{"report_id":"c837f356-b31b-466d-8a8a-f617abf1cbed","version":0,"status":"done","tags":[],"date":"2026-06-28T10:09:46Z","url":{"schema":"http","addr":"365756zxd.com","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"27.124.41.89","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"365756zxd.com/","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"title":"bet365最快线路检测中心","dom":{"size":6031,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"3d3d9a6cda81e74e6ebc8696da850607","sha1":"09a52dadc2c3e88bd6754e817eecfa46e81a73ba","sha256":"f6a7a1f4e6a35729d155197f953ccf7684f90cadcb96710b3ab1fb3ddcbb7e2b","sha512":"f525d0cdcc5f7f71509fd25e9bfc61b8bfd6c39a0070e586d595973987bbe802f3f6076c475abd9fc97a02e72736b54cf8a4d6fb257bf1bf6863c81c2226ce6e","ssdeep":"96:7UNvPEilDNq0nvWgmIvlV6w1d2dlcYyo884oyYTGRPlf5wzTOCl2:7UNvP3DNtegAw1d27cf7lomdZGzTOCl2","tlshash":"fbc174aa89c5217b32236bcc9b7e771d78f2000ff945c952b6ac1de64f90d66404b68c","dom_hash":"domhash7db2c4eef52cdb9a77f310b6d54f9c9b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"365756zxd.com","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"27.124.41.89","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T10:09:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"365756zxd.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-06-06","domain_rank":0,"first_seen":"2026-03-13T02:50:16.208065Z","last_seen":"2026-06-28T01:57:47.18933Z","alert_count":50,"request_count":10,"received_data":164059,"sent_data":4956,"comment":"","tags":null,"fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"jQuery:1.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"CNZZ","description":"","website":"https://web.umeng.com/","common_platform_enumeration":"","icon":"cnzz.png","categories":["Analytics"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"365756zxd.com/","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"74b2d07a6cfb1fe04668ae950abf4905","sha1":"1670857d2da93a42a90c9f0aee769b264824fca5","sha256":"5d04fd04185e4f143c261399edd4a5afcde2f8322a18e51d8336ca0ce6b3ef11","sha512":"a1ba3945107d7e155f37a7653af1517d5db128a1f80b84283f91c3714c5f1d1478a503d5675536af5ee2d5ffbe4e2a9c58727d4cb9bb7a8a5b1ae5fade4af170","ssdeep":"","tlshash":"d8d02b1b6c692c307354147c116ed98db631294c54355802498dac244874ee4086e788","size":258,"data":"","first_seen":"2026-06-10T13:07:10.451779Z","last_seen":"2026-06-28T11:43:13.949284Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8ac009b3e3398c9603b31aee40cbad9c","sha1":"5c0a78c765cc5d52f406837ecf26d2204d28c009","sha256":"1fc90a22dfc0107e7d4f72d78bfeaab68c5bffe6dfcfc7c7f26c999235b03787","sha512":"1aae2d3eca69c514d7f8aa41095c9e38300b50f049c0017b37071e6a3b7e731a94752b8138c7278cd4d7333523d3e8da51b8cca48a1df87f207abb9bca0d15f5","ssdeep":"","tlshash":"66016d2945c627773e323bdc0fef978972b341135a569d2031682ba86fc143f869d8e4","size":768,"data":"","first_seen":"2026-05-25T23:44:35.507954Z","last_seen":"2026-06-28T17:00:28.424595Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a478427e16747f585758a439be5f9333","sha1":"ec96502c8a567ab63997d71815a6c360343bdddf","sha256":"7b123db3dfe7d8099ba7bb50ca8f00e91ca1fde6e7bf68ad7ee2eed5f629a136","sha512":"acbc47ac55d4888fc47fc99f8211f95172217830646dadf5d5cc902a3c2eb71c59ffb23be10899dfb80e292fa2d0beb082dd5f41b8dbb4cd883462b0ed34eeb5","ssdeep":"","tlshash":"d941bedcc68021ae72233e9d871e271d34f6409fb9d5c4a3aa0d6d938e3091216ab7dc","size":2024,"data":"","first_seen":"2026-06-28T01:57:47.456325Z","last_seen":"2026-06-28T11:43:13.950337Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/js/jquery-1.7.1.min.js","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ddb84c1587287b2df08966081ef063bf","sha1":"9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f","sha256":"88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd","sha512":"0640605a22f437f10521b2d96064e06e4b0a1b96d2e8fb709d6bd593781c72ff8a86d2bfe3090bc4244687e91e94a897c7b132e237d369b2e0dc01083c2ec434","ssdeep":"1536:k5RKUpVgklsdbuLP/l+0fGzA8gmtasgx/c9Rzzi4yff8qeLvHHEjam7rSnmBn9gn:Ee8FbGzA81+xRRi1Z3","tlshash":"0a93e7d9b2d6716387b731bc50af510bb13698aa784c8c50f068d8e4be74a48907bf7d","size":93868,"data":"","first_seen":"2023-03-07T01:03:13Z","last_seen":"2026-06-28T16:23:07.528067Z","times_seen":18948,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"365756zxd.com/favicon.ico","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://365756zxd.com/","date":"2026-06-28T10:09:42.289Z","timestamp":1782641382289,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 365756zxd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://365756zxd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T16:32:19.025044Z","times_seen":16797539,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"27.124.41.89","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T10:09:14.520Z","timestamp":1782641354520,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"365756l.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Mon, 13 Oct 2025 07:57:15 GMT","end":"Thu, 12 Nov 2026 07:57:14 GMT"},"fingerprint":{"sha1":"5D:F8:FE:AD:6E:6B:8F:13:30:86:70:18:D7:E7:42:23:D2:1A:B6:52","sha256":"C2:1A:13:E5:50:59:17:29:AD:F5:38:5C:E2:7F:74:EA:5E:7D:75:DE:3E:26:74:0E:0D:6F:66:25:FB:CB:E5:F4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 365756zxd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 25 Jun 2026 11:14:38 GMT\r\naccept-ranges: bytes\r\netag: \"0e38fcf934dd1:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/10.0\r\ndate: Sun, 28 Jun 2026 10:09:23 GMT\r\ncontent-length: 2313\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"jQuery:1.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"CNZZ","description":"","website":"https://web.umeng.com/","common_platform_enumeration":"","icon":"cnzz.png","categories":["Analytics"]}],"data":{"size":6081,"size_decoded":2600,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"1c1dcc40234e59109684420227011b84","sha1":"d5572a73fa09fe5d50e2abb204caa4fc8321bd0d","sha256":"61c7c789f944b9d95fd831427e94cd193657905f325ab54956e8aa4d067715c2","sha512":"fedc307ab00bd693cd8293bf30744eb63f732cf8fa503f191f64a09474c7041bff9b6c87ad852d668b7723da5a20959ce5ac5d0b78eeb136c27001c423b285ec","ssdeep":"96:DkNHRp69qilsObfsqNMzjj55vlp6OZ+uDTYzguEPtkPiN2X01:DkNHolsOJC+OAuDTYztEPtkPiN2k1","tlshash":"3dc1716955c1597e72321ad88a3eab2cf8f2000fe641c952f5ac2aa74bf4c15845bacc","first_seen":"2026-06-28T01:57:47.447643Z","last_seen":"2026-06-28T11:43:13.948512Z","times_seen":3,"resource_available":true,"data":null}},"time_used":10130,"timings":{"blocked":-1,"dns":3,"connect":255,"send":0,"wait":524,"receive":0,"ssl":9348},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/img/bodyimg.png?v=1","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"27.124.41.89","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://365756zxd.com/","date":"2026-06-28T10:09:41.832Z","timestamp":1782641381832,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"365756l.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Mon, 13 Oct 2025 07:57:15 GMT","end":"Thu, 12 Nov 2026 07:57:14 GMT"},"fingerprint":{"sha1":"5D:F8:FE:AD:6E:6B:8F:13:30:86:70:18:D7:E7:42:23:D2:1A:B6:52","sha256":"C2:1A:13:E5:50:59:17:29:AD:F5:38:5C:E2:7F:74:EA:5E:7D:75:DE:3E:26:74:0E:0D:6F:66:25:FB:CB:E5:F4"}}},"request":{"raw":"GET /img/bodyimg.png?v=1 HTTP/1.1\r\nHost: 365756zxd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://365756zxd.com/css/style.css?v=888\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Aug 2018 15:19:36 GMT\r\naccept-ranges: bytes\r\netag: \"0f47feab29d41:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Sun, 28 Jun 2026 10:09:41 GMT\r\ncontent-length: 365010\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T16:32:19.025044Z","times_seen":16797539,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/img/yelang.png","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://365756zxd.com/","date":"2026-06-28T10:09:41.867Z","timestamp":1782641381867,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/yelang.png HTTP/1.1\r\nHost: 365756zxd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://365756zxd.com/css/style.css?v=888\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T16:32:19.025044Z","times_seen":16797539,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/css/flash.css","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"27.124.41.89","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://365756zxd.com/","date":"2026-06-28T10:09:24.899Z","timestamp":1782641364899,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"365756l.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Mon, 13 Oct 2025 07:57:15 GMT","end":"Thu, 12 Nov 2026 07:57:14 GMT"},"fingerprint":{"sha1":"5D:F8:FE:AD:6E:6B:8F:13:30:86:70:18:D7:E7:42:23:D2:1A:B6:52","sha256":"C2:1A:13:E5:50:59:17:29:AD:F5:38:5C:E2:7F:74:EA:5E:7D:75:DE:3E:26:74:0E:0D:6F:66:25:FB:CB:E5:F4"}}},"request":{"raw":"GET /css/flash.css HTTP/1.1\r\nHost: 365756zxd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://365756zxd.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 23 May 2018 09:38:10 GMT\r\naccept-ranges: bytes\r\netag: \"0edf9c279f2d31:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/10.0\r\ndate: Sun, 28 Jun 2026 10:09:25 GMT\r\ncontent-length: 3655\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":55121,"size_decoded":3942,"mime_type":"text/css","magic":"ASCII text, with very long lines (55097), with CRLF line terminators","md5":"68d6509f4eb442e761d51c22f9c62004","sha1":"378dbb447732f5fd91e850efbb9f64b1b2def614","sha256":"48ef7fb539ccc7d8186e8017283e3493b1d32497b445b8c7946363be989ff747","sha512":"41d2bfd1887a2ab3f7c925d57fa3075bdd53330414c1d9e0ffc976efc854a84587e44e5383fad07f84c8b6dc68505a35cd0855b615be7e7a0b5799783c7d9570","ssdeep":"768:jkZlIbIM6fZBIaI2IHwO1CA5kiDb3CyQ5xrQe/0STfs2s2:jkZ/IHwO1CA5kiDb3CyQ5xrQe/0ST1","tlshash":"583304af5891228991674f6283dc5e68872dc67714621cde33816c8b8f87f9f33da607","first_seen":"2023-07-17T19:32:02Z","last_seen":"2026-06-28T11:43:13.942549Z","times_seen":746,"resource_available":false,"data":null}},"time_used":1506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/css/style.css?v=888","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"27.124.41.89","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://365756zxd.com/","date":"2026-06-28T10:09:24.901Z","timestamp":1782641364901,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"365756l.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Mon, 13 Oct 2025 07:57:15 GMT","end":"Thu, 12 Nov 2026 07:57:14 GMT"},"fingerprint":{"sha1":"5D:F8:FE:AD:6E:6B:8F:13:30:86:70:18:D7:E7:42:23:D2:1A:B6:52","sha256":"C2:1A:13:E5:50:59:17:29:AD:F5:38:5C:E2:7F:74:EA:5E:7D:75:DE:3E:26:74:0E:0D:6F:66:25:FB:CB:E5:F4"}}},"request":{"raw":"GET /css/style.css?v=888 HTTP/1.1\r\nHost: 365756zxd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://365756zxd.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 12 Dec 2018 06:05:32 GMT\r\naccept-ranges: bytes\r\netag: \"0de78b0e091d41:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/10.0\r\ndate: Sun, 28 Jun 2026 10:09:25 GMT\r\ncontent-length: 1849\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":6017,"size_decoded":2136,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"2dc18dfeca75ef4c42dbcf35c8dba779","sha1":"7cb564682ea0242e94eba5d10e4ed7479603c6e3","sha256":"1cafa656d554956b948c7e59dd0411ac6eb9fa16ee71fc875b76fb71f36eabec","sha512":"e935ad9160426db3f9e7a4c6c4b5cb296f9e8bd417a4ebd1a20ad62fe4fc73b39eafdaacd2f450dd4124f04aee2b3f4ab5a1e4589061f4653b36007be1245db9","ssdeep":"96:cl5X0fJii8wGGKDeD0Cxb8x2xKxWQqpGTccexmjmes3PLuM6usQPfeLPFe1an5Hy:cHX0oGVkGKxWQ+gexqUZNqS","tlshash":"b5c1211066713489f0bb81a1ba979f69771ad0c3624317bae88dfb35d58f1433b72394","first_seen":"2025-04-07T10:43:47.796599Z","last_seen":"2026-06-28T11:43:13.94193Z","times_seen":277,"resource_available":false,"data":null}},"time_used":1505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/js/jquery-1.7.1.min.js","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"27.124.41.89","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://365756zxd.com/","date":"2026-06-28T10:09:24.903Z","timestamp":1782641364903,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"365756l.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Mon, 13 Oct 2025 07:57:15 GMT","end":"Thu, 12 Nov 2026 07:57:14 GMT"},"fingerprint":{"sha1":"5D:F8:FE:AD:6E:6B:8F:13:30:86:70:18:D7:E7:42:23:D2:1A:B6:52","sha256":"C2:1A:13:E5:50:59:17:29:AD:F5:38:5C:E2:7F:74:EA:5E:7D:75:DE:3E:26:74:0E:0D:6F:66:25:FB:CB:E5:F4"}}},"request":{"raw":"GET /js/jquery-1.7.1.min.js HTTP/1.1\r\nHost: 365756zxd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://365756zxd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Tue, 30 Jan 2018 17:39:52 GMT\r\naccept-ranges: bytes\r\netag: \"0643b55f199d31:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/10.0\r\ndate: Sun, 28 Jun 2026 10:09:25 GMT\r\ncontent-length: 33226\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":93868,"size_decoded":33528,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)","md5":"ddb84c1587287b2df08966081ef063bf","sha1":"9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f","sha256":"88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd","sha512":"0640605a22f437f10521b2d96064e06e4b0a1b96d2e8fb709d6bd593781c72ff8a86d2bfe3090bc4244687e91e94a897c7b132e237d369b2e0dc01083c2ec434","ssdeep":"1536:k5RKUpVgklsdbuLP/l+0fGzA8gmtasgx/c9Rzzi4yff8qeLvHHEjam7rSnmBn9gn:Ee8FbGzA81+xRRi1Z3","tlshash":"0a93e7d9b2d6716387b731bc50af510bb13698aa784c8c50f068d8e4be74a48907bf7d","first_seen":"2023-03-07T01:03:13Z","last_seen":"2026-06-28T16:23:07.528067Z","times_seen":18948,"resource_available":true,"data":null}},"time_used":16888,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14006,"receive":2882,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/img/ewm.png","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"27.124.41.89","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://365756zxd.com/","date":"2026-06-28T10:09:24.914Z","timestamp":1782641364914,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA1","protocol":"TLSv1.2","cert":{"subject":{"commonName":"365756l.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Mon, 13 Oct 2025 07:57:15 GMT","end":"Thu, 12 Nov 2026 07:57:14 GMT"},"fingerprint":{"sha1":"5D:F8:FE:AD:6E:6B:8F:13:30:86:70:18:D7:E7:42:23:D2:1A:B6:52","sha256":"C2:1A:13:E5:50:59:17:29:AD:F5:38:5C:E2:7F:74:EA:5E:7D:75:DE:3E:26:74:0E:0D:6F:66:25:FB:CB:E5:F4"}}},"request":{"raw":"GET /img/ewm.png HTTP/1.1\r\nHost: 365756zxd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://365756zxd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\nlast-modified: Sat, 17 May 2025 19:22:26 GMT\r\naccept-ranges: bytes\r\netag: \"b312b661c7db1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Sun, 28 Jun 2026 10:09:25 GMT\r\ncontent-length: 1327\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1327,"size_decoded":1567,"mime_type":"image/png","magic":"PNG image data, 260 x 260, 8-bit/color RGB, non-interlaced","md5":"9a2eb204c837b0550c3214ba71846af9","sha1":"24166f4e03bcb2969a352e81be016ff1fea26aa2","sha256":"554ec30b9d027de0a4ae84a28551edf268c3a4f9f57f10dc4c1b0f18fc8fa84d","sha512":"5ecdaf88ef27b4b36d9c3d8880d3bc0236d1690beb2e53eb8ca4bfc8e281cd5190fa43748abfc94e03002554d828fb48852c021998e58d686517aa2282594515","ssdeep":"","tlshash":"3e2194d35fcf2a637a9e7b50ce891f1089594cad2831c536269833647e64d70cb21bce","first_seen":"2025-05-28T12:22:35.690601Z","last_seen":"2026-06-28T11:43:13.94368Z","times_seen":241,"resource_available":false,"data":null}},"time_used":16877,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16877,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/img/rss.png","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://365756zxd.com/","date":"2026-06-28T10:09:41.865Z","timestamp":1782641381865,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/rss.png HTTP/1.1\r\nHost: 365756zxd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://365756zxd.com/css/style.css?v=888\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T16:32:19.025044Z","times_seen":16797539,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"365756zxd.com/img/dxx.png","fqdn":"365756zxd.com","domain":"365756zxd.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://365756zxd.com/","date":"2026-06-28T10:09:41.869Z","timestamp":1782641381869,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /img/dxx.png HTTP/1.1\r\nHost: 365756zxd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://365756zxd.com/css/style.css?v=888\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T16:32:19.025044Z","times_seen":16797539,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-28","alert":"Phishing Block","trigger":"365756zxd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"365756zxd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}