-20T08:21:41.371393Z","last_seen":"2026-06-30T21:49:44.997114Z","times_seen":21,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-30","alert":"Phishing Block","trigger":"cheshihtml1.mybmtest999.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cheshihtml1.mybmtest999.net/favicon.ico","fqdn":"cheshihtml1.mybmtest999.net","domain":"mybmtest999.net","tld":"net"},"ip":{"addr":"172.67.194.229","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cheshihtml1.mybmtest999.net/","date":"2026-06-30T21:40:38.009Z","timestamp":1782855638009,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mybmtest999.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 09:27:51 GMT","end":"Sat, 29 Aug 2026 09:45:19 GMT"},"fingerprint":{"sha1":"05:B3:45:D1:60:69:A7:9F:FE:FA:5C:BA:51:A8:97:86:DC:0D:39:E7","sha256":"B0:54:1B:2E:C9:DB:79:56:53:4A:E7:9F:08:92:34:E5:76:5A:EC:5C:91:47:5E:7F:D0:43:79:13:71:32:71:66"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cheshihtml1.mybmtest999.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=siml4920hj49phphh86ftclsfr\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Tue, 30 Jun 2026 21:40:38 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RFcBnaHaBVA1zP1KPPwGN%2BibIeOXQeoJXo3a0%2FJPmEWW9%2BEcGib6tZ56M%2FolxywJH4KWdD5U47yOIOf2YsdTX5fP5w2pay7DDB9goSajgw8lHapt0lA5626PIZ0mwI9mvgMnlicdNY3YM0ZTVuQ%3D\"}]}\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a1405499c91156ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":138,"size_decoded":722,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7389d931c86b3d7bb6b8af46d8c4172b","sha1":"8d2a4760aa0b47984d11cd1a66448719177fb791","sha256":"301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f","sha512":"dd6d1511e4fcd5bc09d821ffe091fb5946ac9654c48664aed504e479e9ac20c1cad44b6df90f42190d47e28f5f96bfb09d24056df6b950243d68ee8100a9a889","ssdeep":"","tlshash":"d9c09b5d755366449913155167c33641d196837f689a84510941c593f0cf69ac4c73a9","first_seen":"2023-03-13T12:56:15Z","last_seen":"2026-07-02T15:11:40.596217Z","times_seen":298715,"resource_available":true,"data":null}},"time_used":866,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":866,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"cheshihtml1.mybmtest999.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-30","alert":"Phishing Block","trigger":"cheshihtml1.mybmtest999.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}
