{"report_id":"9948abcf-3210-4f49-9204-cc4ad32f5950","version":0,"status":"done","tags":[],"date":"2026-06-28T14:05:39Z","url":{"schema":"http","addr":"winx7com.com","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"172.67.151.45","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"winx7com.com/","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"title":"winx7💯Brasil Videogames Casino - winx7.com","dom":{"size":10544,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (974)","md5":"39af2c594148848204acf2734516349c","sha1":"2db23ff84f8239ee1b565e245cf19d920c46e1a7","sha256":"bccf9b351cac31b1deff9c75ffff7c87f689e580e61b4092b5cc88cffc7a7fd2","sha512":"b2bf3dfb5a247920e673af9bf4ce4bdfab61dcbc7b370e55f88689134afa95a58d39644636c8989af6c0801b9f6d810a40368dbcced849cc8a44f019de00e5b6","ssdeep":"192:YWtFSV6Iy00YKEOPF4lzYMcmCQ0l0BkfWiDqBgYNOMui6j:YW7SwIAPqsM0gA5qBpNOMRo","tlshash":"7722753508ea9137822342c05b9aaf5bfdc48117e01fe845b5ed0fa90fcad86dd5bd19","dom_hash":"domhash3a2bcf6a3a9248841b650d2312b778a0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"winx7com.com","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"172.67.151.45","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T14:05:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"winx7com.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"node94.aizhantj.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-07-29","domain_rank":0,"first_seen":"2025-08-10T13:29:04.56112Z","last_seen":"2026-06-21T19:34:16.366096Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":472,"comment":"","tags":null,"fingerprints":null},{"fqdn":"winx7com.com","ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-13","domain_rank":0,"first_seen":"2026-06-28T13:10:12.162498Z","last_seen":"2026-06-28T13:10:12.162498Z","alert_count":27,"request_count":9,"received_data":1249712,"sent_data":4369,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"winx7com.com/static/p5jbsta/email-decode.min.js","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-28T21:31:59.16834Z","times_seen":380925,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9721d16a7c5c5cf0cceff6abd2c6792f","sha1":"9f6ed3882af94c814f522e10c82309772477463e","sha256":"79a8ef3716eb748fc97f7e3b6f0a5fe05d77247a2a29ff10b8cc232f5d96f806","sha512":"af0fa9067c57942bba22c9025e7410ce8aa166e3905c0b65ebb9f40c6865c1fc2c286f3ada780dbf925cc099a93216ee419fcfc6a1e842a271b8add0941e7845","ssdeep":"","tlshash":"86d0a75f354018bad74f00b91daec6cab566502568afc41549cdc5e98a24dec489eacc","size":241,"data":"","first_seen":"2026-06-15T12:18:55.119452Z","last_seen":"2026-06-28T18:42:33.367829Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"eccbc87e4b5ce2fe28308fd9f2a7baf3","sha1":"77de68daecd823babbb58edb1c8e14d7106e83bb","sha256":"4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce","sha512":"3bafbf08882a2d10133093a1b8433f50563b93c14acd05b79028eb1d12799027241450980651994501423a66c276ae26c43b739bc65c4e16b10c3af6c202aebb","ssdeep":"","tlshash":"c700000000300000c0000030000000000000000000c000000000000000000000003000","size":1,"data":"","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-06-28T14:05:40.095265Z","times_seen":25662,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/static/p5jbsta/main.js","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"701bc00c4a9d4dac0209aceecf780fde","sha1":"4db5f5ca522c9d283f6244a847f3242f509bd6a3","sha256":"8fdfb3ade5627ddc70e58f5ad283f75db4ca522828eacd2333b867f72ccc7c04","sha512":"4c3fbfc62938f7864f9d02095eb60d832b62ddca1068ff2dd9f638bbd25bff6abcba2a81e12bac029fa3a04a626d2e9d2df8f0afa66b1e6aa198a21f6443f1f7","ssdeep":"","tlshash":"5b1178bdb62a1969433b7778aa571748ed3000137202894cbd4c86a11f75c0298a7cfe","size":984,"data":"","first_seen":"2025-07-01T03:03:35.462382Z","last_seen":"2026-06-28T17:55:37.262693Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"winx7com.com/static/p5jbsta/2.jpg","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://winx7com.com/","date":"2026-06-28T14:05:07.720Z","timestamp":1782655507720,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winx7com.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Jun 2026 17:40:04 GMT","end":"Thu, 03 Sep 2026 18:35:58 GMT"},"fingerprint":{"sha1":"1E:CE:C6:84:9D:DA:38:01:E0:1A:2E:B9:82:24:71:3F:1B:EB:EB:B1","sha256":"1A:9C:40:FD:30:A4:A0:74:13:71:65:C4:2D:E4:4A:F6:39:E3:F9:9C:14:AE:03:74:8B:A7:E0:B4:BD:BE:4F:9F"}}},"request":{"raw":"GET /static/p5jbsta/2.jpg HTTP/1.1\r\nHost: winx7com.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://winx7com.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 14:05:07 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 12 Oct 2025 07:49:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\nvary: Accept-Encoding\r\netag: W/\"68eb5d7b-38bb9\"\r\nexpires: Tue, 28 Jul 2026 12:37:03 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 5284\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kKkJpLounOq4Fx6TwqnTHpQ4szBSe113ST%2BAUbbp%2FcX3uixvX6%2FheQnL74ZjO4TZTktLKjG9HgN%2Bi0mqV%2FBhOPWGWZNCkGOOg67EvG0CuLMGwc%2BqgxhsOkllUK%2BI%2Fm0%3D\"}]}\r\ncf-ray: a12d3e9b48f95696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":232377,"size_decoded":232265,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 1024x1024, components 3","md5":"11b6dadff3f9c317707b3eba7765c863","sha1":"0147499b03b5cf729a80e88701520bc4b87cf4d6","sha256":"1ebcaf97f6006565bb875b5b99a2970cb4cc7842e8295d6aa188b8539568fb5f","sha512":"8013273dc243302c0170cda9dcb026a7eca8dd37db876fa495726f5cd8deb76eb07b8fb6b790a51a47f720ef8f4ff07dcb9d0e2bfaf9b87c57b2d9c3f0f146f1","ssdeep":"6144:keoeu0JOAE0OyjwArYG/Qd31PzAtSOKEZLGdfK:JRJOzyj7J/QB1PzAt2cLIC","tlshash":"f13412eadb07eef97cc885bf92c52445c49dd9302055abc016c5ef0f5c7e6868923b91","first_seen":"2026-06-28T13:10:17.150517Z","last_seen":"2026-06-28T14:05:40.084671Z","times_seen":2,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"winx7com.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/static/p5jbsta/4.jpg","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://winx7com.com/","date":"2026-06-28T14:05:07.725Z","timestamp":1782655507725,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winx7com.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Jun 2026 17:40:04 GMT","end":"Thu, 03 Sep 2026 18:35:58 GMT"},"fingerprint":{"sha1":"1E:CE:C6:84:9D:DA:38:01:E0:1A:2E:B9:82:24:71:3F:1B:EB:EB:B1","sha256":"1A:9C:40:FD:30:A4:A0:74:13:71:65:C4:2D:E4:4A:F6:39:E3:F9:9C:14:AE:03:74:8B:A7:E0:B4:BD:BE:4F:9F"}}},"request":{"raw":"GET /static/p5jbsta/4.jpg HTTP/1.1\r\nHost: winx7com.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://winx7com.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 14:05:07 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 12 Oct 2025 07:49:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\nvary: Accept-Encoding\r\netag: W/\"68eb5d7b-45cdb\"\r\nexpires: Tue, 28 Jul 2026 12:37:03 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 5284\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FictQI5fYhI%2BQlRCXsemffbagD8AKU9cM6sHnL%2B4kVVFSeMUnrhql7mQdW%2FH25TeQa6yuSWcGQj5NyqLpfVaL4uUOJ402D5yuyzLLFFS8Trr26uHPvvZBYJqMnI73UI%3D\"}]}\r\ncf-ray: a12d3e9b48fb5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":285915,"size_decoded":286123,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 1820x1024, components 3","md5":"0cf2e7284389ef9f89a0110834c35c38","sha1":"d71ce3986c2e8b8a8fdae055542189874fd1d987","sha256":"b782f302229bd2bf62e07299589239f50db33a00e0bc1dd71844774a0da642e8","sha512":"6d9ce3f79b47a44ce4686825cf7be43cc4eba355537f5d0eb0c7cc516d5c5c6e7416d8a2f80c71a69a39d96ba0b1c82e295cbe71a5d34a4713e1a0675e7fb4c5","ssdeep":"6144:yleOU0xMcmwUeuS+ILJgmCghXRQKh1eVIJiUvwAUqHzMXRnNenoBVj+z0CBj:yleOU0xMcdUhS3ltCCmKhwanvwXGzoRG","tlshash":"f754237c9e9a58fc55bfb84815ac7a3006da1b8170c6aff100c9067c6730f2c69f5ab6","first_seen":"2026-06-28T13:10:17.151581Z","last_seen":"2026-06-28T14:05:40.085811Z","times_seen":2,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"winx7com.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/static/p5jbsta/main.js","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://winx7com.com/","date":"2026-06-28T14:05:07.729Z","timestamp":1782655507729,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winx7com.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Jun 2026 17:40:04 GMT","end":"Thu, 03 Sep 2026 18:35:58 GMT"},"fingerprint":{"sha1":"1E:CE:C6:84:9D:DA:38:01:E0:1A:2E:B9:82:24:71:3F:1B:EB:EB:B1","sha256":"1A:9C:40:FD:30:A4:A0:74:13:71:65:C4:2D:E4:4A:F6:39:E3:F9:9C:14:AE:03:74:8B:A7:E0:B4:BD:BE:4F:9F"}}},"request":{"raw":"GET /static/p5jbsta/main.js HTTP/1.1\r\nHost: winx7com.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://winx7com.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 14:05:07 GMT\r\ncontent-type: application/javascript\r\netag: W/\"68eb5d78-3d8\"\r\nlast-modified: Sun, 12 Oct 2025 07:49:12 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 29 Jun 2026 00:37:03 GMT\r\ncache-control: max-age=43200\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eCzwqFYQWAyefrdtFdZF9KBhYT8wG4jckn20x3OuOICkgX8u3iNtUjKdf5xs%2BxKtnhbIzOfP%2FnNelt%2FsyR3s880e0WGuG8LvaxExmC6MMSavYsSWOGNMVZXg6VkAocA%3D\"}]}\r\nage: 5284\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12d3e9b48fe5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":984,"size_decoded":1194,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"701bc00c4a9d4dac0209aceecf780fde","sha1":"4db5f5ca522c9d283f6244a847f3242f509bd6a3","sha256":"8fdfb3ade5627ddc70e58f5ad283f75db4ca522828eacd2333b867f72ccc7c04","sha512":"4c3fbfc62938f7864f9d02095eb60d832b62ddca1068ff2dd9f638bbd25bff6abcba2a81e12bac029fa3a04a626d2e9d2df8f0afa66b1e6aa198a21f6443f1f7","ssdeep":"","tlshash":"5b1178bdb62a1969433b7778aa571748ed3000137202894cbd4c86a11f75c0298a7cfe","first_seen":"2025-07-01T03:03:35.462382Z","last_seen":"2026-06-28T17:55:37.262693Z","times_seen":23,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"winx7com.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/static/p5jbsta/logo.png","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://winx7com.com/","date":"2026-06-28T14:05:07.734Z","timestamp":1782655507734,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winx7com.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Jun 2026 17:40:04 GMT","end":"Thu, 03 Sep 2026 18:35:58 GMT"},"fingerprint":{"sha1":"1E:CE:C6:84:9D:DA:38:01:E0:1A:2E:B9:82:24:71:3F:1B:EB:EB:B1","sha256":"1A:9C:40:FD:30:A4:A0:74:13:71:65:C4:2D:E4:4A:F6:39:E3:F9:9C:14:AE:03:74:8B:A7:E0:B4:BD:BE:4F:9F"}}},"request":{"raw":"GET /static/p5jbsta/logo.png HTTP/1.1\r\nHost: winx7com.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://winx7com.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 14:05:07 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 12 Oct 2025 07:49:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nvary: Accept-Encoding\r\netag: W/\"68eb5d79-616c2\"\r\nexpires: Tue, 28 Jul 2026 12:37:03 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 5284\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fpn8ZxOMmVfdW5h%2Fye5nK59ts3E89cIKqZ%2Bd8EMhvdf1No4lA0mo5FxTCy8BZFdYQdpvfenwMlDb4rcIIxNCeZkltP%2BXF6HYP2nSk09%2FDn4QpFkGGTGrJHACTaN%2BnSM%3D\"}]}\r\ncf-ray: a12d3e9b58ff5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":399042,"size_decoded":399931,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"44cd0a1bd47d989a253f40945b046321","sha1":"35ecf0e8d3a20c4e9779a0f853a8885a694e0879","sha256":"66322dfe702d36c15f228c27fbcb2964e538c3bf8280a7ee819b916fc04940bf","sha512":"f51cbaa331cba6d4f72fac3e2a434dca25db2af96726cf3c535e383bb88438d0d68e40a6798b97fa239b4e050f455b7e88b36a4e92579e86f9892944ccd76877","ssdeep":"12288:6ghneDhqymYOvlCnRvxigfejtNmEQrtDDvbXB3:VShqbYISRtmUrxP5","tlshash":"3e8423008b958c436dfe75d818b46cebf9fea144ab7a23e4012a19cc9ddac1fd573069","first_seen":"2026-06-28T13:10:17.148023Z","last_seen":"2026-06-28T14:05:40.087718Z","times_seen":2,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"winx7com.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"node94.aizhantj.com:21233/tjjs/?k=8qw1rl29ju6","fqdn":"node94.aizhantj.com","domain":"aizhantj.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://winx7com.com/","date":"2026-06-28T14:05:08.070Z","timestamp":1782655508070,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /tjjs/?k=8qw1rl29ju6 HTTP/1.1\r\nHost: node94.aizhantj.com:21233\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://winx7com.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T21:32:16.169073Z","times_seen":16804877,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T14:05:07.013Z","timestamp":1782655507013,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winx7com.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Jun 2026 17:40:04 GMT","end":"Thu, 03 Sep 2026 18:35:58 GMT"},"fingerprint":{"sha1":"1E:CE:C6:84:9D:DA:38:01:E0:1A:2E:B9:82:24:71:3F:1B:EB:EB:B1","sha256":"1A:9C:40:FD:30:A4:A0:74:13:71:65:C4:2D:E4:4A:F6:39:E3:F9:9C:14:AE:03:74:8B:A7:E0:B4:BD:BE:4F:9F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: winx7com.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 14:05:07 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 21 Nov 2025 14:47:33 GMT\r\ncontent-encoding: zstd\r\npriority: u=0,i\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N80MYJpdV3Zurce2Pd5PDfsBQ9ATTWqhcBccampf4atoFmgGzaflnT%2B2LOhLFbCWc3pK89RqYn9zd%2FrSsK8Q04NLTNlZSp0qCTmynFuGOJc%2FFViMPPzLEMDCpuOODJA%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a12d3e9708d05696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10560,"size_decoded":4250,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (974)","md5":"86671d38953bd0394b343e24d608bba9","sha1":"212db02505a43f1e7eb5f9fd9c810cda6207c5eb","sha256":"853dc7fe344f7ca22dd9a87297e06c43f7109a0aff40960c906293bcae37a8c7","sha512":"78bae1b1b5cc78086c7d3396c6d9f886192b4af6d93fb23c00ce1650e85fe79c36fb6b8ba8f04e171460e2e18de4bf14f580d6b5ade73cb356ebb451394fb377","ssdeep":"192:lihFSV6Iy00YKEOPF4lzYMcmCQ0l0BkfWiDqBgYNOMupI:liHSwIAPqsM0gA5qBpNOMiI","tlshash":"f122753508ea9137422342c06a9aaf5bfdc48117e02fe845b5ed0fa90fcad86dd5bd19","first_seen":"2026-06-28T13:10:17.153762Z","last_seen":"2026-06-28T14:05:40.089506Z","times_seen":2,"resource_available":true,"data":null}},"time_used":384,"timings":{"blocked":-1,"dns":7,"connect":19,"send":0,"wait":357,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"winx7com.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/static/p5jbsta/styles.css","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://winx7com.com/","date":"2026-06-28T14:05:07.717Z","timestamp":1782655507717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winx7com.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Jun 2026 17:40:04 GMT","end":"Thu, 03 Sep 2026 18:35:58 GMT"},"fingerprint":{"sha1":"1E:CE:C6:84:9D:DA:38:01:E0:1A:2E:B9:82:24:71:3F:1B:EB:EB:B1","sha256":"1A:9C:40:FD:30:A4:A0:74:13:71:65:C4:2D:E4:4A:F6:39:E3:F9:9C:14:AE:03:74:8B:A7:E0:B4:BD:BE:4F:9F"}}},"request":{"raw":"GET /static/p5jbsta/styles.css HTTP/1.1\r\nHost: winx7com.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://winx7com.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 14:05:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 12 Oct 2025 07:49:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68eb5d78-20c3\"\r\nexpires: Mon, 29 Jun 2026 00:37:03 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 5284\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UhRiVHDtgzvp9GP7dbNqElS2dYLQBMvQKDTMaHtNRMO7vi11vdWCQMEhMBMZi%2F9nyJOZuWWD2Z3azc7jh1Bbkeso%2FMATngNCvCw83dnRs61bOnDSGqxtJXmgbYHK7Js%3D\"}]}\r\ncf-ray: a12d3e9b38f85696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8387,"size_decoded":3022,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"90d31f93bdb61c672af28e5a0ce39a26","sha1":"6dc8e71abb0bbf0ed21ffed0c4dace2cc6c66715","sha256":"7824ec4a0420fe77f0218249768c9da86f3dd8683971aede0dca6b36f45423e3","sha512":"8efcf55c0c57092a5aa76eedc3ae9e77c6f840f4729c496ad0457900e566125f69e29204eb4deff7c998c92c6499cb882e32b69e8c036003ed063d39258ed812","ssdeep":"192:0ByZ/8pHKv8fFboPH7cX8fa7sUQNvJR7Md5rvXP5MwlaLoFfcbe:ZY28fFbCH7C8fE5Qtj72xPFlTFT","tlshash":"310233a526b46564b83be068299ecf14b23c8001991ffdb939e9201c1ec53fd5da3f9d","first_seen":"2025-07-01T03:03:35.466477Z","last_seen":"2026-06-28T17:55:37.264011Z","times_seen":22,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"winx7com.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/static/p5jbsta/3.jpg","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://winx7com.com/","date":"2026-06-28T14:05:07.723Z","timestamp":1782655507723,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winx7com.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Jun 2026 17:40:04 GMT","end":"Thu, 03 Sep 2026 18:35:58 GMT"},"fingerprint":{"sha1":"1E:CE:C6:84:9D:DA:38:01:E0:1A:2E:B9:82:24:71:3F:1B:EB:EB:B1","sha256":"1A:9C:40:FD:30:A4:A0:74:13:71:65:C4:2D:E4:4A:F6:39:E3:F9:9C:14:AE:03:74:8B:A7:E0:B4:BD:BE:4F:9F"}}},"request":{"raw":"GET /static/p5jbsta/3.jpg HTTP/1.1\r\nHost: winx7com.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://winx7com.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 14:05:07 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 12 Oct 2025 07:49:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\nvary: Accept-Encoding\r\netag: W/\"68eb5d7b-49ab0\"\r\nexpires: Tue, 28 Jul 2026 12:37:03 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\nage: 5284\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XZeE50lcp4ch6ULv1mf%2B%2Ftek1J2i%2F5X1izPkIbKa5Pcvigoh1z0QRk%2BbTBgLpkOwM6Ml8xUgI017dN9%2BgrKhl1vkmPfr3RP9RJOk8t94HJKLKUkDW5HLS58sWxGITck%3D\"}]}\r\ncf-ray: a12d3e9b48fa5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":301744,"size_decoded":301470,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 1365x1024, components 3","md5":"fc7575fe3ae8408c5f78201f1207bd7b","sha1":"15d9797aac643d02bc97e8bcbf13d4fc4bdee228","sha256":"4f058bd96f94ee780da2d614eddfe24a74e5b7724a0d349dd41d8a686d8b488e","sha512":"6a41870b926f84c877c3c47ca173139910199575f992adef6ecc2bb5ff2b09225b8f9bbcaa055dfcf14d2066d993f0307f94c285c9cd17233fb6d7b896e9857c","ssdeep":"6144:wvuxDK7G+0bbyx9YbT5MTu2ZGMneALeClKKfUmNHghX02jOb:pDsiOx9Yb9MTu5MneALeyLdghX02ab","tlshash":"b45422189e9b0bc79c504fedf1c6297e1079f56d4ebba5c8caca7e3d3350a5429c4882","first_seen":"2026-06-28T13:10:17.146899Z","last_seen":"2026-06-28T14:05:40.092722Z","times_seen":2,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"winx7com.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/static/p5jbsta/email-decode.min.js","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://winx7com.com/","date":"2026-06-28T14:05:07.727Z","timestamp":1782655507727,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winx7com.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Jun 2026 17:40:04 GMT","end":"Thu, 03 Sep 2026 18:35:58 GMT"},"fingerprint":{"sha1":"1E:CE:C6:84:9D:DA:38:01:E0:1A:2E:B9:82:24:71:3F:1B:EB:EB:B1","sha256":"1A:9C:40:FD:30:A4:A0:74:13:71:65:C4:2D:E4:4A:F6:39:E3:F9:9C:14:AE:03:74:8B:A7:E0:B4:BD:BE:4F:9F"}}},"request":{"raw":"GET /static/p5jbsta/email-decode.min.js HTTP/1.1\r\nHost: winx7com.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://winx7com.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 14:05:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 12 Oct 2025 07:49:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68eb5d78-4d7\"\r\nexpires: Mon, 29 Jun 2026 00:37:03 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nage: 5284\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6Px709HtMfBjPDlEUWVKaESkPubXi9qU43olkOjzaJtIFGCt4jTvsikRtOFuJrfVXshhGyhQa%2Fp11AK2RzGugp9ui34qK6PDXnNRzJBOs%2FL3%2BloLE90N675DEpJvRgU%3D\"}]}\r\ncf-ray: a12d3e9b48fd5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":1421,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-28T21:31:59.16834Z","times_seen":380925,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"winx7com.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"winx7com.com/static/p5jbsta/favicon.ico","fqdn":"winx7com.com","domain":"winx7com.com","tld":"com"},"ip":{"addr":"104.21.56.127","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://winx7com.com/","date":"2026-06-28T14:05:08.075Z","timestamp":1782655508075,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"winx7com.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Jun 2026 17:40:04 GMT","end":"Thu, 03 Sep 2026 18:35:58 GMT"},"fingerprint":{"sha1":"1E:CE:C6:84:9D:DA:38:01:E0:1A:2E:B9:82:24:71:3F:1B:EB:EB:B1","sha256":"1A:9C:40:FD:30:A4:A0:74:13:71:65:C4:2D:E4:4A:F6:39:E3:F9:9C:14:AE:03:74:8B:A7:E0:B4:BD:BE:4F:9F"}}},"request":{"raw":"GET /static/p5jbsta/favicon.ico HTTP/1.1\r\nHost: winx7com.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://winx7com.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 14:05:08 GMT\r\ncontent-type: image/x-icon\r\netag: W/\"68eb5d79-b71\"\r\nlast-modified: Sun, 12 Oct 2025 07:49:13 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I8zdf51I9RwUAxzjVDN0wTt6YWizFwA1rLj%2Ft9qw691r7KQs%2B15Yjni1eefWoBWq3PXsJZlKOVfLygh%2F7cOa4SUinLaepDceAs14uy8k%2F0c01ngXghe3oi9UmvQoHjc%3D\"}]}\r\nage: 5277\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a12d3e9d79235696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2929,"size_decoded":3621,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"a260035885e53d6bf3f8e5b2124ab66b","sha1":"a6aa39124813a7b42bdc149df47a689995f04c45","sha256":"efcfda82ee965c8a0a128d6125df1bf14a6e42db5e54998b1c8ec64a38ef87a0","sha512":"30ca50f9a5d3312de179807c38602b3e96372df42c8e792438589c63b28b865ec0ecfb1f6c8a630aee68fc1de6166df5087774fecb7768d6736efddb445686b4","ssdeep":"","tlshash":"90516dd617c66179ad040d5ed7c532d31a93c1f7c9c7ad82a845715f84a2b530103d0e","first_seen":"2026-06-28T13:10:17.149581Z","last_seen":"2026-06-28T14:05:40.093998Z","times_seen":2,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"winx7com.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"winx7com.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}