{"report_id":"bdc9ada9-41a2-43ca-8a38-dd9cfdf81208","version":6,"status":"done","tags":[],"date":"2026-04-20T16:13:30Z","url":{"schema":"http","addr":"www.0185021.com/","fqdn":"www.0185021.com","domain":"0185021.com","tld":"com"},"ip":{"addr":"103.60.109.176","port":0,"asn":55720,"as":"Gigabit Hosting Sdn Bhd","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"bg2882.com/","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"title":"宾果游戏","dom":{"size":6072,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (390)","md5":"3e52c71f821385fa59bdcfa97f99a013","sha1":"9ebef6a024ac99fa3df1e71262bbedbfff526eca","sha256":"b87e18c3d286cef4777eb77f9d211954dec9787890ab9b0ea4d8b6bcb8cebee0","sha512":"bcc697ecfaddb45031512e2cdd98e80d5ba84af106e6675395110af60660fa94b01ec77661d0b32f2b96ce4462026e094c4cac9613e7542247b9da7bd2bb1a8d","ssdeep":"48:fzSA0fo73ihDHAZA1qtDfrnjdBv3GBWBFr8lEzcZyEZ7TQ+kBC5jJBVsQID:jihDHAu1qtDfrnjHvAgFr8l0PrCt/ID","tlshash":"c4c1db6444f20126029390956e36bb1abf91e60bda0f4540b6ec9fe89fd3d9bcd6780d","dom_hash":"domhash1ecb802c4b7f6b68fef52619ed2b89d5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.0185021.com/","fqdn":"www.0185021.com","domain":"0185021.com","tld":"com"},"ip":{"addr":"103.60.109.176","port":0,"asn":55720,"as":"Gigabit Hosting Sdn Bhd","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-25T16:13:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bg2882.com","ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-12-27T17:04:42.048114Z","last_seen":"2026-01-27T07:23:34.316271Z","alert_count":18,"request_count":18,"received_data":1936724,"sent_data":7804,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"www.0185021.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":6144,"sent_data":884,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bg2882.com/","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"43720b4c40cd36fb09d709e14be68f0a","sha1":"72bcb1e914d8b95bcc22f36d00c1100bc2756cab","sha256":"24f877d75d0733e65cf5a5ed42e4347c05de362cfad420592a953938957c1bb7","sha512":"67606d39062f5776adf8c2b58a7361ffe11f6f86326dffc564f586f6d72f7202db6ef7ce53710c543bb0ab80627d9dbfd425846b14a58702d716a8fe226de86f","ssdeep":"","tlshash":"fbe04f8e04821158669331b9ae0f3a54647311ab4d0ce5447a8dda50bb66bbf8727ecf","size":369,"data":"","first_seen":"2026-04-20T16:13:42.633064Z","last_seen":"2026-04-20T16:13:42.633064Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"f40fdaa667851cc1dbbe9bc7d115c336","sha1":"376733770e745662db48a47e7366e2632744a205","sha256":"f1af696d19da2ee2bca79acf41c78c10eab644c9984fa99ff14a12eadc801ae3","sha512":"cfdab62e96d7477ef65dfcb71597001a37db1390b9f5d33fa767564ba86ab393c0b11ae0d32559d8b962ddc0faff691bcc82fcc6668c1e3f559aa8ad97cfa078","ssdeep":"","tlshash":"ee11d26d52f6112606e3515a5b3bbe0a3f56d00be80b0241f6accfe10f93c9bd97694d","size":1046,"data":"","first_seen":"2025-03-05T04:38:56.052525Z","last_seen":"2026-04-20T16:13:42.634583Z","times_seen":152,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/js/MobEpp-1.1.1.js","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"2913c95d92d337f1167e6d22ba37c7ab","sha1":"caf055a9dcf67419c130c59939d157b4d8198449","sha256":"9ad877d1794544b0ef470489823d2ba7bf08641791c4b9dc878e70203ede91a1","sha512":"ff071e57e2ea4c0641a49656ad9fdf5d475acc0169c8f1f5f546dfd792420ca84489faa9bf985ab0c1afa11e3826a19b3e55c43666fa96b3b774faf0e5df873d","ssdeep":"384:zRdb6NwPOxwVwPsXG4ZyYozO3AHxUfz5x0wDXaYvxl+L27zksBxCCySftABJoZ6h:zv6yPOxjKLbLK2PQ9EdVJOUHPvq","tlshash":"0db27258fb4c14a540b7b0be0a5f19cab43c0073ba488c55bc7ca9b46ff495e222ed79","size":24226,"data":"","first_seen":"2023-05-01T23:17:15Z","last_seen":"2026-04-20T16:13:42.623267Z","times_seen":296,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/js/rem.js","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3aaeee756d0c13a4f9e2d8896efa2b42","sha1":"1168299e698d3f6dd2c41605270a3f0a3d2afd0e","sha256":"6eb3c767c1999a045dbb0d0d5b6784e944ed2fc4372fa16dfe0c43eba664717a","sha512":"9147b30bbd3893043e0513e62d1a21348153bb53f27f3001ff615a7519b5e4e8984883c130986a3205b756c0312eec009fdd3372d0877d61219a1acb87dbed0d","ssdeep":"","tlshash":"0001b16664912538570b000eaa27626d7ab795231327d443b81cad2a5fe1e430a75bac","size":820,"data":"","first_seen":"2023-10-15T03:36:25Z","last_seen":"2026-04-20T16:13:42.614926Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/js/swiper-4.2.0.min.js","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3dfcd6886034aee5bd66d69173451687","sha1":"a6af232a03e32496321d03ac44681470ea84ba3e","sha256":"a5936a69820a7e5ded4f5f698618e45dc2544845d0ed6316bda0645c5cb52787","sha512":"6ec67d9ee28b2aa5c8b628a47d1b9059a2dacec3b7ab244c5a953300aaf980b68fbfbfa376b0582ba0ddefe331c89f9b2ad88d23e0121dea22c8c4aaac47ddfd","ssdeep":"3072:Od9ISQEa03TT0RKcV/YDCbY5jmNCYBh4ogtQPrsCUbNq:YQfVRKceDCbY5jmNCYBh4ogIsCUpq","tlshash":"5cd3b41b63e0363a85c7e157ae5eca44a379150d7342989c3a6c88d99c78c3c07bdef9","size":137566,"data":"","first_seen":"2023-10-15T03:36:25Z","last_seen":"2026-04-20T16:13:42.628217Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/js/jquery-2.2.4.min.js","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"74552761837f6e53f5493baeb6af0f67","sha1":"2719997974b2b3351cd01dae673dd77141b24746","sha256":"f45de0675cc3b80fedbf2fe47f5ee2844defdef08abb5770c3bf191fd6de06da","sha512":"fa196e8734c36ad2a5f541d97c245b642617e2bdb99a4069760505b535c7d0b6ede194d65328d9f6713b0c999a18c30a1ace0fe4c71480112dab75c10896d8c0","ssdeep":"1536:i+ay1IdEsN0iOt8xKefVBi1ljSmv3Pl9dXbdcUBVP2JBPgsFVAmcyTobhLjElfor:JIP6lLmisfoVJJzPY+7rIVOLR+hw","tlshash":"8ea38189b3d5313e8647f0b2ddafcc45f179595962c8889d950cc4a86c708788bbeeec","size":103267,"data":"","first_seen":"2023-10-15T03:36:25Z","last_seen":"2026-04-20T16:13:42.616617Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"bg2882.com/js/rem.js","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /js/rem.js HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 820\r\nlast-modified: Thu, 07 Mar 2024 07:41:52 GMT\r\netag: \"65e96fc0-334\"\r\nexpires: Tue, 21 Apr 2026 04:13:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":820,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"3aaeee756d0c13a4f9e2d8896efa2b42","sha1":"1168299e698d3f6dd2c41605270a3f0a3d2afd0e","sha256":"6eb3c767c1999a045dbb0d0d5b6784e944ed2fc4372fa16dfe0c43eba664717a","sha512":"9147b30bbd3893043e0513e62d1a21348153bb53f27f3001ff615a7519b5e4e8984883c130986a3205b756c0312eec009fdd3372d0877d61219a1acb87dbed0d","ssdeep":"","tlshash":"0001b16664912538570b000eaa27626d7ab795231327d443b81cad2a5fe1e430a75bac","first_seen":"2023-10-15T03:36:25Z","last_seen":"2026-04-20T16:13:42.614926Z","times_seen":170,"resource_available":true,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/js/jquery-2.2.4.min.js","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /js/jquery-2.2.4.min.js HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 07 Mar 2024 07:41:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e96fc0-19363\"\r\nexpires: Tue, 21 Apr 2026 04:13:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":103267,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (38531)","md5":"74552761837f6e53f5493baeb6af0f67","sha1":"2719997974b2b3351cd01dae673dd77141b24746","sha256":"f45de0675cc3b80fedbf2fe47f5ee2844defdef08abb5770c3bf191fd6de06da","sha512":"fa196e8734c36ad2a5f541d97c245b642617e2bdb99a4069760505b535c7d0b6ede194d65328d9f6713b0c999a18c30a1ace0fe4c71480112dab75c10896d8c0","ssdeep":"1536:i+ay1IdEsN0iOt8xKefVBi1ljSmv3Pl9dXbdcUBVP2JBPgsFVAmcyTobhLjElfor:JIP6lLmisfoVJJzPY+7rIVOLR+hw","tlshash":"8ea38189b3d5313e8647f0b2ddafcc45f179595962c8889d950cc4a86c708788bbeeec","first_seen":"2023-10-15T03:36:25Z","last_seen":"2026-04-20T16:13:42.616617Z","times_seen":170,"resource_available":true,"data":null}},"time_used":549,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":549,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/img/311259_153x29.png","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /img/311259_153x29.png HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 1013\r\nlast-modified: Tue, 12 Mar 2024 06:55:47 GMT\r\netag: \"65effc73-3f5\"\r\nexpires: Wed, 20 May 2026 16:13:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":1013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 153 x 29, 4-bit colormap, non-interlaced","md5":"9f5016fd0b87133fca7a6bfa9df04ac4","sha1":"df58edcdccaf360461bc2838884c126084440f5b","sha256":"21a702dab5574a40f278eeee98b2621e6c32bbfb55ef3053993c02e9ebec755d","sha512":"800a8af808e5b19868109a9aa01a32f776a01aa3b1c343ccd588a5b7ad572f93b519150eacb3532833d9a7f8cac1fa986faa8445af49ec52516b4f1a976fa91b","ssdeep":"","tlshash":"b911988d9b237f61e99b14f54b85d96ee83d01a0836732117c759bcf4933e804882497","first_seen":"2023-05-14T19:51:38Z","last_seen":"2026-04-20T16:13:42.617728Z","times_seen":180,"resource_available":false,"data":null}},"time_used":1099,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1095,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/img/kf.png","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /img/kf.png HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 9788\r\nlast-modified: Tue, 12 Mar 2024 06:55:48 GMT\r\netag: \"65effc74-263c\"\r\nexpires: Wed, 20 May 2026 16:13:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":9788,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 195, 8-bit colormap, non-interlaced","md5":"547a8d0806c1a0be78f795d4b7da090d","sha1":"22b4e1766dfbd7104ebb248bba50c3b7a8c53f41","sha256":"c18cfbece402035e70752ebafc5459ecf125fc954e1297c831cf3e3377cefb6e","sha512":"02c9589e77dd7027d052fcbd14f61e2258f942b079554366e4c6dc0b4bc81dac82e496c7d488d78ad7dbdf869c35590d7cd66acf7ba0a9b33aa77075e4f10fc2","ssdeep":"192:qeluZjZGHxV2wEZMDyth3Ig0BI2Y7UCox9+D4bSMmQvStnNROI6ORvw4uP7:34ZYDcYyTkBg7vO1ebNIID+tP7","tlshash":"be12bffb539a3440c39cad3323cf24481123ba67a62a7f74399405aab9c8013ad9db1c","first_seen":"2023-05-14T19:51:38Z","last_seen":"2026-04-20T16:13:42.618723Z","times_seen":181,"resource_available":false,"data":null}},"time_used":1374,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1094,"receive":280,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/img/bg.jpg","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:12.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /img/bg.jpg HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/css/style.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:12 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 19375\r\nlast-modified: Tue, 12 Mar 2024 06:55:48 GMT\r\netag: \"65effc74-4baf\"\r\nexpires: Wed, 20 May 2026 16:13:12 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19375,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x3325, components 3","md5":"3e3e8efb96f3bd30cca329521a547724","sha1":"c16580c84b30de2303b8065c28cdb9e4d4008a8f","sha256":"2cbc2d5380f5ce93a93d5b5980ca2306df46dd8ca82cca69535b6adfe4895b31","sha512":"998d9677596ff94450246b4fbf07f5139464aeb983d232aeb07ef2f77b28b33c27a4d996d6036996283e22b7940f2504df70576990fff4891120b9c40076b877","ssdeep":"96:qbADkuHW+pyIu7JsUv+u5xhoUSaNK3cqiWnvpyXn4L/GTcSq0dFcbl6h4lCRSF+K:7kJfZ76uoacbYXn4zccSq0dYZ8R9v+26","tlshash":"869229d26d581177c09d29fc57e2cb01a552c97747d980efdaacbcb9bcf47888784a20","first_seen":"2023-05-14T19:51:38Z","last_seen":"2026-04-20T16:13:42.619892Z","times_seen":167,"resource_available":false,"data":null}},"time_used":768,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":766,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/img/btn.png","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:12.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /img/btn.png HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/css/style.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 3506\r\nlast-modified: Tue, 12 Mar 2024 06:55:48 GMT\r\netag: \"65effc74-db2\"\r\nexpires: Wed, 20 May 2026 16:13:12 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":3506,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 64, 8-bit colormap, non-interlaced","md5":"beddfd8de16f613a25bf5fb23ca0a536","sha1":"99c10b4f121e69dbabca28ef0c10d3a0a8771ba6","sha256":"5be1690f917e8008ce8d617327410a4ec5a64c520aa264e67e5a3e3077f6a0e2","sha512":"41e9a9641816ad761bb60b6b48b1aac0bee1abaa19a6e40f5d788b18b1c37de6edba261b9b22747557f7b8d46531f25e53604cdee81a85c56f1bcf06065053a8","ssdeep":"","tlshash":"74716ea48386e7dbcd261f9c1177f0dd54dc4e5c414e860670b0c0bd75d49ea60cc89d","first_seen":"2023-05-14T19:51:38Z","last_seen":"2026-04-20T16:13:42.6207Z","times_seen":180,"resource_available":false,"data":null}},"time_used":764,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T16:13:10.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 26 Mar 2026 03:16:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c4a516-1718\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:2.2.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":5912,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (366)","md5":"d6559afa0799569a726015a92626ce1b","sha1":"b0dce03f4b2847b5102aa8d421f6eb0b66b8e2dd","sha256":"3528af3ba25fa3780b301b189b4863bd45de24126880c1748927570317ecf379","sha512":"d82b6a0c7ddb1c6877f2244566fb9fca144ce8b7689998a554ce938cdb6cf0a7d8ed0847200819dffd4cdf00f4dfba74661eed6684be26526a9fac6a56f4338a","ssdeep":"48:DzSA0fo73iHAZA1qtDfrnjdBv3GBWBFr8lEzcZyEZ7TQ+kBC5jJBVsQID:viHAu1qtDfrnjHvAgFr8l0PrCt/ID","tlshash":"65c1ca6444f10126029390956e36bb1b7f92e60bda0f4540b6ec8fe49fd3e9bcd6780d","first_seen":"2026-04-20T16:13:42.621559Z","last_seen":"2026-04-20T16:13:42.621559Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2312,"timings":{"blocked":1019,"dns":187,"connect":274,"send":0,"wait":274,"receive":0,"ssl":555},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/js/MobEpp-1.1.1.js","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /js/MobEpp-1.1.1.js HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 07 Mar 2024 07:41:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e96fc0-5ed2\"\r\nexpires: Tue, 21 Apr 2026 04:13:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":24274,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2913c95d92d337f1167e6d22ba37c7ab","sha1":"caf055a9dcf67419c130c59939d157b4d8198449","sha256":"9ad877d1794544b0ef470489823d2ba7bf08641791c4b9dc878e70203ede91a1","sha512":"ff071e57e2ea4c0641a49656ad9fdf5d475acc0169c8f1f5f546dfd792420ca84489faa9bf985ab0c1afa11e3826a19b3e55c43666fa96b3b774faf0e5df873d","ssdeep":"384:zRdb6NwPOxwVwPsXG4ZyYozO3AHxUfz5x0wDXaYvxl+L27zksBxCCySftABJoZ6h:zv6yPOxjKLbLK2PQ9EdVJOUHPvq","tlshash":"0db27258fb4c14a540b7b0be0a5f19cab43c0073ba488c55bc7ca9b46ff495e222ed79","first_seen":"2023-05-01T23:17:15Z","last_seen":"2026-04-20T16:13:42.623267Z","times_seen":296,"resource_available":true,"data":null}},"time_used":873,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":873,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/img/cb2c45_688x186.png","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /img/cb2c45_688x186.png HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 429294\r\nlast-modified: Tue, 10 Mar 2026 13:04:02 GMT\r\netag: \"69b016c2-68cee\"\r\nexpires: Wed, 20 May 2026 16:13:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":429294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 688 x 186, 8-bit/color RGBA, non-interlaced","md5":"0c0cfce946dd494c9af5e8ce8b6d9884","sha1":"414f6a964335137b5c747d4c9fa26aaadb9659b7","sha256":"ad0e02e0c72672b90279536d77ecea8098c7cbd798d744a9a74ccfaf1264eb6d","sha512":"228fd4c4ab8f024b48bbb350e9b29096b20061f38badb825749ced6c7acf9a9e399d72462bf8bcb91a51f8447ea30f40cd6b47000725b5fa459996640baa1015","ssdeep":"3072:L6eF4jvYq/weaQhtufwHHPwP52bExyvWCIJ9qwSZplfqj1I+56nl4ASiXKmyIOX:XFwwqxfPwP5+ZDIJ9qw6G1InnFgIOX","tlshash":"f7944d857c94a881a84db658e5fcd885dbf72ec10c30442e9fe9cc960e52edc8de58db","first_seen":"2026-04-20T16:13:42.624258Z","last_seen":"2026-04-20T16:13:42.624258Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1936,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1095,"receive":841,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/favicon.ico","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:13.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:13 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 1794\r\nlast-modified: Thu, 11 Apr 2024 09:22:00 GMT\r\netag: \"6617abb8-702\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":1794,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"a3e98d7fea69bce029aa0ad23868888e","sha1":"c2d842f09d2b8280a65e547c1387cf4085f26706","sha256":"06df35ee563e6dd360eaef079e172f35bad0160ba5eb2a685e53b0900ba8c490","sha512":"da6c7710910e0dfa415d371526c3096446712e8d2b9e390d7ca10d52a9686aa6b7ebfb582bf656ccdd86b4e349b4e45dc10d8c3f4f82e417d4993230d08ecc39","ssdeep":"","tlshash":"9831eb17d29105923195678bb85b7434cf9a8324d999496cc50fc213f4e116c81dda6f","first_seen":"2024-09-07T07:39:25Z","last_seen":"2026-04-20T16:13:42.625752Z","times_seen":34,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":678,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/css/style.min.css","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /css/style.min.css HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 07 Mar 2024 07:41:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e96fc3-2496\"\r\nexpires: Tue, 21 Apr 2026 04:13:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9366,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4f900ee5c682b4fad2d10f8fea5fd7ad","sha1":"7575a31cb99448fcc4fc8d3a97e2bde5e5571bc3","sha256":"b335adb1cf314f359782ba926f0adfe6e2f82e54b49c668fc32c70c18b53babc","sha512":"6a7093d0a09970a98a635d94badbae87d6131f5953d02c0de57c85e11649511dd38752b8a0f91021be7e9a3eef2782d61669783c775d79f4eccde0c0bab68918","ssdeep":"96:yv7i3C3VC6U303VI6jo9Q+1ecbv8qITJWvDhKR2BHvkkpL9+0gRCHQqcFLgXWAFX:I4bxjdHQ1FcvGEulyJ9fWMdDmNvv9U","tlshash":"971232646a213858de1fd59c7ddc1bf94e1d8092ef0f4d5ab5273cb8c78b6a00472aca","first_seen":"2025-04-13T05:13:28.538717Z","last_seen":"2026-04-20T16:13:42.626462Z","times_seen":145,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/css/animate.min.css","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /css/animate.min.css HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 07 Mar 2024 07:41:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e96fc3-12a90\"\r\nexpires: Tue, 21 Apr 2026 04:13:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76432,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (460)","md5":"9d99b1c597a52a1a68d063308f1de662","sha1":"90dc56142980365936e75aa7c32faf92930694cc","sha256":"764287c1363d6895c6e4dbabaa80ddba43f68dfe8557e6fe9b6c7767b4db1eec","sha512":"e2d5848a4f378ae0d1d5f149829672cccf82082504ce258a50486ddc6a3cfd2631866e852454c29d38ee58d0c3245e633c457924549db4ab5261831b124a3c6a","ssdeep":"192:xIQHnGg5p1sgqg501K7JuFRH2UNURV2/o6R7M8EA+UQRjMsEu+/6QI3iiFIFibTg:xIWjy","tlshash":"db73e9a928a211445727491587df4f78663ce5a31826ecfab3de588b8f01fac23cd617","first_seen":"2023-04-06T20:03:49Z","last_seen":"2026-04-20T18:24:45.816073Z","times_seen":7048,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/img/f865e9_452x118.png","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:12.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /img/f865e9_452x118.png HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/css/style.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 8220\r\nlast-modified: Tue, 12 Mar 2024 06:55:48 GMT\r\netag: \"65effc74-201c\"\r\nexpires: Wed, 20 May 2026 16:13:12 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":8220,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 452 x 118, 8-bit colormap, non-interlaced","md5":"279ebe3e6eed4d1afda99a4c4e37d321","sha1":"8ac72240caf678edb6e4a1c838ae2d145af6d576","sha256":"63a22057a68fc2226ff6a3d41d05a0222f3e27f12e3e6f8b1183ed1968bcb4e0","sha512":"f882e1bd7f33cf56409c8347dd60a7eafe999bdbfc7d149fc960d0be85a06b9930df0f5699141f39d3f8bb00b8893c4c7e6dfcb4915aed830705ddd0be1dfeed","ssdeep":"192:8W8gAm2DqUPMYGjiAlOaXd+artYGi3sDsSzEjyJ:8W8Tm2DTPMYal1+ayL3kdAjyJ","tlshash":"3b02b0035c45dc45d999dfb1ac9a73412e3840ca368de21d23eb1fe76c647ba93a4338","first_seen":"2023-05-14T19:51:38Z","last_seen":"2026-04-20T16:13:42.627659Z","times_seen":168,"resource_available":false,"data":null}},"time_used":765,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":763,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/js/swiper-4.2.0.min.js","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /js/swiper-4.2.0.min.js HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 07 Mar 2024 07:41:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65e96fc1-2195e\"\r\nexpires: Tue, 21 Apr 2026 04:13:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":137566,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65273)","md5":"3dfcd6886034aee5bd66d69173451687","sha1":"a6af232a03e32496321d03ac44681470ea84ba3e","sha256":"a5936a69820a7e5ded4f5f698618e45dc2544845d0ed6316bda0645c5cb52787","sha512":"6ec67d9ee28b2aa5c8b628a47d1b9059a2dacec3b7ab244c5a953300aaf980b68fbfbfa376b0582ba0ddefe331c89f9b2ad88d23e0121dea22c8c4aaac47ddfd","ssdeep":"3072:Od9ISQEa03TT0RKcV/YDCbY5jmNCYBh4ogtQPrsCUbNq:YQfVRKceDCbY5jmNCYBh4ogIsCUpq","tlshash":"5cd3b41b63e0363a85c7e157ae5eca44a379150d7342989c3a6c88d99c78c3c07bdef9","first_seen":"2023-10-15T03:36:25Z","last_seen":"2026-04-20T16:13:42.628217Z","times_seen":170,"resource_available":true,"data":null}},"time_used":823,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":823,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/img/0a6857_750x58.png","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /img/0a6857_750x58.png HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 2636\r\nlast-modified: Tue, 12 Mar 2024 06:55:47 GMT\r\netag: \"65effc73-a4c\"\r\nexpires: Wed, 20 May 2026 16:13:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2636,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 58, 4-bit colormap, non-interlaced","md5":"110aa7eff99ceccb820d360a3abba9f8","sha1":"ac209c1cca2772c48683e720273eb1c5c3a3275a","sha256":"0ccc1afaf14229d2bebb863c0c53cfc94abdd47e1ce02d27a8b27a0a3bc0d4d4","sha512":"62dbba15a7f73fe273c512208375e09190b203c9e77f2c0755c5352ea3e4232ab08ef7a595fea2819aec0b85ec560c0263b0b30c844f7e4923d67983d843fc6d","ssdeep":"","tlshash":"f3513b43af28b43cb6f0a075437d4cfb73dd80caa3941f15b3a656072205703aa8d697","first_seen":"2023-05-14T19:51:38Z","last_seen":"2026-04-20T16:13:42.628759Z","times_seen":179,"resource_available":false,"data":null}},"time_used":1100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1096,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/img/8b53ff_382x21.png","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /img/8b53ff_382x21.png HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 1651\r\nlast-modified: Tue, 12 Mar 2024 06:55:47 GMT\r\netag: \"65effc73-673\"\r\nexpires: Wed, 20 May 2026 16:13:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":1651,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 382 x 21, 4-bit colormap, non-interlaced","md5":"886ab2d4e8f4ec92942e533521b2af99","sha1":"f4bee43480ac312ac5281233a4b1f9675897475b","sha256":"bd660475e8f554dfdf606e876305afd180f551b192b6fa7dd75b2470adb4c84c","sha512":"d9b1f474ee4d800b748bf2b10c064ee6337d1a87664ebf32ea222c8f80d4d9739cec9b8d75f621c89a71c70c28fc5e65170bf5afd267c2ee57961c008e93ccb1","ssdeep":"","tlshash":"5431ea1efb0fdc00ea1c315ed376779195b3940b62b6771e94bcc67b06a400da053978","first_seen":"2023-05-14T19:51:38Z","last_seen":"2026-04-20T16:13:42.629328Z","times_seen":180,"resource_available":false,"data":null}},"time_used":1099,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1095,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/img/22c2a0_700x434.png","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /img/22c2a0_700x434.png HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 820737\r\nlast-modified: Thu, 11 Apr 2024 09:18:37 GMT\r\netag: \"6617aaed-c8601\"\r\nexpires: Wed, 20 May 2026 16:13:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":820737,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 465, 8-bit/color RGBA, non-interlaced","md5":"ce379fe90ce098a3f80d684b50c5bae3","sha1":"1f2f5a54de6984cfbbe70a26197c9f523744e415","sha256":"5c845cf14dd83823022763c26c6f5221fccfbebf972415de9464d4a63fe72196","sha512":"8f80b5e7140b4037ab340161221e71bbf50f7277cc1da96697ec09ed12bb4fd2d82159e0ca02bb2a05f37e75836aded7a00c7aae85cf16af6cc317b2888acca0","ssdeep":"12288:j8yJ98FVLFA2oh+UDdh2JT7k1mRW0PCjAFHKLqbcz:jjJ98XZPqhM7Dg0PL4ebC","tlshash":"dc058d857c94a841a84db65ce4fc9885dbf72ec10c30442e9fe9dc9a0e52edc8de58db","first_seen":"2024-09-19T22:02:10.754574Z","last_seen":"2026-04-20T16:13:42.629913Z","times_seen":30,"resource_available":false,"data":null}},"time_used":2812,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1094,"receive":1718,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bg2882.com/img/869918_722x444.png","fqdn":"bg2882.com","domain":"bg2882.com","tld":"com"},"ip":{"addr":"45.64.55.97","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bg2882.com/","date":"2026-04-20T16:13:11.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bgyx88.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:43:49 GMT","end":"Thu, 11 Jun 2026 10:43:48 GMT"},"fingerprint":{"sha1":"80:06:AE:1F:1D:F8:BD:36:C6:B7:20:E1:93:ED:BD:5F:4A:54:2F:06","sha256":"44:9A:22:3C:41:A4:31:71:97:CB:20:5B:CE:92:7D:3E:EB:A7:D7:E5:3E:A4:79:2C:67:11:70:A3:F5:5F:17:8B"}}},"request":{"raw":"GET /img/869918_722x444.png HTTP/1.1\r\nHost: bg2882.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bg2882.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: tengine\r\ndate: Mon, 20 Apr 2026 16:13:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 274911\r\nlast-modified: Tue, 12 Mar 2024 08:34:26 GMT\r\netag: \"65f01392-431df\"\r\nexpires: Wed, 20 May 2026 16:13:11 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":274911,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 439, 8-bit/color RGBA, non-interlaced","md5":"a73732da4ac011df90ea5726b5d402a6","sha1":"43746f38583310e1b7ca9bb28dda9de9fdfd28d5","sha256":"f777e781d960732a690f5c9903479ff7b46be0ff7a11f2738846927309925237","sha512":"93e9291406d134e53cd2d9a5e3d05c6ffe0bb0d15634914518f37f775216a543023d7a64c465e6fa32c992cbedfab9aa73429fb1b47974aa37970da8c5e05661","ssdeep":"6144:0CunpZIYYOyUWb9SRq2Ap8JXP/XJoTMWtYrJVfmZ:onDuvbmhRJX3XoAZ4","tlshash":"aa442312ed125411b57c344349ec889acbf71ecd4c9b958eef929f0a0e4699e2cdc899","first_seen":"2024-09-07T18:55:42Z","last_seen":"2026-04-20T16:13:42.631577Z","times_seen":156,"resource_available":false,"data":null}},"time_used":2508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1094,"receive":1414,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"bg2882.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.0185021.com/","fqdn":"www.0185021.com","domain":"0185021.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T16:13:08.064Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.0185021.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T19:59:58.654817Z","times_seen":13987856,"resource_available":true,"data":null}},"time_used":1152,"timings":{"blocked":1152,"dns":0,"connect":222,"send":0,"wait":0,"receive":0,"ssl":227},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.0185021.com/","fqdn":"www.0185021.com","domain":"0185021.com","tld":"com"},"ip":{"addr":"103.60.109.176","port":80,"asn":55720,"as":"Gigabit Hosting Sdn Bhd","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T16:13:09.674Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.0185021.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: Mon, 20 Apr 2026 16:15:39 GMT\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: keep-alive\r\nLocation: https://bg2882.com/\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5912,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T19:59:58.654817Z","times_seen":13987856,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":224,"dns":1,"connect":224,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}