{"report_id":"cd89a4c0-aa88-4c51-9a9a-ee65be5f55ae","version":6,"status":"done","tags":[],"date":"2026-04-14T20:09:13Z","url":{"schema":"http","addr":"cszb-dy.com/","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":0,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"cszb-dy.com/","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"title":"彩神争霸精准计划","dom":{"size":8209,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"9b8aec82c58f44db0e2da822dacba093","sha1":"eefdfd7d9d562be497b46a3340f84e863714e2bf","sha256":"20d91d56e189bcd65f395b82c8aa84f1cd48af613ccd6debf532c54acec37767","sha512":"9759bda4b09593e9305259d6c50675bdc446cd86d481bb119d0acf8e61e823d2913f9d3c93f2c4132110d061428251044770766c298f6d2cfca57e06c3c26a7c","ssdeep":"192:SrnMZjBPCpnDZ0CPBfE/k1mp6rPlyJzmRF4sArtg:1jmX7Artg","tlshash":"5f02871661d3115b2922d1a66fb3171b6664d407c30bc9a97fcc15cdef89ac9c8a738c","dom_hash":"domhash27012197961c49af023d3292681d65a6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cszb-dy.com/","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":0,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-19T20:09:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"cszb-dy.com","ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":81,"request_count":27,"received_data":2017448,"sent_data":12163,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-04-13T04:36:40.415277Z","alert_count":0,"request_count":2,"received_data":30879,"sent_data":1136,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"27.124.6.58","ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":9,"received_data":294829,"sent_data":4112,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-04-13T05:16:52.426887Z","alert_count":0,"request_count":1,"received_data":355,"sent_data":463,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c07eb39b85a98c006261a3a263eb36c6","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"37b85cb611f0fa3e7fa546ebe4742c1f","sha1":"1d94ec89f6d7a59769318341828aa09407008ffd","sha256":"602c630b3a71a2a5678bc8972a7b0c679c1f3d97c4ed9207c9f32c4924a3f9d1","sha512":"d21df3f98332e87f91eb53e277ed66235eb9ff780c65f4923986a25dbc6283a87fe942dca9d1d210b7ee9b5660d30c58f643a1a868116340e43755034cddb448","ssdeep":"384:NGJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:NG4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"1fd2d9a9b282713293a324a5153f324ef17b5a54bd4968a4f11894c07d38fbb027bfdd","size":29897,"data":"","first_seen":"2026-04-14T20:09:19.667035Z","last_seen":"2026-04-14T20:09:19.667035Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"8e761437359e33bb08f1bef9956b516d","sha1":"3460be043752d7f559ee99792058440a085862f0","sha256":"920d5a4c2daec6c1ace2600b9a738e3c4786969bc74fcaa47188c840939dd883","sha512":"079d30db1fc825788d563773b4073bf4b00e11f98d0ed2e9acfcd83b90954eef3ab27a3e33bc6153289a0b46f2655b832abba1fdeb21a36fdb59bd9f48593b0f","ssdeep":"","tlshash":"1de07dde53c584cc39d33e98595a345841e81f342e498d148848881616e983729e26ff","size":335,"data":"","first_seen":"2026-04-14T20:09:19.707543Z","last_seen":"2026-04-14T20:09:19.707543Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/e/dongpo/tz/tz.js","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a61a87e1907a03765b98267eb76d09b3","sha1":"f54ccb50be03a7572185cbc0a37bde973f39f1dc","sha256":"466db1ee07353ce9cc0615edd2c7bfd4e247dc899a40dec598ea94e2e973f7d4","sha512":"a6cafcd331697fed5f303a62a6e835e528bfc0926a7172ca06c5ac285c99c639759148537b4965e4bbd3388881fb72eccfe7a02f8b6a62a0eb299e1d83ac0536","ssdeep":"","tlshash":"e321af7fae231154d11691692bba776c3e3a001b6301c8307afcbe685f43f429447bd4","size":1155,"data":"","first_seen":"2026-04-13T17:18:50.176808Z","last_seen":"2026-04-14T20:09:19.672855Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/bootstrap/js/home.js","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","size":5802,"data":"","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-04-14T20:09:19.665497Z","times_seen":122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/e/dongpo/tz/tj.js","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bf60b5cf9c764caf9e85228dc7bfc33","sha1":"22b0d1971d7ec1ec3bb55ff4771752db18eab9ef","sha256":"1a32c475f692c3c84f550cc194a92fff3df6368293bbec3b8e67a42bc2d92306","sha512":"681c26eab518649736ea2c6302120b5a61e0b0749375c8933c7c890b6195de0c6e09a4184c9af8c5fd0f5e5eeda63ba803574bee4c44737899ccd18ce14c97c9","ssdeep":"","tlshash":"8601f11f7c25e13463921c2d23bbdadcf5ad2016101dc80654dec4ad6c34ff9042ab4c","size":808,"data":"","first_seen":"2026-03-03T01:17:34.078046Z","last_seen":"2026-04-14T20:09:19.673447Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c83ebee2aa19e3fdbfe07dcfcc239405","sha1":"e0db08a93c863968c4b1e146aa04544b246a2153","sha256":"3a6e51bd3dae91dca04533ce5aac3a50495bfed1e7cf2355d46949e0e030ca0c","sha512":"489c1b6cb2283af2e422f4505beaf9a867fce6bfba145878f76ebca3e30799ce38dd2d9de53992c066f204e229fb286aa09527b2c52452418f5ae12a89d200ba","ssdeep":"","tlshash":"48f0dcae9c51e178abc338ac9bafd688c16e1026110ecc03a9d9c5ce3c38fc8042134c","size":491,"data":"","first_seen":"2025-01-04T07:18:42.072419Z","last_seen":"2026-04-14T20:09:19.708292Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/bootstrap/js/bootstrap.bundle.min.js","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","size":80821,"data":"","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-04-14T22:24:47.003858Z","times_seen":1175,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-14T23:56:55.701466Z","times_seen":84733,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-14T23:56:55.679945Z","times_seen":105252,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-14T23:56:55.679945Z","times_seen":105252,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/swiper/js/swiper-bundle.min.js","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","size":140562,"data":"","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-04-14T23:21:49.64058Z","times_seen":3123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"27.124.6.58:1649/static/js/link.js","fqdn":"27.124.6.58","domain":"27.124.6.58","tld":""},"ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b7f10dc860507e19810662a1384c208","sha1":"102fbcdc98f0e9bee57623af78d23a95e4a8626a","sha256":"af5dc7e9b8774447751f6cc8dd9b2eea022fe936c733f22e59b05d09b29efb4e","sha512":"fab9eee0505d951a560115fccb4aaf2917829c9758875e55eb750d7e381c423f0b514063f12c3cdd95ec43faab4061ac8048f99f978b58b95468b178feaefe1e","ssdeep":"","tlshash":"c831ce5de6d128220d274867695b3d00b153400bbd0aec42f29d4ac4efb172e4b7a8f4","size":1743,"data":"","first_seen":"2026-04-14T18:08:38.367231Z","last_seen":"2026-04-14T20:09:19.68433Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"5ea4ed957a0b261151dac522867c1abd","sha1":"2ad940f70f57d4e7d4c624da27691f27fd970ad2","sha256":"229702bd443552b438f8113c95879a863fa4b777ff5be6fb0e61b765cb7d2de3","sha512":"5dc10c656eac40df0c6bdbf66f1f1631178dcc4f5d084f015efe85a07467ef2b68fc0fcd66bc5f4a39af17ea42b03d243e0eaeef5d7f9a0b13efc07dae010b98","ssdeep":"","tlshash":"a3f097ae9c51e568aad328a89bafd68cc16e1026110ec803a9d9c5ce3c38fd8082574c","size":508,"data":"","first_seen":"2024-10-26T06:33:34.507797Z","last_seen":"2026-04-14T20:09:19.711941Z","times_seen":197,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"cszb-dy.com/skin/bootstrap/js/home.js","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/bootstrap/js/home.js HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 14 Jul 2025 03:49:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68747e66-16aa\"\r\nexpires: Wed, 15 Apr 2026 08:08:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5802,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-04-14T20:09:19.665497Z","times_seen":122,"resource_available":true,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/bootstrap/css/module.css","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/bootstrap/css/module.css HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 24 Jul 2025 12:07:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"688221f2-28112\"\r\nexpires: Wed, 15 Apr 2026 08:08:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":164114,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65518)","md5":"67e45932bedd92dd7bc2a7de1653677e","sha1":"b15f3b2e370d9a7c2c40ea991c8f4a839617702d","sha256":"6e25cdc64273a412026df8a7b3510d9ba7dd6cd75653dd3eb884371b4ace73e8","sha512":"d6130c594f82eefca5109421095dc8c0603b44c4c714bdb8956e64278c9c1625263a531a1ad401fa344f180c2f1cbe95af8246c9e33dc6a28316ab243f448591","ssdeep":"1536:qiVj2AhHm0CfrtrPr7AhhTQbdS6U8H2GXVxICl1gGqotJFFp4L/Xzbv9ALVTFCew:sAhhTQg6U8p45s5Q","tlshash":"c6f397309984202cf11bc5eae5d0abef32649801f663077ef66370a6d6c21ef577674a","first_seen":"2025-10-09T23:37:04.753197Z","last_seen":"2026-04-14T20:09:19.666203Z","times_seen":120,"resource_available":false,"data":null}},"time_used":495,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":495,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c07eb39b85a98c006261a3a263eb36c6","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:52.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?c07eb39b85a98c006261a3a263eb36c6 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11291\r\nContent-Type: application/javascript\r\nDate: Tue, 14 Apr 2026 20:08:53 GMT\r\nEtag: 50441a05283f3cb12bfb68cf6c6f678a\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=B2F512BB890A6F64; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29897,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (621)","md5":"37b85cb611f0fa3e7fa546ebe4742c1f","sha1":"1d94ec89f6d7a59769318341828aa09407008ffd","sha256":"602c630b3a71a2a5678bc8972a7b0c679c1f3d97c4ed9207c9f32c4924a3f9d1","sha512":"d21df3f98332e87f91eb53e277ed66235eb9ff780c65f4923986a25dbc6283a87fe942dca9d1d210b7ee9b5660d30c58f643a1a868116340e43755034cddb448","ssdeep":"384:NGJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:NG4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"1fd2d9a9b282713293a324a5153f324ef17b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-04-14T20:09:19.667035Z","last_seen":"2026-04-14T20:09:19.667035Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1897,"timings":{"blocked":787,"dns":1,"connect":259,"send":0,"wait":321,"receive":1,"ssl":526},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"27.124.6.58:1649/","fqdn":"27.124.6.58","domain":"27.124.6.58","tld":""},"ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:52.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 12:46:54 GMT","end":"Mon, 20 Apr 2026 04:46:53 GMT"},"fingerprint":{"sha1":"FE:3B:CE:47:7A:EF:44:00:F2:76:CA:23:34:37:13:E9:96:CA:67:4B","sha256":"71:2D:51:44:43:D8:00:E0:E0:E0:2A:99:C9:3A:01:AA:DD:89:04:17:11:DF:8D:A8:CA:14:9F:88:98:AC:C5:1A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 27.124.6.58:1649\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:52 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 13 Apr 2026 06:11:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dc891a-2022\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8226,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"37e7d1f52c08e5cba53549061a088fc5","sha1":"28c3261f8d0f8046ea8bfbcc0ad0e27c80b4dd5f","sha256":"16fe2998b51bd69b9259cb4d1045e4053b99d36368c45efc805240deebc66f0b","sha512":"e64d59f26fc94e14d5b925894cfcdeace55b2bdc48a749ef9b1a7043df551479d55529bf533bc94d68d5f5f071d501c5cfef7fa3eb13fdde26bdcfeb5f3cc85e","ssdeep":"192:irnMZjBPCpnDZ0CPBfE/k1mp6rPlyJzmRF4sArt+:ljmX7Art+","tlshash":"d602761661d3115b292291a66fb3171b6664d407c20bc9a97fcc15cdef89ac9c8a738c","first_seen":"2026-03-01T01:18:02.551716Z","last_seen":"2026-04-14T20:09:19.668593Z","times_seen":97,"resource_available":true,"data":null}},"time_used":1287,"timings":{"blocked":516,"dns":0,"connect":254,"send":0,"wait":255,"receive":0,"ssl":260},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/bootstrap/css/bootstrap.min.css","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/bootstrap/css/bootstrap.min.css HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Jul 2025 14:17:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6863ede4-38a52\"\r\nexpires: Wed, 15 Apr 2026 08:08:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":232018,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"50c95aae1a6c1e089c11681d1e1906f8","sha1":"a65e4fd8db9bd0440de2d6d73c9e7cd00fce4a8d","sha256":"cd1826581e4f2b80af4f1e05897b316c7698441063cffaefbbdeec382ee4cd72","sha512":"7f0edff9370c8d36fb6e96cb25994ff20d98e17702c85656f2ecbc1ec459b07fd2c1b330d2994a1c51ebf7d0cdde5d3856c60dc2fce27145ffeaababbc8c5bc7","ssdeep":"1536:v9xnXGi9GfJkfvq5wlP7cQZDR9uvV982sYRElV6V6pz600I41r:HnXp9GfrV98II6V6pz600I41r","tlshash":"d03482d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2025-06-19T07:12:41.126365Z","last_seen":"2026-04-14T22:05:27.959628Z","times_seen":1132,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/fontawesome/css/all.min.css","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/fontawesome/css/all.min.css HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Jul 2025 14:17:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6863ede4-1907e\"\r\nexpires: Wed, 15 Apr 2026 08:08:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102526,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"c43cd173eeeba2f72aa6b431d06b8c07","sha1":"427a692f7f39eabb3d5b8510aee2743025daf813","sha256":"c880eb3d25c765d399840aa204fec22b3230310991089f14781f09a35ed80b8a","sha512":"02f6f6422b83104bc1e1b64961d7edda63635528417ed2dd3c6f0527457b8ab4cb43c528d2a70fc61e0f96aec6e6d1a6d2b53ed523e1568b6d78ba41111c1393","ssdeep":"1536:vwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9ZpgmLCq:P709gMGFiyPG9ZimLCq","tlshash":"4fa3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2024-01-04T18:36:36Z","last_seen":"2026-04-14T23:32:31.23048Z","times_seen":7572,"resource_available":false,"data":null}},"time_used":499,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":499,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/logo/cszbdycom/logo.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/logo/cszbdycom/logo.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4494\r\nlast-modified: Sun, 01 Feb 2026 09:20:02 GMT\r\netag: \"697f1ac2-118e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4494,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x140, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c603be07ef1fce291e3f285fecbf6c26","sha1":"cbfe3411befb738fbcd62d00843235db722ae8ec","sha256":"33e3d09ee6f76a5d61b17f24b2d9a94da82b032e8986238abece6361f0702c6b","sha512":"5fa9a736892dde9957d904937d7cb4038a9a7fd3425634a88841030d83eeb527d82f2002920103590c1b9c9c80e94f5c8c59f88707c27815fd350e3654c47b88","ssdeep":"96:941MvlpbiSQm0lWH9yqSj0j+OozapMSR6DtS6CYtHNIL3:+1ut2lmM0jLoCPktXNNI","tlshash":"79915ced6afce27916ead5bb0fcbf57170074a5c82a59155a215435aca311cc2bc012a","first_seen":"2026-04-14T20:09:19.67135Z","last_seen":"2026-04-14T20:09:19.67135Z","times_seen":1,"resource_available":false,"data":null}},"time_used":744,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":498,"receive":246,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/e/dongpo/tz/tz.js","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /e/dongpo/tz/tz.js HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 13 Apr 2026 13:45:25 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dcf375-483\"\r\nexpires: Wed, 15 Apr 2026 08:08:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1155,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"a61a87e1907a03765b98267eb76d09b3","sha1":"f54ccb50be03a7572185cbc0a37bde973f39f1dc","sha256":"466db1ee07353ce9cc0615edd2c7bfd4e247dc899a40dec598ea94e2e973f7d4","sha512":"a6cafcd331697fed5f303a62a6e835e528bfc0926a7172ca06c5ac285c99c639759148537b4965e4bbd3388881fb72eccfe7a02f8b6a62a0eb299e1d83ac0536","ssdeep":"","tlshash":"e321af7fae231154d11691692bba776c3e3a001b6301c8307afcbe685f43f429447bd4","first_seen":"2026-04-13T17:18:50.176808Z","last_seen":"2026-04-14T20:09:19.672855Z","times_seen":6,"resource_available":true,"data":null}},"time_used":493,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":493,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/e/dongpo/tz/tj.js","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /e/dongpo/tz/tj.js HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 808\r\nlast-modified: Fri, 20 Feb 2026 16:18:53 GMT\r\netag: \"6998896d-328\"\r\nexpires: Wed, 15 Apr 2026 08:08:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":808,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (554)","md5":"1bf60b5cf9c764caf9e85228dc7bfc33","sha1":"22b0d1971d7ec1ec3bb55ff4771752db18eab9ef","sha256":"1a32c475f692c3c84f550cc194a92fff3df6368293bbec3b8e67a42bc2d92306","sha512":"681c26eab518649736ea2c6302120b5a61e0b0749375c8933c7c890b6195de0c6e09a4184c9af8c5fd0f5e5eeda63ba803574bee4c44737899ccd18ce14c97c9","ssdeep":"","tlshash":"8601f11f7c25e13463921c2d23bbdadcf5ad2016101dc80654dec4ad6c34ff9042ab4c","first_seen":"2026-03-03T01:17:34.078046Z","last_seen":"2026-04-14T20:09:19.673447Z","times_seen":60,"resource_available":true,"data":null}},"time_used":733,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":490,"receive":243,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"27.124.6.58:1649/static/picture/tycpc.png","fqdn":"27.124.6.58","domain":"27.124.6.58","tld":""},"ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://27.124.6.58:1649/","date":"2026-04-14T20:08:53.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 12:46:54 GMT","end":"Mon, 20 Apr 2026 04:46:53 GMT"},"fingerprint":{"sha1":"FE:3B:CE:47:7A:EF:44:00:F2:76:CA:23:34:37:13:E9:96:CA:67:4B","sha256":"71:2D:51:44:43:D8:00:E0:E0:E0:2A:99:C9:3A:01:AA:DD:89:04:17:11:DF:8D:A8:CA:14:9F:88:98:AC:C5:1A"}}},"request":{"raw":"GET /static/picture/tycpc.png HTTP/1.1\r\nHost: 27.124.6.58:1649\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://27.124.6.58:1649/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-4d7b\"\r\nexpires: Thu, 14 May 2026 20:08:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19835,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 162 x 60, 8-bit/color RGBA, non-interlaced","md5":"9cccfc8ca4e4f50e4155a906a42666cb","sha1":"6687ef39ed3ba532124b8155234e819655ac0827","sha256":"38fa753bd6894fd8b0fdd94ba7e7bd9da32cb1e58017c44ce0147afba97b4841","sha512":"4e5e74b92841a16efc4cad516894bdaa1eca4ccdca290bcb36bbaa68cbe2011a6d12005f5bc2946532bbddc4e73161589ab3a296a734b78ad12aaa540bed9cca","ssdeep":"384:nC4JlgpsDv49JmGFnsvbCU5jAEVzJ0smbzRgZGme584WLMM0tq5PHcMV:Ccw9J9FybCUTzJ0smbZhwPH5","tlshash":"ba92e1cc99b518a51940f1dc2f338a48cfe9112c29e58776b1d377a2d94ae6f307c60b","first_seen":"2025-02-07T02:11:03.006958Z","last_seen":"2026-04-14T20:09:19.674041Z","times_seen":147,"resource_available":false,"data":null}},"time_used":851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":851,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"27.124.6.58:1649/static/picture/1552215839168.png","fqdn":"27.124.6.58","domain":"27.124.6.58","tld":""},"ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://27.124.6.58:1649/","date":"2026-04-14T20:08:53.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 12:46:54 GMT","end":"Mon, 20 Apr 2026 04:46:53 GMT"},"fingerprint":{"sha1":"FE:3B:CE:47:7A:EF:44:00:F2:76:CA:23:34:37:13:E9:96:CA:67:4B","sha256":"71:2D:51:44:43:D8:00:E0:E0:E0:2A:99:C9:3A:01:AA:DD:89:04:17:11:DF:8D:A8:CA:14:9F:88:98:AC:C5:1A"}}},"request":{"raw":"GET /static/picture/1552215839168.png HTTP/1.1\r\nHost: 27.124.6.58:1649\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://27.124.6.58:1649/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-2a6b0\"\r\nexpires: Thu, 14 May 2026 20:08:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":173744,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 488 x 147, 8-bit/color RGBA, non-interlaced","md5":"ce2e5b88612ff5d0c083357995805cb1","sha1":"ee211057d855fb16fcbbc4dd280c54d0e8be9445","sha256":"8d2484ecd64a9270ab446bebd54998c84015ccac62e322332ff027218cc11c54","sha512":"5c3a7cc91ed1cc8f9064538fd154dd31addf4705eea3767bd444c06cc64dfedc9bdccee584936bd2b6a4f142820d0bdd74213497247a59759e89d79fa5bfd896","ssdeep":"3072:7jOt+RYVDFMiydCbjFViIj2qBEn0uzBdtt/jU4SyaguPpoQE3TqtGMFR++gcKiYF:fOARYVFMiyyhViycrTLw4vagkpoQE3T/","tlshash":"c204124c9c4413f186c9f265e2068884e57fc915427c342b37c9e3fb4da6a4927baf32","first_seen":"2023-09-28T01:03:26Z","last_seen":"2026-04-14T20:09:19.67466Z","times_seen":295,"resource_available":false,"data":null}},"time_used":933,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":933,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/swiper/css/swiper-bundle.min.css","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/swiper/css/swiper-bundle.min.css HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 08 Jul 2025 00:36:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"686c681a-4691\"\r\nexpires: Wed, 15 Apr 2026 08:08:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18065,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17812)","md5":"ea28ae0aaf82709381c57d6a7daa7a05","sha1":"a7c528dc9018aeefed9a52337168decb220e2f61","sha256":"af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2","sha512":"9c63402a957e06b7c365a6cf5f53baaba991953e7bfda99d8feeaf177db6a2782a28004b1d82df2dcde362d5556e4891f6da300d63cf13d816144dadb1920f66","ssdeep":"192:1VmUJbiKne0JlXZHZ+Sme+jexS4nxep/a2GZb0Q5nfufKlAYfg5fyeesedOJ9A5Q:1gUbe0JdZHZ+W+SFnZ24tlWfF4XYz","tlshash":"d08245a85340282753274f364b71cbb9dd7444d20f9389ae91c0ee48d7f6db9132f6a9","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-04-14T20:09:19.675383Z","times_seen":3609,"resource_available":false,"data":null}},"time_used":499,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":499,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/departments2-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/departments2-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 50168\r\nlast-modified: Sun, 01 Feb 2026 09:20:03 GMT\r\netag: \"697f1ac3-c3f8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50168,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 766x510, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7c7b900507669285c6d4939676c86337","sha1":"2658a79cac3bed71d9ed1386a52e377290dec125","sha256":"d3067e1d438f4441b3e8305184f836be6e3bf620cd0850883eab7b36c0a0e55b","sha512":"c38437b95710f56c366c575c6d231be48dec4f2a2943bc1b2598f1bfb5db5e3638b02a26d1b224a4220ebf2061b05c234a319f651e59082be0b6d1aa7ae5e3e3","ssdeep":"1536:SIfgGBvF0AYfY1yeWsNOOVsGs4NiPgZOxfrRaLIddF9IUJbIOJ40CcH:t55+YIYCGb1fIddQUJy09","tlshash":"f933029c645c38b1c885f8dd91bcc71b8b417cbb12533cc80bd6496fa5ead35981f259","first_seen":"2026-04-14T20:09:19.676508Z","last_seen":"2026-04-14T20:09:19.676508Z","times_seen":1,"resource_available":false,"data":null}},"time_used":989,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":492,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/judge1-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/judge1-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 147158\r\nlast-modified: Sun, 01 Feb 2026 09:20:03 GMT\r\netag: \"697f1ac3-23ed6\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":147158,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 792x528, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bb9082344683f4805a8abe269c7ee5f1","sha1":"e04b46da124cff7cc4f4c491d79fa72b4b285313","sha256":"f72df69208735d1014a7503bc1e8b93592b5c3b5f4028817f6b9cda6b707f89a","sha512":"d198242d77a57c475c2882ff5b63da9c78e94284d3c812c962d17e7e540e43def2cb14db0f187a628c427532dd95150c5a42689ae48bce53659a0f7e2cfb147b","ssdeep":"3072:y/npQaQw40xz6jYzgYxHbqGRPDkNhQ8DvJPTzzlqJmpKDWb:y/pQmxz6jbCHHLk48D9TgJMKDw","tlshash":"dce3127052829f0969374fe6f274a41d131a3347ead06390efffc5a5ee1a1a0b423975","first_seen":"2026-04-14T20:09:19.677653Z","last_seen":"2026-04-14T20:09:19.677653Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1493,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":495,"receive":998,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/bootstrap/js/bootstrap.bundle.min.js","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 01 Jul 2025 15:41:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"686401bc-13bb5\"\r\nexpires: Wed, 15 Apr 2026 08:08:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80821,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-04-14T22:24:47.003858Z","times_seen":1175,"resource_available":true,"data":null}},"time_used":492,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":492,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/swiper/js/swiper-bundle.min.js","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/swiper/js/swiper-bundle.min.js HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Jul 2025 15:58:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6865571e-22512\"\r\nexpires: Wed, 15 Apr 2026 08:08:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":140562,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65283)","md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-04-14T23:21:49.64058Z","times_seen":3123,"resource_available":true,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/ico/favicon33.ico","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:53.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/ico/favicon33.ico HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:53 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 16958\r\nlast-modified: Tue, 08 Jul 2025 19:42:24 GMT\r\netag: \"686d74a0-423e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16958,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"0b05494fab8bcfcc6ff8b2a34e475fc9","sha1":"79bc941fac047d6589bbb4ceb44aa2155f90162e","sha256":"7444d3939f2167389c2efd0fe058fcc36e130dfd1443acf340648f463587815a","sha512":"4074b046fff24d64a3956b80a5e0385f8723e2477c6918ae6c2191a59262ddd3cbbe1375612487cdf1bf9ca89ad540b0628afde3d7fa3368848148f2760c1353","ssdeep":"384:cD7DA30Mp2b9lNMzX4ZiF47Nf8CDEjIfDP6:QCpkiX4m8Nf8CDbDP6","tlshash":"4b72b5647784d70bc9011d394846977a225b1c9cb4c5c112feeefeab7e6e0caccac499","first_seen":"2026-04-14T20:09:19.681903Z","last_seen":"2026-04-14T20:09:19.681903Z","times_seen":1,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":246,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"27.124.6.58:1649/static/js/link.js","fqdn":"27.124.6.58","domain":"27.124.6.58","tld":""},"ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://27.124.6.58:1649/","date":"2026-04-14T20:08:53.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 12:46:54 GMT","end":"Mon, 20 Apr 2026 04:46:53 GMT"},"fingerprint":{"sha1":"FE:3B:CE:47:7A:EF:44:00:F2:76:CA:23:34:37:13:E9:96:CA:67:4B","sha256":"71:2D:51:44:43:D8:00:E0:E0:E0:2A:99:C9:3A:01:AA:DD:89:04:17:11:DF:8D:A8:CA:14:9F:88:98:AC:C5:1A"}}},"request":{"raw":"GET /static/js/link.js HTTP/1.1\r\nHost: 27.124.6.58:1649\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://27.124.6.58:1649/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 14 Apr 2026 13:37:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69de4328-6cf\"\r\nexpires: Wed, 15 Apr 2026 08:08:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1743,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"3b7f10dc860507e19810662a1384c208","sha1":"102fbcdc98f0e9bee57623af78d23a95e4a8626a","sha256":"af5dc7e9b8774447751f6cc8dd9b2eea022fe936c733f22e59b05d09b29efb4e","sha512":"fab9eee0505d951a560115fccb4aaf2917829c9758875e55eb750d7e381c423f0b514063f12c3cdd95ec43faab4061ac8048f99f978b58b95468b178feaefe1e","ssdeep":"","tlshash":"c831ce5de6d128220d274867695b3d00b153400bbd0aec42f29d4ac4efb172e4b7a8f4","first_seen":"2026-04-14T18:08:38.367231Z","last_seen":"2026-04-14T20:09:19.68433Z","times_seen":2,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"27.124.6.58:1649/static/picture/jinshapc.png","fqdn":"27.124.6.58","domain":"27.124.6.58","tld":""},"ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://27.124.6.58:1649/","date":"2026-04-14T20:08:53.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 12:46:54 GMT","end":"Mon, 20 Apr 2026 04:46:53 GMT"},"fingerprint":{"sha1":"FE:3B:CE:47:7A:EF:44:00:F2:76:CA:23:34:37:13:E9:96:CA:67:4B","sha256":"71:2D:51:44:43:D8:00:E0:E0:E0:2A:99:C9:3A:01:AA:DD:89:04:17:11:DF:8D:A8:CA:14:9F:88:98:AC:C5:1A"}}},"request":{"raw":"GET /static/picture/jinshapc.png HTTP/1.1\r\nHost: 27.124.6.58:1649\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://27.124.6.58:1649/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-a334\"\r\nexpires: Thu, 14 May 2026 20:08:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41780,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 295 x 113, 8-bit/color RGBA, non-interlaced","md5":"1d2140363e0fda69f41537010f37ac74","sha1":"9f3791b6ade0a7966dee0253cb698564490e9440","sha256":"65ff8549228320f54f3d93e45194314c43c7cea541241876a57633bb5ac94f92","sha512":"75dd491fe42a57dee94c06e5e389323f0b32a584f3d0223845ea8f945ac9cff401e65cc381f4e8973dd78c14655abfff000186a770df78acddff35e6bb69fa86","ssdeep":"768:fUD/+JUtuV8Sp+uA5mBhYhXXy7I1VzKT26hq34ZhMNg1de0nGtXIIq5y7RYLIXK9:j2SYd1Xy7wVG66BvMNg60KXrsLB","tlshash":"3113f1a116d7074d278849fcda334deec406ab285d19b93ec5f68f34e3846c4d083a66","first_seen":"2025-01-31T12:39:53.036928Z","last_seen":"2026-04-14T20:09:19.685483Z","times_seen":148,"resource_available":false,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/departments4-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/departments4-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 78906\r\nlast-modified: Sun, 01 Feb 2026 09:20:03 GMT\r\netag: \"697f1ac3-1343a\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78906,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 688x458, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a9c2b016fd1a0378a383f0491b42990e","sha1":"f72f5e98dc47dbe38d25dd3e173d5b5d42d30417","sha256":"d199e35189e9d6dd9b5915c040f0f9fa89b678061517266c8a1c95653cf11516","sha512":"dfa79aae4850af6307689896ee9a59a42c90d0240bf3a4b6caacca5c44b013afbdaa434df06fb20159f060788cdf2b532866a63a0ae80fb63a2cfdbafd691b39","ssdeep":"1536:azPjwfC8DDkSPXV8ioSREa2JE0BY+vTuvjW+sdvfiqKsniFSMRf0miSjBHk:aXCxvyCO5SvjXMvfi+oEmPjBHk","tlshash":"a7731273c1e9277a229554cf5ca3d31a8ff08de64e07a66c48473ded15427eab20d193","first_seen":"2026-04-14T20:09:19.686196Z","last_seen":"2026-04-14T20:09:19.686196Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":983,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"27.124.6.58:1649/static/picture/365pc.png","fqdn":"27.124.6.58","domain":"27.124.6.58","tld":""},"ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://27.124.6.58:1649/","date":"2026-04-14T20:08:53.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 12:46:54 GMT","end":"Mon, 20 Apr 2026 04:46:53 GMT"},"fingerprint":{"sha1":"FE:3B:CE:47:7A:EF:44:00:F2:76:CA:23:34:37:13:E9:96:CA:67:4B","sha256":"71:2D:51:44:43:D8:00:E0:E0:E0:2A:99:C9:3A:01:AA:DD:89:04:17:11:DF:8D:A8:CA:14:9F:88:98:AC:C5:1A"}}},"request":{"raw":"GET /static/picture/365pc.png HTTP/1.1\r\nHost: 27.124.6.58:1649\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://27.124.6.58:1649/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-2255\"\r\nexpires: Thu, 14 May 2026 20:08:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8789,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 189 x 44, 8-bit/color RGBA, non-interlaced","md5":"e0c9d379cd4926e815abd7d25c32f5e4","sha1":"e9a1fb55262d96495f14da278c7242cc3fda956b","sha256":"7b50586f667edbeb0c3d573a44d40742354c385a2d7ae1971aa4b0173c11173d","sha512":"519aaeff0baab73e269e86413df78c8563728cb4b1f17e448877c4853a726df366f201b9e869078a4fa460517530a84b5ae9da4290511aeb4d0b93aecb9ac99c","ssdeep":"192:6ZTS99EegUNgEBTJ35PgUUxiKlqSvxV5mG5pqghmCoTHV0:2YzgogEr35Y7cK1YGmAMT+","tlshash":"1e02a0bc5a62079b3d1aa9f8172c54f1fdd070eb411f7c99947d201b0c68a1c83af4a3","first_seen":"2025-01-31T12:39:53.02929Z","last_seen":"2026-04-14T20:09:19.687901Z","times_seen":149,"resource_available":false,"data":null}},"time_used":641,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":641,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"27.124.6.58:1649/static/picture/xpjpc.png","fqdn":"27.124.6.58","domain":"27.124.6.58","tld":""},"ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://27.124.6.58:1649/","date":"2026-04-14T20:08:53.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 12:46:54 GMT","end":"Mon, 20 Apr 2026 04:46:53 GMT"},"fingerprint":{"sha1":"FE:3B:CE:47:7A:EF:44:00:F2:76:CA:23:34:37:13:E9:96:CA:67:4B","sha256":"71:2D:51:44:43:D8:00:E0:E0:E0:2A:99:C9:3A:01:AA:DD:89:04:17:11:DF:8D:A8:CA:14:9F:88:98:AC:C5:1A"}}},"request":{"raw":"GET /static/picture/xpjpc.png HTTP/1.1\r\nHost: 27.124.6.58:1649\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://27.124.6.58:1649/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-5800\"\r\nexpires: Thu, 14 May 2026 20:08:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22528,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 183 x 55, 8-bit/color RGBA, non-interlaced","md5":"c53d923594566be7e0e41e8d720c0ac0","sha1":"e16a4b701d10291bbff90178e8b0d5f576e00821","sha256":"021994557d1d9642fdc16a0d8f6e471bec81bea7f366de6ef631f536c165418b","sha512":"554f7d6d44d26905610a65e21bd157ec30fef501c356e97787deca22f9089216f59e284f0effab7b18da89134af594d4ffd5eed889b1b5a4d5a5412456b9832e","ssdeep":"384:QfchEzlZmrXTjUDkJe2tERBxq2ceTdr1lFJ3d2Oo+UQSYJshjRHXvcQ:QfchEzrmrXTjUhP42cKpFJ3lo+UHYa//","tlshash":"fba2e0f1f36ff1b54a924d554cf8e2b080978942e088ee6135cb204acade8d31d993e7","first_seen":"2023-05-07T20:04:35Z","last_seen":"2026-04-14T20:09:19.688755Z","times_seen":289,"resource_available":false,"data":null}},"time_used":740,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":740,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/departments5-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/departments5-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 75848\r\nlast-modified: Sun, 01 Feb 2026 09:20:03 GMT\r\netag: \"697f1ac3-12848\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75848,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 779x519, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"382ffdf272ca85903f1055cd1b25510f","sha1":"e47a930f071ca6d291ebb35c6114018f964006a4","sha256":"99a6d3f4e1b946fbd209fda13a0f2d88967647a123087594751ee38445e5ac5a","sha512":"0a8a755309769c5bdd93d78f9c2ed13deef1a8d9abb9399fc35768f91f158de6c6ead14fe36303902b7aa137af4fa659e8505d3157bd0fdd9ce37780cd579621","ssdeep":"1536:ylhWIWXcC+9sUDIjljl9tiVoVh5p247FLpsrwDr6Iyhj:gh9sG0jAVoV7c47xpsrwDmZh","tlshash":"107302eeeccc1bc9034cd7446e60e42ada19590845f55eff81bc94f4e271ca93fa026a","first_seen":"2026-04-14T20:09:19.68964Z","last_seen":"2026-04-14T20:09:19.68964Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1481,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":984,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/judge2-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/judge2-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 49238\r\nlast-modified: Sun, 01 Feb 2026 09:20:03 GMT\r\netag: \"697f1ac3-c056\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49238,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 822x548, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"dbc2363d583c8ae6ddd6647c770d254a","sha1":"dcb44cf6e34c5dc445872a8a81df177459d495c1","sha256":"423fe321d480968634c3898b26b862b37ce8ccac921815011ac58d0a445eed55","sha512":"fc41a5f0437570a21dc7d133bd0b2562ddc93a0f5314458dc012238e43ef3901c1b0db1acb6247f8a97e3017b21766cd4e2e2ead0cd9aea4038ac8ff4a0fdafa","ssdeep":"768:XTScQAIp27S3A0CghqsXIAIQCA7QMVGbbF2JBrJzowizZoZFEWy3JuRlorPX8uYr:jnQW8ks4A9QxF8Gqk98kkFJGk","tlshash":"0a2302123066f408a499df3f4352ba7c8b346a78200697a8c25c4768db7078d7b967bf","first_seen":"2026-04-14T20:09:19.690762Z","last_seen":"2026-04-14T20:09:19.690762Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":495,"receive":738,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/judge3-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/judge3-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 94996\r\nlast-modified: Sun, 01 Feb 2026 09:20:03 GMT\r\netag: \"697f1ac3-17314\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94996,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 666x492, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f5c8d3d6a854f164cf3e683a6af6b872","sha1":"eace71791359f608cc6650e83206eb2b03bc2a4c","sha256":"463b9ea01b6bee6155e62e0d436a78223d58833ca3d048d2f3fa329a4de382cc","sha512":"ba51565e491fd534b05a3e6b6a5e4518e9a15816c069cc07b65b02c83e00dc9650f5df692d7b4c10819d18bf0c85d4d32b9ade743969d4ba7ba51b3bb1b1e004","ssdeep":"1536:HwvU6H92z1VIyuNtwkdRUscByjHm7VPxsM90wKjA+X0+40dQainth2ze:QNU5Vxu9dRUscsmJxF90w7gxeD2q","tlshash":"2e9312a81b17abbc895727898169fad0c027974b4afef5735d085fb7004ee78a140e73","first_seen":"2026-04-14T20:09:19.691764Z","last_seen":"2026-04-14T20:09:19.691764Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1481,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":495,"receive":986,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/judge4-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/judge4-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 153848\r\nlast-modified: Sun, 01 Feb 2026 09:20:04 GMT\r\netag: \"697f1ac4-258f8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":153848,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 799x570, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2b8ffbe5107de899f7fa6bc8ab49406a","sha1":"4ded74fd3c1567a4584f3f7ea3155c98286d5234","sha256":"07ed700530290aa1d031f91b3c28762ab5a4cbea06fb51510d2b4010b3cf470e","sha512":"161ef68a509265f3ad4ae0cbcf9645fc1a0c85cbf6a29cd3e5f70ab9aecdd20d2a5582ca8d1b77305b793bacd738af3b67c727399f7410607b3a210fbb976f80","ssdeep":"3072:3h/ZQ4kIzkcHgufOt0btIQOrF9FCfEPp7mQtqdnvXsm5U1tXg12Eey:30OYcHg0OtkJOXFCfO7jtq9vcj1tXE","tlshash":"b1e31220388f055b18496caacfb7ad4dbb87c47ce8e138115ee0749d95bbf50a5f8b18","first_seen":"2026-04-14T20:09:19.692692Z","last_seen":"2026-04-14T20:09:19.692692Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":494,"receive":989,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:53.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":""},"issuer":{"commonName":"Keymatic Secure Domain RSA CA G1","organization":"PKI(Chongqing) Limited"},"validity":{"start":"Wed, 01 Apr 2026 06:48:26 GMT","end":"Fri, 16 Oct 2026 15:59:59 GMT"},"fingerprint":{"sha1":"F0:4F:0E:62:84:89:BD:2B:8E:53:1E:AC:20:70:16:C2:F7:E9:C1:C0","sha256":"54:9F:ED:D0:8F:D4:0A:5F:31:95:55:FD:E0:E6:13:F2:09:8C:39:E1:01:31:98:FA:1D:DC:20:CD:20:19:7C:F5"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 400\r\nOrigin: https://cszb-dy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cszb-dy.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Tue, 14 Apr 2026 20:08:53 GMT\r\neo-log-uuid: 3839023094157103722\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-14T23:55:33.269117Z","times_seen":13761163,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":46,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/fontawesome/webfonts/fa-solid-900.woff2","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:52.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/skin/fontawesome/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:52 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 158220\r\nlast-modified: Fri, 13 Dec 2024 00:50:06 GMT\r\netag: \"675b84be-26a0c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":158220,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 158220, version 775.1280","md5":"4a6591ab5460ae5cbff1ecbd6e52193a","sha1":"7cd8afd6501962fda35d66f0e4c3b8815ac471d8","sha256":"aa75998623a391e61c6901794ace832e3ecdd288b56d608f21bea0411acc0b8e","sha512":"96c5d3283b71613b595b6b0420333bef5d64451af05c59dde27ec5b3e7cfe6e9549c604cddfbcb79cbc0fd4cd6f2e22a130c9a220b1b7ef933ac9df8c8e695d6","ssdeep":"3072:RauSB5FANIRLpsBaBrJGNG3ECNQztRvHHqkqLrlF:guSqN6ptrJGo3POh9KT9F","tlshash":"0ef312a710c6b95684a3a51b336adeb52c3ed363fcb6cd73be340114689da9c2e4d190","first_seen":"2024-12-19T10:41:23.153533Z","last_seen":"2026-04-14T23:20:04.724388Z","times_seen":21841,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":442,"receive":258,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/hero-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/hero-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 55510\r\nlast-modified: Sun, 01 Feb 2026 09:20:02 GMT\r\netag: \"697f1ac2-d8d6\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":55510,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 624x416, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bc988c4d486bf4d4b83b15897492c4d9","sha1":"c5c30e28965f6e8bfe1fc65bd485823ced15b0c6","sha256":"f6abb5cd0571b201fabe22dedc1c0572e1dd24ccd269a2fbabe3c6be5d726d72","sha512":"61fd24fecff6a224bdb3664a9d9baffd6252edf2d3c98c97a272fb94870908562c3462a3d1f0c56e3adf0f78c567ce19da8baa7ecd508322ef9f7e3c506ef0c7","ssdeep":"1536:auacCunTcdto1jk77Gm07KZ8ZnrYFybEk/o:au/wbSjw7CKZSnrYFybEkA","tlshash":"8043f1c193012f542a3fbdf49d65a4e5047afcc6989634ea49c7824cc68fb38f28897c","first_seen":"2026-04-14T20:09:19.694827Z","last_seen":"2026-04-14T20:09:19.694827Z","times_seen":1,"resource_available":false,"data":null}},"time_used":986,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":498,"receive":488,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/departments1-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/departments1-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 37008\r\nlast-modified: Sun, 01 Feb 2026 09:20:02 GMT\r\netag: \"697f1ac2-9090\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37008,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 607x404, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c03a924e7bacd6abd7530dd873ec1c64","sha1":"258b495c707ce76f142f93d460a60c9b9e72459e","sha256":"eb69b9215699a1c048c043ce1f7d8aaf80940f04877648602c0944b5149efbc5","sha512":"a3cfd1a473859139ee1779d833f14eb07d80b8c4d333d0756d6a4cc2878db8103402834764a3b4598ea236f355848f71789e7daf17f15d1d607c06f89e56a3ed","ssdeep":"768:d9mkLqYj819n1n2pkAVPB6qJpVhZJ2qdRGMDiS4vEM2IX//xJo0:doSqYj81N1nzAVPB6MpJRGMWS4sn+/DB","tlshash":"11f2029f8a8f0a2abe219c5ba4b002a5d77304d21d17a7f0fbcd3097c5916e88cb543c","first_seen":"2026-04-14T20:09:19.695624Z","last_seen":"2026-04-14T20:09:19.695624Z","times_seen":1,"resource_available":false,"data":null}},"time_used":987,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":498,"receive":489,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/judge6-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/judge6-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 122714\r\nlast-modified: Sun, 01 Feb 2026 09:20:04 GMT\r\netag: \"697f1ac4-1df5a\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":122714,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 702x468, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1b90d043201f190e8684b2195c7b69a6","sha1":"e3bd185e29d77554f999e0c68cedaacaf6bf5545","sha256":"d309e686f87973a47929c548b0fd40dff98bbd437ce77bd96714ac3495d24710","sha512":"5ddfa81a22051d9371cab6156713c63b1eb35f7241052eb8f81346b1c5af4f6a0688b7728e5c6b4af015ccd0aba74c1b90c01679a1fbe5e33b4aef7dc36c8670","ssdeep":"3072:CteaVxVjbjeAAl3wutPJZAucwtuVDuaijSWSUqAZz1GVs3bGFZau:CNVfUl3ZtPJZGlsjH1qWG6IZau","tlshash":"5fc3122c22d40b6e4519b3eb8bc80d731d15b6cd1cdaa738e655d8b23698e2e3f10d79","first_seen":"2026-04-14T20:09:19.696968Z","last_seen":"2026-04-14T20:09:19.696968Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1487,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":493,"receive":994,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"27.124.6.58:1649/static/picture/dfpc.png","fqdn":"27.124.6.58","domain":"27.124.6.58","tld":""},"ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://27.124.6.58:1649/","date":"2026-04-14T20:08:53.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 12:46:54 GMT","end":"Mon, 20 Apr 2026 04:46:53 GMT"},"fingerprint":{"sha1":"FE:3B:CE:47:7A:EF:44:00:F2:76:CA:23:34:37:13:E9:96:CA:67:4B","sha256":"71:2D:51:44:43:D8:00:E0:E0:E0:2A:99:C9:3A:01:AA:DD:89:04:17:11:DF:8D:A8:CA:14:9F:88:98:AC:C5:1A"}}},"request":{"raw":"GET /static/picture/dfpc.png HTTP/1.1\r\nHost: 27.124.6.58:1649\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://27.124.6.58:1649/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 11:38:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d8daa-1c49\"\r\nexpires: Thu, 14 May 2026 20:08:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7241,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced","md5":"9ca63936da71d994267413c9b4d62583","sha1":"0083b92ce28904d8c01cca591a852d218c944d3e","sha256":"909c9c1f9b2ee3b6ebe305b395b454cb597ae2b4ad8ec0db3a57c2e678bb685a","sha512":"2c01f6e39b4f8c4ff7d8c2d20640c9d80b50ebb49351d32c4e0263b11abbb721b6af3c4d27c308f6e26d4f9e0c5f08045c0d235b3ef1a587eaa1df578c7c333b","ssdeep":"192:FxLpy98iKPdw9eYyJIoxrBG3GFQVnpq1fw5qDQ/7os:F1pyNIq9e1Zrg3GFQVnp2YsQ/j","tlshash":"78e18e3b8e8c2754c1551385a136fab4d8791ef331f4923e9a257c22dd52ab2c921386","first_seen":"2026-03-01T01:18:02.55958Z","last_seen":"2026-04-14T20:09:19.697919Z","times_seen":101,"resource_available":false,"data":null}},"time_used":884,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":884,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=B2F512BB890A6F64\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1421395954\u0026si=c07eb39b85a98c006261a3a263eb36c6\u0026v=1.3.2\u0026lv=1\u0026sn=2228\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fcszb-dy.com%2F\u0026tt=%E5%BD%A9%E7%A5%9E%E4%BA%89%E9%9C%B8%E7%B2%BE%E5%87%86%E8%AE%A1%E5%88%92","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:53.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=B2F512BB890A6F64\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1421395954\u0026si=c07eb39b85a98c006261a3a263eb36c6\u0026v=1.3.2\u0026lv=1\u0026sn=2228\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fcszb-dy.com%2F\u0026tt=%E5%BD%A9%E7%A5%9E%E4%BA%89%E9%9C%B8%E7%B2%BE%E5%87%86%E8%AE%A1%E5%88%92 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Tue, 14 Apr 2026 20:08:53 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=872ECA611046F8DE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-14T23:54:16.283959Z","times_seen":335063,"resource_available":true,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":321,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/footer-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:52.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/footer-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:52 GMT\r\ncontent-type: image/webp\r\ncontent-length: 45164\r\nlast-modified: Sun, 01 Feb 2026 09:20:04 GMT\r\netag: \"697f1ac4-b06c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45164,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 688x458, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"148c7a01bc38cfe2594347aa4a53b8f4","sha1":"2c1ced0d4e0b2a5fc41c1aa5bd3b8dfbc0bfff84","sha256":"521a9154c817d15e633ba85ad881e1d66d52bf797b613d1978eb628cd42bb87f","sha512":"2a0d9a0914d7a5a2ae2a8ba25e415bf8bf0b121ee5405e3dd72dee900d59dbe22d95f52c7df16b2a9f75f785c5455507b5167468405aa2eb38f5573b3f531fe2","ssdeep":"768:pI5iXEfxIGDK2S04IILRPd+ZdbAWd/Bb8CxulxvMLlIW7UOTNTCHsjf9pPfgc:m7DL4HLduZAsBb8Cxg6lI+306f9pr","tlshash":"6713f1a146b83853e90e864c2b530654471f1f81474ba7986f3db2796cb8613f358ebf","first_seen":"2026-04-14T20:09:19.700758Z","last_seen":"2026-04-14T20:09:19.700758Z","times_seen":1,"resource_available":false,"data":null}},"time_used":445,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/departments3-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/departments3-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 53072\r\nlast-modified: Sun, 01 Feb 2026 09:20:03 GMT\r\netag: \"697f1ac3-cf50\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53072,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 608x405, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a7b4ba2704ff9942b758e093439f621d","sha1":"b002c0749621c3189b600e2f0462c138758d7608","sha256":"98603141fbadabf67df9f96057acb7acd8b0cb4ef3d6ebe95c731263768ff126","sha512":"b389d687683b61c831a3a815424f119053039854b50e81830af318a2167a5df64031c7b8acdfc3dc9438ace4c49eb899554e8a618666209c9fc315f2b8627d8b","ssdeep":"1536:itdvRatHEVEgQ2CP7KWK2UuYHcdXVz+8EFW6:itJR8zgQ2HWBUqdXVUQ6","tlshash":"4a33f1ddd567ac9c803eed79884b992b110b35d4ecc2d9fab2a450cc2bd34dc60ec958","first_seen":"2026-04-14T20:09:19.702401Z","last_seen":"2026-04-14T20:09:19.702401Z","times_seen":1,"resource_available":false,"data":null}},"time_used":990,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":497,"receive":493,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/departments6-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/departments6-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 44882\r\nlast-modified: Sun, 01 Feb 2026 09:20:03 GMT\r\netag: \"697f1ac3-af52\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44882,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 787x524, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9abf473614ed71616d0865a86e6e02ba","sha1":"8fa1113fc2ab8a432871a19cd6ca38740603f4d0","sha256":"480d7f431526b812cc8e3a5429ffa8aefa0d19007bf62726f7fe623620beeb6a","sha512":"d7def05e4471973712dbb5f9b19a9a655ba4381120b0008feb56a65e4498568c2f83b4862e2f5ad5d31be021b19736d8f2bbc9a0b09d0a0a949bfdbf39172c39","ssdeep":"768:qiyJOX+XNBp7bYVEY49KM5/TZ+b5cHujhkXm9WX3r2Hn82uGNNE2K+cbot7EPlnE:q9kudfY0H5/TciHaK3CHeGNNLb014e/e","tlshash":"4b13f1f4bf8c542d80fc1b6f91a915874685e85a19a0d42ddd985f8c13009e2efe0bbe","first_seen":"2026-04-14T20:09:19.703337Z","last_seen":"2026-04-14T20:09:19.703337Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":496,"receive":735,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/skin/cover/cszbdycom/judge5-33.webp","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cszb-dy.com/","date":"2026-04-14T20:08:51.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET /skin/cover/cszbdycom/judge5-33.webp HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cszb-dy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 47244\r\nlast-modified: Sun, 01 Feb 2026 09:20:04 GMT\r\netag: \"697f1ac4-b88c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":47244,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 750x500, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4add6a63921f101936da4007d5727402","sha1":"360eaf61f5c892a1717ef2f8b0983e4ddae050e9","sha256":"972a7092786b944bb227040844b6c1fcbe7a4904577329fa92170d47362fcb87","sha512":"3216bbb7850632d05701f10aa424e23f17a7b800c63e349fa8c6c461544919bc251d1c91404928f66c6c7e070ffab46fe6bc1a93265a62cdc963565d7a5a5928","ssdeep":"768:1dS2/ZTACacloIihfoGnvfMWTDkVqMqD4jPif6QSNVvlHIwqu6d0A0hUO+RVU:1VTACaLh53x6QwNJF16d0A0hyRC","tlshash":"db23f29509c98c82cf53fa7bedf8b448297f66c54b863e4444b75bb07aca40ef53a090","first_seen":"2026-04-14T20:09:19.704386Z","last_seen":"2026-04-14T20:09:19.704386Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1474,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":494,"receive":980,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"27.124.6.58:1649/static/picture/wnspc.png","fqdn":"27.124.6.58","domain":"27.124.6.58","tld":""},"ip":{"addr":"27.124.6.58","port":1649,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://27.124.6.58:1649/","date":"2026-04-14T20:08:53.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 12:46:54 GMT","end":"Mon, 20 Apr 2026 04:46:53 GMT"},"fingerprint":{"sha1":"FE:3B:CE:47:7A:EF:44:00:F2:76:CA:23:34:37:13:E9:96:CA:67:4B","sha256":"71:2D:51:44:43:D8:00:E0:E0:E0:2A:99:C9:3A:01:AA:DD:89:04:17:11:DF:8D:A8:CA:14:9F:88:98:AC:C5:1A"}}},"request":{"raw":"GET /static/picture/wnspc.png HTTP/1.1\r\nHost: 27.124.6.58:1649\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://27.124.6.58:1649/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 09:51:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699d74b1-1eb7\"\r\nexpires: Thu, 14 May 2026 20:08:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7863,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 172 x 60, 8-bit/color RGBA, non-interlaced","md5":"6e6f3e6c749737e6c347ec25d39b3eb1","sha1":"076c805bf394c7996a58202e333827837c8b1378","sha256":"391138ddf53bc321563b3d17fe0f37f5b40efba65fc661dbfa239a2b2184ec65","sha512":"b4621a8e30b49a48b1b13e9582c260b02d42ab2cc2509d59e56cf85028eec3dd165e255dff5c61e689ad8b4eaabe74852185efb2764da5c0ec1133a2ccb02a3d","ssdeep":"192:FQSFq7yL2y34yuuSzYUfBY2kCf9pDnA3+O07Zu86U9S0aN:zFjLX3u1YU5sCzA3hEu86sSLN","tlshash":"26f1ae6b1553fcb469dda7e92063af6082136f48b0077a12fb2b29748135fe5f44aa13","first_seen":"2023-09-28T01:03:26Z","last_seen":"2026-04-14T20:09:19.705317Z","times_seen":173,"resource_available":false,"data":null}},"time_used":808,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":808,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cszb-dy.com/","fqdn":"cszb-dy.com","domain":"cszb-dy.com","tld":"com"},"ip":{"addr":"154.89.77.203","port":443,"asn":142286,"as":"LUOGELANG FRANCE LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-14T20:08:50.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cszb-dy.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 05:27:45 GMT","end":"Thu, 02 Jul 2026 05:27:44 GMT"},"fingerprint":{"sha1":"19:93:6E:5A:7E:68:54:E5:C7:23:D0:07:D3:02:64:48:D0:D4:EA:62","sha256":"29:82:07:6B:9E:B5:27:74:D4:16:06:13:F4:EE:9D:B4:A3:91:28:00:A8:FB:1C:96:1D:DF:46:A8:B1:10:EC:66"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cszb-dy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:08:50 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":23541,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (17445), with no line terminators","md5":"7c80bda722d92c68a85f4b9f64223303","sha1":"d9790a0f81f1031d4d28b1ff1d7287dae24d1ab6","sha256":"fcd1e14d06eb3ee8f6ac3d0f19703cd6ecbb1a8aa50a4eb5ca36a208396e2dcb","sha512":"b5d317b328b58f09f1f56a28c228734b5595251a6831ea1d946a8f5f067c7b30318bc7297e905435ce41073b3f5521188555346c3bba43b242c16a2139b398aa","ssdeep":"384:jD0LzCllvUvbddXBpUWKdsdu0tCra0TfPBRX0pZIISe289RMJy:jD0allsTrBpUWKdsdu+Y7bEpZIIz28z/","tlshash":"91a2d533615164bb028fa6f976a06b4e71f7c62dcd278a86bbf583c807d9ca3815510f","first_seen":"2026-04-14T20:09:19.706586Z","last_seen":"2026-04-14T20:09:19.706586Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1607,"timings":{"blocked":664,"dns":167,"connect":246,"send":0,"wait":279,"receive":0,"ssl":249},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cszb-dy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cszb-dy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}