{"report_id":"9f829c93-4c05-4df2-8fbb-135634991702","version":0,"status":"done","tags":[],"date":"2026-07-15T00:26:43Z","url":{"schema":"http","addr":"gwcnexpouy.info/en-eu","fqdn":"gwcnexpouy.info","domain":"gwcnexpouy.info","tld":"info"},"ip":{"addr":"47.242.161.22","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"New Private Tab","dom":{"size":4247,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"6e9d79033160646e6ed81df948da679e","sha1":"bb8a92e87155ddda957713980f710304543985fd","sha256":"76d864e914de9707c3011c1ed024f6aecd405072cb2547e0378133ca192c001b","sha512":"12824c1e692547d028f2c217594ee49f513e10dd68f0a634e396e5dd0e044b41fc7bd325c77a949c779e7563dc41adb4e45ca8e49e5e13b7d420184e6de4f5b2","ssdeep":"96:DJFs1Bx13gb61j1l0K7gx10UFZV4jl22D+i8kDNLeOl:H61rp2mULV4jM2D+z0sI","tlshash":"b69141a544f5663b18a386a9e9d17f479f816607ce8d29417baf00e31f87d54846f20c","dom_hash":"domhashe55c5b0a9b0c37e90d2a11b31f2bc448","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gwcnexpouy.info/en-eu","fqdn":"gwcnexpouy.info","domain":"gwcnexpouy.info","tld":"info"},"ip":{"addr":"47.242.161.22","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-19T00:26:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":9}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-15","alert":"Phishing Block","trigger":"gwcnexpouy.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"www.gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-15","alert":"Phishing Block","trigger":"www.gwcnexpouy.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"www.gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"www.gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"www.gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"gwcnexpouy.info","ip":{"addr":"47.242.161.22","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-07-15T00:26:43.250731Z","last_seen":"2026-07-15T00:26:43.250731Z","alert_count":4,"request_count":1,"received_data":428,"sent_data":489,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.gwcnexpouy.info","ip":{"addr":"170.33.96.18","port":443,"asn":134963,"as":"Alibaba Cloud Singapore Private Limited","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":5,"request_count":1,"received_data":2265,"sent_data":493,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gwcnexpouy.info/en-eu","fqdn":"gwcnexpouy.info","domain":"gwcnexpouy.info","tld":"info"},"ip":{"addr":"47.242.161.22","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-15T00:26:06.749Z","timestamp":1784075166749,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gwcnexpouy.info","organization":""},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 09 Feb 2026 00:00:00 GMT","end":"Mon, 08 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"B4:89:1F:1F:F3:1D:C1:9C:EA:7C:13:9D:30:AF:4A:F6:6F:C7:95:16","sha256":"5A:31:E5:4A:5A:A2:46:77:AC:1D:8E:BF:5F:C3:D5:0D:3B:29:F1:13:42:11:DC:0A:84:F2:4D:2D:A7:3B:BC:B6"}}},"request":{"raw":"GET /en-eu HTTP/1.1\r\nHost: gwcnexpouy.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 \r\ndate: Wed, 15 Jul 2026 00:26:40 GMT\r\ncontent-type: text/html\r\ncontent-length: 134\r\nlocation: https://www.gwcnexpouy.info/en-eu\r\nset-cookie: acw_tc=2ff2a11617840752000627293e756a4c130f58dfe288d6681ade6a5b83220f;path=/;HttpOnly;Max-Age=1800\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-15T05:18:37.852892Z","times_seen":17256565,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-15","alert":"Phishing Block","trigger":"gwcnexpouy.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gwcnexpouy.info/en-eu","fqdn":"www.gwcnexpouy.info","domain":"gwcnexpouy.info","tld":"info"},"ip":{"addr":"170.33.96.18","port":443,"asn":134963,"as":"Alibaba Cloud Singapore Private Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-15T00:26:40.229Z","timestamp":1784075200229,"http_version":"HTTP/2","security_state":"","security_info":null,"request":{"raw":"GET /en-eu HTTP/1.1\r\nHost: www.gwcnexpouy.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 15 Jul 2026 00:26:41 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nx-ratelimit-remaining-minute: 119\r\nratelimit-limit: 120\r\nratelimit-remaining: 119\r\nratelimit-reset: 20\r\nx-ratelimit-limit-minute: 120\r\nset-cookie: aliyungf_tc=e776ca640ebf488e787b7b39c521f201986b5a20fc208c2eea339b71201bbecc; Path=/; HttpOnly\ntraceId=2141240752008390001; path=/\ndevId=292bc234-3fb3-46a3-81aa-9fbb99b58228; path=/; max-age=34560000; expires=Thu, 19 Aug 2027 00:26:40 GMT\nok_site_info==0XOzojI5RXa05WZiwiIMFkQPx0Rfh1SPJiOiUGZvNmIsIyTOJiOi42bpdWZyJye; path=/; max-age=34560000; expires=Thu, 19 Aug 2027 00:26:40 GMT\nlocale=en_US; path=/; max-age=31536000; expires=Thu, 15 Jul 2027 00:26:40 GMT\nok-exp-time=1784075200844; path=/; max-age=34560000; expires=Thu, 19 Aug 2027 00:26:40 GMT; httponly\nok_prefer_exp=1; path=/; max-age=10; expires=Wed, 15 Jul 2026 00:26:50 GMT\nok_prefer_currency=7%7C1%7Cfalse%7CEUR%7C2%7C%E2%82%AC%7C0.8754%7C0.8754%7CEUR; path=/; max-age=34560000; expires=Thu, 19 Aug 2027 00:26:40 GMT\nok_prefer_cm=3; path=/; max-age=34560000; expires=Thu, 19 Aug 2027 00:26:40 GMT\nok_prefer_udColor=0; path=/; max-age=34560000; expires=Thu, 19 Aug 2027 00:26:40 GMT\nok_prefer_udTimeZone=0; path=/; max-age=34560000; expires=Thu, 19 Aug 2027 00:26:40 GMT\r\ncontent-security-policy: frame-ancestors 'self';\r\nlink: \u003chttps://static.okx.com\u003e; rel=preconnect; crossorigin, \u003chttps://www.google-analytics.com\u003e; rel=preconnect; crossorigin, \u003chttps://www.googletagmanager.com\u003e; rel=preconnect; crossorigin, \u003chttps://static.okx.com/cdn/assets/files/2411/58251908C91AAF59.mp4\u003e; as=video; rel=preload, \u003chttps://static.okx.com/cdn/assets/imgs/2410/91BC957E03CF63D9.jpeg?x-oss-process=image/format,webp/ignore-error,1\u003e; as=image; rel=preload\r\netag: W/\"15045-jVObTzEFiS1lClyvz8dBSdFc7Ro\"\r\ncache-control: no-cache, max-age=0, must-revalidate\r\nx-okfe-serverless-traceid: 2141240752008390001\r\nx-render-type: ALL_SSR\r\ncross-origin-opener-policy: same-origin-allow-popups\r\nx-download-options: noopen\r\nx-readtime: 43\r\nx-brokerid: 0\r\nstrict-transport-security: max-age=31536000\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nx-frame-options: SAMEORIGIN, DENY\r\nx-content-type-options: nosniff, nosniff\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-15T05:18:37.852892Z","times_seen":17256565,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"www.gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-15","alert":"Phishing Block","trigger":"www.gwcnexpouy.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"www.gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"www.gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-15","alert":"Sinkholed","trigger":"www.gwcnexpouy.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}
