{"report_id":"69c58c2a-b4ee-4efd-b256-38c24055564f","version":6,"status":"done","tags":[],"date":"2025-09-04T03:59:14Z","url":{"schema":"http","addr":"vnzs.cc/","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":0,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"final":{"url":{"schema":"https","addr":"vnzs.cc/","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"title":"Mr. Vine's Webcam Forum"},"submit":{"url":{"schema":"http","addr":"vnzs.cc/","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":0,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-09T03:59:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"vnzs.cc","ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"domain_registered":"2025-07-06","domain_rank":373168,"first_seen":"2025-09-04T03:59:15.111423Z","last_seen":"2025-09-04T03:59:15.111424Z","alert_count":15,"request_count":15,"received_data":249629,"sent_data":8245,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Liveinternet","description":"","website":"https://liveinternet.ru/rating/","common_platform_enumeration":"","icon":"Liveinternet.png","categories":["Analytics"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"MyBB","description":"MyBB is a free and open-source forum software written in PHP.","website":"https://mybb.com","common_platform_enumeration":"cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*","icon":"MyBB.png","categories":["Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"imgpimp.xyz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-07-24","domain_rank":480309,"first_seen":"2023-07-27T16:36:33Z","last_seen":"2025-09-02T14:21:52.994701Z","alert_count":0,"request_count":5,"received_data":228814,"sent_data":2164,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"t93.pixhost.to","ip":{"addr":"94.229.45.2","port":443,"asn":48326,"as":"DataNetworks s.r.o.","country":"Slovakia","country_code":"SK"},"domain_registered":"unknown","domain_rank":4975888,"first_seen":"2024-01-15T17:10:09Z","last_seen":"2025-09-01T23:50:31.010064Z","alert_count":0,"request_count":1,"received_data":8577,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"vnzs.cc/","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"26bd98eb025e95516555bb882953dc7a","sha1":"a5ce4e77722c4920470abbdbdd167971e66c12ac","sha256":"c617523f675250d6b55e4cecd9df94dcc8761f4a7eeca17f50ed70f69009549d","sha512":"93bb4a31f29355de6e972c7f9376c20b330f78b58cb18c5565bfb11086a4015e375b4415f6036401925e5831e51181d993c3b7df7d22cdb09656081a827866f7","ssdeep":"","tlshash":"424154d3748e1c35004d60e76cbd64c19d0bd089fb0cad2a9b29b87d63808ed87b52aa","size":2288,"data":"","first_seen":"2025-09-04T03:59:17.533248Z","last_seen":"2025-09-04T03:59:17.533248Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"3e778a0599600893f6740e061f0db321","sha1":"a9f01d1beac63e231a419894462ddf00adcd86ae","sha256":"391dc11066c3b8e2f89bfe77f24d5ccb9f39c5ab3a499559caa7a4d5a8b175c6","sha512":"60da55c43f8b588bfa9c280f855c11935b06942db1ea1dace8e65dfb315d22cde302286d00ab6e5c4db011f0f37faead51987ed5b9a1fef5123fda6fafad5cc6","ssdeep":"","tlshash":"5ab0929862985b5a02f311986a9814a616708abe816c695b2a05b914a20d84462cae43","size":125,"data":"","first_seen":"2023-03-07T14:37:29Z","last_seen":"2026-05-12T03:15:46.821555Z","times_seen":430,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"e0e774c6eac4073121eb55b9e21d3511","sha1":"5156ea2435d223d0519ddce05085a2510c7b1807","sha256":"45a342390daafbd778ec29ac08c0cd3273410c225c6c1101306700c811b530b5","sha512":"2fd9fdf983e2f651be2955965a0be96ad581a2544bfd5718d3959966bf6d6ed8a39bce6a3d076b735638bb24d1cfc5646f72ac151c295478abe2361e5298f4d9","ssdeep":"","tlshash":"45a012a1c08c0407823411120c002025202fc4780052de496cb159a050c4706036040a","size":77,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-05-15T07:06:40.000569Z","times_seen":1486,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/jscripts/jquery.js?ver=1823","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89475,"data":"","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-05-15T13:32:51.299817Z","times_seen":16152,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/jscripts/jquery.plugins.min.js?ver=1821","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf1f71e20e14765d6d5ea640aa4f7fc7","sha1":"d1f3a0e46dd50d3a4d1839cb821ad42802619def","sha256":"a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149","sha512":"db3f8dba9327793a4d00b0e1266ef60d6f2424ab1235d673def9ee026be896aa10cb02e0b95f8b82bdf76ac49720662c84fa2b419026178c905c5a9c2f1bff0a","ssdeep":"384:HWwrEXSUb3GjSPqGorxn+viQRvuB6haZ7braU:HWmE/3G2hcraU","tlshash":"f662924fba7523a48aff2177a01f196521339db508c24858f1bd87d95d78c0492afb3e","size":14799,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-05-15T07:06:39.99524Z","times_seen":1717,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/jscripts/general.js?ver=1827","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"373ad0e5af45e8cd17b064aaa7c2d465","sha1":"9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e","sha256":"491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898","sha512":"0014001020da5ef12874c5727ce95d1163834414dbe201ea72f60423bde91e8e7d2d671fa18ec190d0573e3b76093a496f7662d5b81e0f804d42834dddffd98a","ssdeep":"384:7HrwCLFwqbPl88aLqh8cOrT6CIJ6X5jO1/zD:oqbPltaLqUXCJ0jOx","tlshash":"bb6262c8ff2c152b81be3069949f58c96c3c803188945cf7bc6855d4bae8a1e536fe78","size":15709,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-05-15T07:06:39.984162Z","times_seen":1609,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"cf36f333fa1abde6cc9583c9485449bc","sha1":"823d313f556e70be678f702d0d1b48e79ba5b75f","sha256":"b1322f57bb09e2986f1737c9188c0f638fefd902f48cfee2092cba91ee1f4be9","sha512":"b8da97f0d9276152b0a7dcd266d848c5a29aadbe361ec5a47d5749a90a832573bacdaee299b727981e8f7d8ded7b6f9dc96e5fd0485b92d275ba3aa504d7d8b1","ssdeep":"","tlshash":"9331df66f3d8c74f66b322b54a2f01d9013f521bc947c80599eed7300998b1e8b67f16","size":1524,"data":"","first_seen":"2023-03-10T18:09:46Z","last_seen":"2026-05-12T02:53:16.06957Z","times_seen":116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"60730ccf0f052bacb3d060a45906e80a","sha1":"850697d55b61c192e1080f92e88f0d5f897ed335","sha256":"d8be3f41339555f6426c517909880a16a48e6608014be8ed0c894593ba03b3e3","sha512":"25bcda6b5b29880c1554d7b863420d6d1d2fe8a3c1800cb1108b8c87bf8c4a27875dbff1d6ac4e7e52e49b7141266d9293cd05457252e841908e06b7558e3c3f","ssdeep":"","tlshash":"fee07d6391155449868714b37858104d0949a8221e946a1a5195193cbde57bd577f23c","size":306,"data":"","first_seen":"2025-02-08T05:33:18.801073Z","last_seen":"2025-10-08T01:26:10.768188Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"vnzs.cc/jscripts/jquery.js?ver=1823","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /jscripts/jquery.js?ver=1823 HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:54 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 25 Apr 2024 16:00:00 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 89475\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":89475,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-05-15T13:32:51.299817Z","times_seen":16152,"resource_available":true,"data":null}},"time_used":809,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":562,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/jscripts/jquery.plugins.min.js?ver=1821","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:54 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 25 Apr 2024 16:00:00 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 14799\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":14799,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (14798)","md5":"cf1f71e20e14765d6d5ea640aa4f7fc7","sha1":"d1f3a0e46dd50d3a4d1839cb821ad42802619def","sha256":"a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149","sha512":"db3f8dba9327793a4d00b0e1266ef60d6f2424ab1235d673def9ee026be896aa10cb02e0b95f8b82bdf76ac49720662c84fa2b419026178c905c5a9c2f1bff0a","ssdeep":"384:HWwrEXSUb3GjSPqGorxn+viQRvuB6haZ7braU:HWmE/3G2hcraU","tlshash":"f662924fba7523a48aff2177a01f196521339db508c24858f1bd87d95d78c0492afb3e","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-05-15T07:06:39.99524Z","times_seen":1717,"resource_available":true,"data":null}},"time_used":426,"timings":{"blocked":117,"dns":0,"connect":0,"send":0,"wait":308,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/images/MyRed/menu.png","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:55.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /images/MyRed/menu.png HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/cache/themes/theme3/global.css?t=1723111616\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:55 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 22 Oct 2013 19:10:22 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 849\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":849,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 42, 8-bit colormap, non-interlaced","md5":"ad31928b079682c82a7a1b5f4d153f28","sha1":"a2d4446ec68749f5b37a4b520fbf7045f87063e6","sha256":"e3f5c39ae1fbdc89307506f74f210e8a478ce536f6eaf33547ce360058e3acdf","sha512":"909af5757bab3fe16b94c549a3b63a06751316bcff583f37a3e9f883bd14caa06c86f4e1de6894c0b7dc2e0f72c03e5ec0bcfb8b03d53bb1d4f1a305455445f5","ssdeep":"","tlshash":"600112fe33c08c3ac2811233920500448c309214462142095408851118137c000442b3","first_seen":"2025-09-04T03:59:17.494695Z","last_seen":"2025-10-08T01:26:10.745428Z","times_seen":2,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/images/MyRed/trow_bg.png","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:55.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /images/MyRed/trow_bg.png HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/cache/themes/theme3/global.css?t=1723111616\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:55 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 11 May 2013 21:23:20 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 3236\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3236,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 10 x 60, 8-bit/color RGB, non-interlaced","md5":"c14287d98f2a27800b9dd1ce6422242a","sha1":"b23d387968adfb96a923dc2b898dfb9cfa2ec22a","sha256":"7e5d7ea07a684a2d009869aa5873f00141d1943a759b67595904c405624826c5","sha512":"8598903fc1ad51164456df8411394a6673806d01f037416475668cf03e5e9b425f2b490eddfed4154bf7e08d114fbd665dc8c24c2f614926fee2966d365416e0","ssdeep":"","tlshash":"b5617cabdea050af7cda38010dcc1381eb28227cde563b2894c169ef14a2e472f251b4","first_seen":"2024-02-12T12:05:46Z","last_seen":"2026-03-06T11:25:08.202006Z","times_seen":20,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":75,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/images/MyRed/mini_status_sprite.png","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:55.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /images/MyRed/mini_status_sprite.png HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/cache/themes/theme3/global.css?t=1723111616\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:56 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 01 Sep 2014 03:32:46 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 557\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":557,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 10 x 40, 8-bit colormap, non-interlaced","md5":"f44489f136ca4b4ffc5831a085c916d3","sha1":"8bec48975cdec97d492325ea5811246c575ae156","sha256":"c3710cbc74a91938d3025db92c60414f26c9adfc89a55712ee191fe7d167bdfb","sha512":"9ac9faad44609a905e6f7b02591ef42fd93eb463808324f562e3f72b3a1306fa4be98985c1ea682c8dd55b4e33495fba722f25bc7bfe09d7d2f1036e10153556","ssdeep":"","tlshash":"1ff026c77304dcb584f4985748de4582dfe770d4c3d572e51040dd25789dc195341175","first_seen":"2023-12-22T04:54:20Z","last_seen":"2025-11-06T09:41:33.436944Z","times_seen":22,"resource_available":false,"data":null}},"time_used":478,"timings":{"blocked":202,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/images/MyRed/collapse.png","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /images/MyRed/collapse.png HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:55 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 01 Sep 2014 03:32:46 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 414\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":414,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"c6eac10a6374862b2f8ebb2645e70644","sha1":"cbac90b6a17a83f2fe1eb375cf1de2ec15b11ca4","sha256":"0278d855e802bd2fc44ba3279b471feb94749f1771284f0af0d2b0ba2fccac6c","sha512":"3a3bc42e1dd12240780309394dd0ceb9c0aa6303064073a0c0a1ea3c1be896cd72abfbba4bcff06a6957a64333a7669cbe9965e1141d3fc8748b1e515572f6fb","ssdeep":"","tlshash":"eae0ab88f704fc3ddc5685f60952c61460a302d248a4526caa0e82791b54b28c4e4652","first_seen":"2023-05-29T15:50:38Z","last_seen":"2026-03-06T11:25:08.237273Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1740,"timings":{"blocked":1463,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgpimp.xyz/img/56jeh4age1hytm.png","fqdn":"imgpimp.xyz","domain":"imgpimp.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imgpimp.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Sep 2025 03:12:27 GMT","end":"Tue, 02 Dec 2025 04:10:07 GMT"},"fingerprint":{"sha1":"11:5E:BE:3B:75:4F:B9:27:9A:29:7B:EA:DE:C6:2D:88:8D:DC:A0:98","sha256":"5B:EB:EB:0E:6C:97:81:49:57:95:B9:AB:AA:2A:7D:3F:DD:24:BB:7B:09:A0:22:50:8E:78:5E:7C:0F:13:FA:C6"}}},"request":{"raw":"GET /img/56jeh4age1hytm.png HTTP/1.1\r\nHost: imgpimp.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Sep 2025 03:58:53 GMT\r\ncontent-type: image/png\r\ncontent-length: 18068\r\nserver: cloudflare\r\nlast-modified: Fri, 03 May 2024 10:42:31 GMT\r\naccept-ranges: bytes\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\nage: 2537\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lw5wrvF0NQmRhuEXBK%2B4DdbvPbXZa0B0eawbKoQc9BC1fVcQXCiKMhdvOs6nTe%2Fq29jfS6LOPt1QFPN1Z2JFJ6xSdNH8NezEMg%3D%3D\"}]}\r\ncf-ray: 979a92329f10569b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18068,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 486 x 60, 8-bit/color RGB, non-interlaced","md5":"d97efd4545fafe800804dcac7cec605d","sha1":"a1a1a0419ff5d78a24e84e1a429d9979df88b93b","sha256":"2ae91884888bd8bb2c588dcc23534f104a737a0dbcf5a951cbcbf68ef77a6d69","sha512":"31ecd9e97af8c3b4ed5d968573fad1f35d14003838864d7098fa9aed472190dd18ebcf48ccc278b5f3cf22fec7dd4bd0779d6fe13991ceae1ba47b9f41b5208b","ssdeep":"384:DM8R17qy9gn7/5EIiAW6YNfx5c5IIEGaLbxAFtejjjAtcZV:QyG37/2mW6SpSIrG+Rv8tG","tlshash":"f282e133043427f07567b20d786eb589ea6b38a3cdd7f912e65d023d461825a08c9bf8","first_seen":"2024-05-29T20:05:11Z","last_seen":"2025-10-08T01:26:10.739318Z","times_seen":55,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgpimp.xyz/img/oivh8394fg2.png","fqdn":"imgpimp.xyz","domain":"imgpimp.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imgpimp.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Sep 2025 03:12:27 GMT","end":"Tue, 02 Dec 2025 04:10:07 GMT"},"fingerprint":{"sha1":"11:5E:BE:3B:75:4F:B9:27:9A:29:7B:EA:DE:C6:2D:88:8D:DC:A0:98","sha256":"5B:EB:EB:0E:6C:97:81:49:57:95:B9:AB:AA:2A:7D:3F:DD:24:BB:7B:09:A0:22:50:8E:78:5E:7C:0F:13:FA:C6"}}},"request":{"raw":"GET /img/oivh8394fg2.png HTTP/1.1\r\nHost: imgpimp.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Sep 2025 03:58:53 GMT\r\ncontent-type: image/png\r\ncontent-length: 20401\r\nserver: cloudflare\r\nlast-modified: Tue, 30 Jul 2024 13:57:37 GMT\r\naccept-ranges: bytes\r\nage: 3112\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=auAP35JPB3vjy9xLrT6vYBLzdgfhbg%2FCHuRynPtQIbmlSN2kF4G%2Fx13w%2Beqq8bfAHolFKKcbuQ79T4rLRoi6Ez93m%2FcTVySZmg%3D%3D\"}]}\r\ncf-ray: 979a92329f0e569b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20401,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 486 x 60, 8-bit/color RGB, non-interlaced","md5":"73eb78a346ad4cb0e5cf520b7de71280","sha1":"4d96c00f667d1e70981ab18f5cc066770f47db41","sha256":"48b3acb4af0ef02ff40a92b98d9592bce96dec7db1170dc86253328fceabb36a","sha512":"549051ad2439c160433e98f3dee05f895350512bf6b5b0a18b9eb28d28d4a2885523541c422f0b2864282c53c8f2d1637c5dc94a86dcad0c31cfd69c90b0c38b","ssdeep":"384:XfIEEsj3QlrM5DoJ8pB+/QeKtHJYrEZpKuKCcl+vGc:XATsTQlu8J8BJ5J5Zprkw","tlshash":"9a92d0d1c2da0dc6a63a3ddc1a5976bfc03e7593c1901946e9398650f1e355b30123ae","first_seen":"2024-08-26T06:24:41Z","last_seen":"2025-10-08T01:26:10.752271Z","times_seen":28,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgpimp.xyz/img/54knvrsvef.png","fqdn":"imgpimp.xyz","domain":"imgpimp.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imgpimp.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Sep 2025 03:12:27 GMT","end":"Tue, 02 Dec 2025 04:10:07 GMT"},"fingerprint":{"sha1":"11:5E:BE:3B:75:4F:B9:27:9A:29:7B:EA:DE:C6:2D:88:8D:DC:A0:98","sha256":"5B:EB:EB:0E:6C:97:81:49:57:95:B9:AB:AA:2A:7D:3F:DD:24:BB:7B:09:A0:22:50:8E:78:5E:7C:0F:13:FA:C6"}}},"request":{"raw":"GET /img/54knvrsvef.png HTTP/1.1\r\nHost: imgpimp.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Sep 2025 03:58:53 GMT\r\ncontent-type: image/png\r\ncontent-length: 80431\r\nserver: cloudflare\r\nlast-modified: Sun, 22 Sep 2024 14:40:17 GMT\r\naccept-ranges: bytes\r\nage: 2999\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Baod%2FTFeZ0Rg6sooBJ9UOLY4KZ7xqRYixSxMM3qQmDphrDZ3Cf0faXVm8aD3E8N4t81X1ymHEyFpN6vxuWSy1i09eS2w95AkuA%3D%3D\"}]}\r\ncf-ray: 979a92329f0f569b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80431,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced","md5":"dc568247fcce43a3169c15f2b8fa6804","sha1":"23a6719d40345578535024f18b16c827847d5323","sha256":"063d45da06307e15b0cbf1c6d2b7fce558201da56759a812d3bb11d05b241dfb","sha512":"934cc8c8fe76457ac6b4febedfb98b5a3f977743bbcc34dbb5373b5f2856043ecb2f7b8e50aba081e017b3804974b4af9750657ddb88b72982eaf62c16bc2668","ssdeep":"1536:ZZ3lY8q82hoCU+gk2/UvEBwOzH2/MlR97DO8Q9j8g12Fn4NIb3+TncseB:bmFhhoCU+8/0Ee/szQj8g12Fn42aTncF","tlshash":"7f73028f3c68051b4c99e089170e628b946d1d1c27eb98ef871dedda3a2851f667388d","first_seen":"2024-10-13T20:56:33.402723Z","last_seen":"2025-10-08T01:26:10.744553Z","times_seen":42,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":13,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/images/MyRed/thead.png","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:55.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /images/MyRed/thead.png HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/cache/themes/theme3/global.css?t=1723111616\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:56 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 22 Oct 2013 19:00:58 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 102\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":102,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 35, 8-bit/color RGBA, non-interlaced","md5":"e03859771072ee1a8a934a22bcdb6ccd","sha1":"a23f6f8cc1d731c82207ffb3064f480d669766d6","sha256":"a85a48c0732f3b8133f50a69030e2fa3a2b22584d7c198bc194b91e943f36531","sha512":"f51e86d461f10cca3a39faacebb8da886b536afa4dc3598817e5b09a21b3747146d5f96260ff8c4646ed71a5aa5ff9f6615f7141623aa8e0666eaf2f1bdb5e9a","ssdeep":"","tlshash":"8fb012c256bcccbde10146332795081cd433462c2b03462e52477037920d69400f1acd","first_seen":"2024-02-12T12:05:46Z","last_seen":"2026-03-06T11:25:08.242695Z","times_seen":20,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":223,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/jscripts/general.js?ver=1827","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /jscripts/general.js?ver=1827 HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:54 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 25 Apr 2024 16:00:00 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 15709\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":15709,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (322)","md5":"373ad0e5af45e8cd17b064aaa7c2d465","sha1":"9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e","sha256":"491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898","sha512":"0014001020da5ef12874c5727ce95d1163834414dbe201ea72f60423bde91e8e7d2d671fa18ec190d0573e3b76093a496f7662d5b81e0f804d42834dddffd98a","ssdeep":"384:7HrwCLFwqbPl88aLqh8cOrT6CIJ6X5jO1/zD:oqbPltaLqUXCJ0jOx","tlshash":"bb6262c8ff2c152b81be3069949f58c96c3c803188945cf7bc6855d4bae8a1e536fe78","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-05-15T07:06:39.984162Z","times_seen":1609,"resource_available":true,"data":null}},"time_used":1569,"timings":{"blocked":496,"dns":1,"connect":236,"send":0,"wait":290,"receive":282,"ssl":262},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/images/MyRed/logo.png","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /images/MyRed/logo.png HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:55 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 08 Aug 2024 10:34:25 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 31063\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":31063,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 350 x 122, 8-bit/color RGBA, non-interlaced","md5":"ea36698c9b5f2661e2fbfbc4170a87e7","sha1":"5968bffe3ff5938fca7496b3b0c83265d73783c4","sha256":"f59b141a86f4e4072a2ba521de56851823a24456f5633924a16e7d42301c720d","sha512":"5ae624190b193889374acb52ce9bcbeb79563b645a073781ceeab59e00251f6091710f2374ac07608de0b82f8107ef8e3a74e63ef766eee92c54755528ded267","ssdeep":"768:x8BC630aAiuCxu+Mwqfl+iy6VweHzG3QvH+G9OdRDFpvsXix6k:xWC6lAlZ1xsi3VpHzGg/eDFJsXuP","tlshash":"67d2e1adf2926d70dea4a7bd14fdb4763d1993e1dca45532dd410e2b200108ae96cceb","first_seen":"2025-02-08T05:33:18.797075Z","last_seen":"2025-10-08T01:26:10.74301Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1775,"timings":{"blocked":1536,"dns":0,"connect":0,"send":0,"wait":236,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"t93.pixhost.to/thumbs/176/437411189_banner-alcz.jpg","fqdn":"t93.pixhost.to","domain":"pixhost.to","tld":"to"},"ip":{"addr":"94.229.45.2","port":443,"asn":48326,"as":"DataNetworks s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pixhost.to","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 11 Jul 2025 14:07:17 GMT","end":"Thu, 09 Oct 2025 14:07:16 GMT"},"fingerprint":{"sha1":"47:29:86:DA:76:45:39:89:11:DD:0E:B1:53:76:25:A5:3D:10:4E:69","sha256":"36:9D:8E:94:F4:21:C3:EE:D7:0B:D3:88:A8:9E:3F:A7:6A:6C:CF:F7:74:B5:AC:38:E0:88:68:72:EC:E1:0C:B3"}}},"request":{"raw":"GET /thumbs/176/437411189_banner-alcz.jpg HTTP/1.1\r\nHost: t93.pixhost.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Thu, 04 Sep 2025 03:58:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 8288\r\nLast-Modified: Mon, 15 Jan 2024 04:06:27 GMT\r\nConnection: keep-alive\r\nETag: \"65a4af43-2060\"\r\nCache-Control: max-age=604800, public\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8288,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality\", baseline, precision 8, 468x60, components 3","md5":"59dbdb3d007866b684844f1940d2142c","sha1":"4294c9d5f91d9c4f216200adcef4b4855b6abfbd","sha256":"fb9e210df4df836604802290267e94283b3d390ea97592542850cd536ef59e3a","sha512":"a127562c3237e46764bdf17fa6010723ab4480c03ac3b87bef5ae5f62bf9a4d5b6908f1347d9252baddfcd94d16879763ed0f39d0d3b2cf010826996abeff5c1","ssdeep":"192:GY1bfhCju4z65WhnJn63HbLYYXut0cQM53YlIvcQX0PAC2ZxUjpkh:Gob37epMNu0cQM5IWcQXlZv","tlshash":"1402ae326b91c33b0f958832274a03dfa5d8014a24c089f92c71f539eda2ef2c10db8e","first_seen":"2024-01-21T11:59:09Z","last_seen":"2026-05-11T22:04:55.352553Z","times_seen":97,"resource_available":false,"data":null}},"time_used":2851,"timings":{"blocked":1405,"dns":3,"connect":32,"send":0,"wait":33,"receive":1,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgpimp.xyz/img/pvj9h487g3df3.png","fqdn":"imgpimp.xyz","domain":"imgpimp.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imgpimp.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Sep 2025 03:12:27 GMT","end":"Tue, 02 Dec 2025 04:10:07 GMT"},"fingerprint":{"sha1":"11:5E:BE:3B:75:4F:B9:27:9A:29:7B:EA:DE:C6:2D:88:8D:DC:A0:98","sha256":"5B:EB:EB:0E:6C:97:81:49:57:95:B9:AB:AA:2A:7D:3F:DD:24:BB:7B:09:A0:22:50:8E:78:5E:7C:0F:13:FA:C6"}}},"request":{"raw":"GET /img/pvj9h487g3df3.png HTTP/1.1\r\nHost: imgpimp.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Sep 2025 03:58:53 GMT\r\ncontent-type: image/png\r\ncontent-length: 17721\r\nserver: cloudflare\r\nlast-modified: Sun, 11 Aug 2024 13:10:55 GMT\r\naccept-ranges: bytes\r\nage: 2999\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GDqvmajO2A13rxpUn6TpiJ2lKf059Hh5tvaemfdRPjoovImRpA1LEVoK8V43hHtHo0tYjt2dm2pRma6%2Bs8zMvzU0rrsQc4KTZw%3D%3D\"}]}\r\ncf-ray: 979a92329f11569b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17721,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced","md5":"a4a31871d324fc26a4bfbaf9f4c51f62","sha1":"d91cd848ace1ee5a49ddd8740fc8f9c11c81dbf9","sha256":"68b8a7e39986156701f50f930961b66170f8e2fe53a875758c70a8163e9eeca8","sha512":"11263f1ee5715b228837d1b190f4790e1e6e62645130d93f9bf142d643723339f177a8325a68e00a7905ac019ae81dd3a906a282b433a292a526f8b11784b96f","ssdeep":"384:e3R5UJRRGGz4cB+0xgKKsT4F3GEbhdmMJ4QuzkLAaxi6aGg4y89Msx0lUw:e3RCJWGzd5xgKKFFWEbh/JRlLHasv9wp","tlshash":"2982d004a84e3476f20e2e314057abee739c5d65d16f6d8368b4af60b10e06869b0ac2","first_seen":"2023-10-24T00:21:16Z","last_seen":"2025-10-22T20:53:24.100954Z","times_seen":87,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/favicon.ico","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:55.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 04 Sep 2025 03:58:56 GMT\r\nServer: Apache\r\nContent-Length: 315\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-05-15T15:19:43.17572Z","times_seen":145381,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/cache/themes/theme3/global.css?t=1723111616","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /cache/themes/theme3/global.css?t=1723111616 HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:54 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 08 Aug 2024 10:06:56 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 56635\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":56635,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (24433)","md5":"1789c53881162900a9b51504634620fc","sha1":"40adbb7ff1411a43c662220672a2f6ad3bc58c68","sha256":"c06b768d313255f8de94f5a054ed02d6f3458c5c078e7e7179dce908d908d3c6","sha512":"aa266a110db69a61425697e32f768452eacc5da1d3a18f07eb2cd0cfe3d3d5a1ffb788a746bb15da7bd4499d027414e80935a90824b85fff2bf5205b06e7f715","ssdeep":"1536:zlVlGFUVK1TMhj3GtcWuDKwLYEsHhvu0PZg:ZbGFUsVMhj2tcWuO3vuAZg","tlshash":"0443067735121989320fd4aeff1ad7d9272f0092ba1e5e65b4ad397ca7844e01137e8c","first_seen":"2025-09-04T03:59:17.521762Z","last_seen":"2025-10-08T01:26:10.757868Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2136,"timings":{"blocked":589,"dns":1,"connect":284,"send":0,"wait":336,"receive":615,"ssl":308},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imgpimp.xyz/img/k0943ijdp43.png","fqdn":"imgpimp.xyz","domain":"imgpimp.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imgpimp.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Sep 2025 03:12:27 GMT","end":"Tue, 02 Dec 2025 04:10:07 GMT"},"fingerprint":{"sha1":"11:5E:BE:3B:75:4F:B9:27:9A:29:7B:EA:DE:C6:2D:88:8D:DC:A0:98","sha256":"5B:EB:EB:0E:6C:97:81:49:57:95:B9:AB:AA:2A:7D:3F:DD:24:BB:7B:09:A0:22:50:8E:78:5E:7C:0F:13:FA:C6"}}},"request":{"raw":"GET /img/k0943ijdp43.png HTTP/1.1\r\nHost: imgpimp.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Sep 2025 03:58:53 GMT\r\ncontent-type: image/png\r\ncontent-length: 88960\r\nserver: cloudflare\r\nlast-modified: Fri, 01 Nov 2024 11:10:08 GMT\r\naccept-ranges: bytes\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\nage: 2510\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jJ76M0MAcSNtmSivBEyMi9SPFJtnZ6Tb9hOC1RgiuVNrfQKgWVNjgdLsdeb8vgeXQ4bJB10XXK6opkKCB5ulzOW190CplOWJTA%3D%3D\"}]}\r\ncf-ray: 979a92328f0c569b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88960,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced","md5":"3686e6647d8fb420f073bf4a5298c5ac","sha1":"bf6d3a0c56a6c798a32a7026e12a53a5d7607ee9","sha256":"10f1635f620c655d39f99ba80c61f64671b168490bdd8fad412602d3aea662c7","sha512":"8281822b982298e0464ff784f4969ef8c0543ba8cd13bb80ee24c33a4cac524fb3433f31eee23f285fdb7101eee4b4358eb791cede1c7488f677ff25fe4bdede","ssdeep":"1536:pbOQTiy5lj4xVQrUmp8MBGDLhsgj++TYNBah4wQUH93mQfby4CWUKVBOqP02/2S:tv32Sdxi9sw+bHU4wQUd3q4UO02/p","tlshash":"e9930235da4a2f13ddd9d06f2fee4cd238f1b508af99c18a4acdd8859c9c610199cb86","first_seen":"2024-12-02T23:45:59.666498Z","last_seen":"2025-10-08T01:26:10.73361Z","times_seen":31,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":33,"dns":22,"connect":1,"send":0,"wait":8,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/images/MyRed/headerlinks_sprite.png","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:55.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /images/MyRed/headerlinks_sprite.png HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/cache/themes/theme3/global.css?t=1723111616\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:55 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 01 Sep 2014 03:32:46 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 2302\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2302,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 200, 8-bit colormap, non-interlaced","md5":"8c668ac7100c0618014bd9314a0333e2","sha1":"95ad9c606815c46c4572d692e10a0b0886c7040e","sha256":"189cb00441fb3c9dfe615019dc7ae034fc53c7bbceda921510ff623d3e68bc1b","sha512":"d512b718ec7c366e637c6402b66ba53d5358b62e54580bd97696f90d1c093b63a89f2f0d130c6fc0dcbb78b691488b0ca2d596a2b7b709762e30cd96c1e3cce4","ssdeep":"","tlshash":"24413bb884f010a44aba523f27fa1d6b7fa3f66568d78603aa004205329c2de0741691","first_seen":"2023-07-01T09:44:09Z","last_seen":"2026-03-06T11:25:08.195441Z","times_seen":41,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/images/MyRed/forum_icon_sprite.png","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:55.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /images/MyRed/forum_icon_sprite.png HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/cache/themes/theme3/global.css?t=1723111616\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:56 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 01 Sep 2014 03:32:46 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 1130\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1130,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 120, 8-bit colormap, non-interlaced","md5":"212f6e3895ee44bf54b31cf39a162611","sha1":"7d1f15044536b4f243495c47b03b2334b5493b4f","sha256":"b95e7d7fb4d9efd1e305194cd5ec83f0b16a02baad62b355c66f1af8688a528b","sha512":"7c968518495f4b58c53f29a58bc0151ce5d37500769a1c7f838c39b56613eae5ba36a4f3f6fbc059fa117578b098411b56837319d772e61af97c76d4de9d55a9","ssdeep":"","tlshash":"f021b97b4b9164208d8c7bfc691374124e7a999d3846757fb1af2630041d5bb5409150","first_seen":"2023-05-08T13:43:42Z","last_seen":"2026-05-11T15:53:24.035354Z","times_seen":330,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":197,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-04T03:58:52.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:53 GMT\r\nServer: Apache\r\nCache-Control: no-cache, private\r\nSet-Cookie: mybb[lastvisit]=1756958333; expires=Fri, 04-Sep-2026 03:58:53 GMT; path=/; domain=.vnzs.cc\nmybb[lastactive]=1756958333; expires=Fri, 04-Sep-2026 03:58:53 GMT; path=/; domain=.vnzs.cc\nsid=829eaae42ffae3023536b1a2c3ac695d; path=/; domain=.vnzs.cc; HttpOnly\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Liveinternet","description":"","website":"https://liveinternet.ru/rating/","common_platform_enumeration":"","icon":"Liveinternet.png","categories":["Analytics"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"MyBB","description":"MyBB is a free and open-source forum software written in PHP.","website":"https://mybb.com","common_platform_enumeration":"cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*","icon":"MyBB.png","categories":["Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":26243,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (959), with CRLF, LF line terminators","md5":"8153e00789fcb9e96cba5e3822147dde","sha1":"23d61026fd768f8e23e30578715056d0da9cd496","sha256":"2faf8385911c7cc3b2c98df7a78a64725de8c97e1fb844a779567091860b1b67","sha512":"e0231e0a54d1a7da05068d45c1444ce8f109f8521b3c5bb029af3f24f5c9a3f8d814e24c34af3f2b8bf98ecd2d7997d53620d69e091dbb7fc644836b4459eac3","ssdeep":"192:IyJWDsbxKXP3im345EoxyT5LVdCy2B13QCwuECXiZyyi9nnh94wibPwfuXl61RMj:nJWDH3imcwLVdCy3cn/a161YcD7KfF","tlshash":"b5c2fb5265dc1a3f079382c674987bda51f6803ee2ac0817f5f9483a33c5ed9f0a62c9","first_seen":"2025-09-04T03:59:17.529046Z","last_seen":"2025-09-04T03:59:17.529046Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2188,"timings":{"blocked":790,"dns":213,"connect":286,"send":0,"wait":329,"receive":278,"ssl":290},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vnzs.cc/cache/themes/theme3/css3.css?t=1723111616","fqdn":"vnzs.cc","domain":"vnzs.cc","tld":"cc"},"ip":{"addr":"171.244.33.109","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vnzs.cc/","date":"2025-09-04T03:58:53.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.vnzs.cc","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 06 Jul 2025 13:09:12 GMT","end":"Sat, 04 Oct 2025 13:09:11 GMT"},"fingerprint":{"sha1":"E3:A3:CD:5B:A6:B3:DD:DA:48:8D:06:2B:C2:DD:B2:BA:F0:D5:46:4B","sha256":"88:13:BC:0E:28:44:94:39:1D:22:02:AC:FC:51:87:7B:B7:C9:1B:DF:13:6F:8B:24:E8:75:58:10:61:C0:DE:50"}}},"request":{"raw":"GET /cache/themes/theme3/css3.css?t=1723111616 HTTP/1.1\r\nHost: vnzs.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vnzs.cc/\r\nCookie: mybb[lastvisit]=1756958333; mybb[lastactive]=1756958333; sid=829eaae42ffae3023536b1a2c3ac695d\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 04 Sep 2025 03:58:54 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 08 Aug 2024 10:06:56 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 2935\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2935,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3ba2b4fe28bb23ddc44c7d59c143eaec","sha1":"37220db06d524e307383d05704803f4802da3145","sha256":"48ffb712a0e6c05b354df5490396507b1ea4f505bcab6f80844ed09ad2fd536a","sha512":"16eda70f6534f7bf31eb4b0917be894b7b945b12f8a61b4b106c80ce502e5ed0aa50114c305d828405f9be0b90c4651855bc167997b6508611d314b73297630e","ssdeep":"","tlshash":"345194bf341c06986336e94ab914dee3718f0313a5b6aca5f1d0bc3c1202dae5e558ad","first_seen":"2025-09-04T03:59:17.531391Z","last_seen":"2025-10-30T09:02:48.33196Z","times_seen":15,"resource_available":false,"data":null}},"time_used":755,"timings":{"blocked":422,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-04","alert":"Sinkholed","trigger":"vnzs.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}