{"report_id":"9c79305b-5de1-41ef-9e99-75e0c8f529b6","version":6,"status":"done","tags":[],"date":"2025-10-19T21:02:28Z","url":{"schema":"http","addr":"dingtezuni.com/embed/orwo6jn004tr","fqdn":"dingtezuni.com","domain":"dingtezuni.com","tld":"com"},"ip":{"addr":"172.67.128.200","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"dingtezuni.com/embed/orwo6jn004tr","fqdn":"dingtezuni.com","domain":"dingtezuni.com","tld":"com"},"title":"dingtezuni.com/embed/orwo6jn004tr"},"submit":{"url":{"schema":"http","addr":"dingtezuni.com/embed/orwo6jn004tr","fqdn":"dingtezuni.com","domain":"dingtezuni.com","tld":"com"},"ip":{"addr":"172.67.128.200","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-23T21:02:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"dingtezuni.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"dingtezuni.com","ip":{"addr":"172.67.128.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-24","domain_rank":0,"first_seen":"2025-09-27T03:28:28.363361Z","last_seen":"2025-10-15T16:57:10.787374Z","alert_count":3,"request_count":3,"received_data":23832,"sent_data":1451,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"dingtezuni.com/embed/orwo6jn004tr","fqdn":"dingtezuni.com","domain":"dingtezuni.com","tld":"com"},"ip":{"addr":"172.67.128.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-19T21:02:06.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dingtezuni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:29:26 GMT","end":"Tue, 23 Dec 2025 03:26:56 GMT"},"fingerprint":{"sha1":"C3:6B:FF:70:71:B7:53:9C:39:70:89:73:7C:AC:27:34:A9:E3:B1:C7","sha256":"17:BA:35:14:7A:3F:85:C0:9D:C9:C6:79:EA:E7:21:BD:80:33:99:62:01:D4:25:5C:8D:7F:C1:0E:B6:C7:30:83"}}},"request":{"raw":"GET /embed/orwo6jn004tr HTTP/1.1\r\nHost: dingtezuni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Oct 2025 21:02:06 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 18 Oct 2025 21:02:06 GMT\r\nvary: accept-encoding\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TPGHQ2HXGSnYYQJ%2B4p1gjqSDtdjATP7bRDnnc%2FtXM%2FXxEilgLaGexOCLvPEe%2FThIsD8sNymVOlLyiLck6eAo31%2FKOoVW14oX%2B3X7%2Bw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: lang=1; HttpOnly; Path=/; Domain=dingtezuni.com\r\ncf-ray: 991336eb8c44569a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":419,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"28e2cb412461a91bcd1d962ad2b495af","sha1":"f066c4a86743073e4aaef79f5bb122aeec21a54b","sha256":"64fcaa7ba46efe54716fd385a200eff77ce5e16ca7be031c7debd65e7f7e5da6","sha512":"463750d9c3c9b8023f4eefea1d6c25a0b1ce2c10845cfcca646229f76ab942c5391e5cf97d241cb0a9e477aa563a520e32bcf62aea70242b4c4f86a221f1d39e","ssdeep":"","tlshash":"3fe023320193a03cc417a3f2d58303c6b230c3a8b75701002a3d2ab732c94d544352c4","first_seen":"2024-05-02T22:42:42Z","last_seen":"2026-02-20T02:15:12.609243Z","times_seen":23,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":23,"dns":1,"connect":1,"send":0,"wait":91,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"dingtezuni.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dingtezuni.com/images/player_blank.jpg","fqdn":"dingtezuni.com","domain":"dingtezuni.com","tld":"com"},"ip":{"addr":"172.67.128.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dingtezuni.com/embed/orwo6jn004tr","date":"2025-10-19T21:02:07.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dingtezuni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:29:26 GMT","end":"Tue, 23 Dec 2025 03:26:56 GMT"},"fingerprint":{"sha1":"C3:6B:FF:70:71:B7:53:9C:39:70:89:73:7C:AC:27:34:A9:E3:B1:C7","sha256":"17:BA:35:14:7A:3F:85:C0:9D:C9:C6:79:EA:E7:21:BD:80:33:99:62:01:D4:25:5C:8D:7F:C1:0E:B6:C7:30:83"}}},"request":{"raw":"GET /images/player_blank.jpg HTTP/1.1\r\nHost: dingtezuni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dingtezuni.com/embed/orwo6jn004tr\r\nCookie: lang=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 21:02:07 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5975\r\nlast-modified: Tue, 30 Jan 2024 23:42:11 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WmCkXf5Agdt1OekeFQ%2FZDhmEX0wcRvHDu0QvV9Win0tBOPBMn6RS%2BwHSGXSl7w%2BlWIK3OPihpsWywlOMCmo%2FFhnzzmkjftIO3E4mf3Cw\"}]}\r\netag: \"65b98953-1757\"\r\nexpires: Wed, 22 Oct 2025 20:21:57 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nage: 348009\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 991336ee28b2b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5975,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 701 x 326, 8-bit/color RGB, non-interlaced","md5":"0ebaac91ffab91fcbd5bde55a8261faf","sha1":"0080b2f8dc8bf7839283fd8a3687f6082d24c793","sha256":"612d451e190151228735e9560874db1a4086d22d176c2ec97e764614827e41b8","sha512":"bf7f3ac255ef1e9fa2a8baabadcf113061eb2f377ce1f9caf5ac5c594c7f56caf6ab4fbd2444fa86a58ded524362f398aaafcf33de0fd7354c2dbbb7d5fc8896","ssdeep":"96:V6Aee8A63njWfKvw0rUkXMhizZxgt9rwygyAtgO5hctXlRgoL:qeLUKfN04jMZeXrjyc5lRP","tlshash":"13c16bf39275d006dd94aaf3592e4be14c230bd41aba18c9969727cc03e6d245371e2b","first_seen":"2024-08-19T21:10:57.741198Z","last_seen":"2026-02-20T02:15:12.596179Z","times_seen":19,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"dingtezuni.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dingtezuni.com/favicon.ico","fqdn":"dingtezuni.com","domain":"dingtezuni.com","tld":"com"},"ip":{"addr":"172.67.128.200","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dingtezuni.com/embed/orwo6jn004tr","date":"2025-10-19T21:02:07.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dingtezuni.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:29:26 GMT","end":"Tue, 23 Dec 2025 03:26:56 GMT"},"fingerprint":{"sha1":"C3:6B:FF:70:71:B7:53:9C:39:70:89:73:7C:AC:27:34:A9:E3:B1:C7","sha256":"17:BA:35:14:7A:3F:85:C0:9D:C9:C6:79:EA:E7:21:BD:80:33:99:62:01:D4:25:5C:8D:7F:C1:0E:B6:C7:30:83"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: dingtezuni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dingtezuni.com/embed/orwo6jn004tr\r\nCookie: lang=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 19 Oct 2025 21:02:07 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\nlast-modified: Fri, 13 Dec 2024 09:23:18 GMT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sun, 26 Oct 2025 21:02:07 GMT\r\ncache-control: max-age=604800\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block\r\netag: W/\"675bfd06-3aee\"\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WsuLuDQlILXopfTLJG%2BfAgZBahfxSgRum%2B%2BnskztkWmtmd55RqNmqXE2Eo4CE%2B%2FtjOGRZory85WZxPVd1z9hPDUExHfBf6cuFvCqP2YY\"}]}\r\ncf-ray: 991336ee38b4b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"cd3c94c2d199e859a3610cd040ff594e","sha1":"7ebedd759c2aacbbecc45c944593182a94ad90a9","sha256":"c48e855c11481fdc9e9f5d965e443b460da5b5f1bfc5b22581e687eebb19dc3f","sha512":"b3ae3ca3e8507d6ad0767d35f62857e94231fbf8b8b0f16132fff259ae79808f9eababc4ee219acf718f7f8afd6181686f626b49497d5d1ab48be92d6fc3e150","ssdeep":"96:jHuHSRJps367eXAbnMsEuylJ+/1uCkV4kB/8NdbsU0w:jOyRJps38eQbnHye/1I4Pj4Q","tlshash":"5f62df08b3535500d07032ff5c120bd1e7adfe5975a73303a2b8ad9c7a6927a6bce924","first_seen":"2025-08-10T07:46:32.926699Z","last_seen":"2026-03-25T11:40:47.051333Z","times_seen":14,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-19","alert":"Sinkholed","trigger":"dingtezuni.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}