{"report_id":"cea7ab51-1a0f-4b09-9f6f-3bda5b8e39d1","version":6,"status":"done","tags":[],"date":"2026-01-03T13:39:28Z","url":{"schema":"http","addr":"cnzzla.com/","fqdn":"cnzzla.com","domain":"cnzzla.com","tld":"com"},"ip":{"addr":"154.12.82.182","port":0,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"cnzzla.com/","fqdn":"cnzzla.com","domain":"cnzzla.com","tld":"com"},"title":"cnzzla.com/","dom":{"size":146,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"fca5e02eb3efd30683d457c89216a77d","sha1":"09927a230172c2075ea8f1d6e60c5679c805d519","sha256":"8e991365c641eaf4ecec47788a1867bae54a123608d308d738686a01057aff46","sha512":"f59a975fe2d00805041ea33a66c42a30ff1e41738fd7346dcd30fda6e679ea6e99c4d6e51c21a2a82f81d6766ceb121f3afac00bd6dd586e8cfe1bd4c1abcfe5","ssdeep":"","tlshash":"90c02bfd6740070fbbd23e5f04de04458512438bbb208d4013517439d81874bc4833cb","dom_hash":"domhash2936e59b7b6293abaa74f347727bbfed","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cnzzla.com/","fqdn":"cnzzla.com","domain":"cnzzla.com","tld":"com"},"ip":{"addr":"154.12.82.182","port":0,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T13:39:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"cnzzla.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cnzzla.com","ip":{"addr":"154.12.82.182","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2011-07-28","domain_rank":3820123,"first_seen":"2026-01-03T13:39:28.102329Z","last_seen":"2026-01-03T13:39:28.102329Z","alert_count":2,"request_count":2,"received_data":1009,"sent_data":952,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cnzzla.com/","fqdn":"cnzzla.com","domain":"cnzzla.com","tld":"com"},"ip":{"addr":"154.12.82.182","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T13:39:05.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cnzzla.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Dec 2025 08:50:26 GMT","end":"Thu, 05 Mar 2026 08:50:25 GMT"},"fingerprint":{"sha1":"45:25:89:17:96:36:C7:C0:CA:05:22:C0:FE:8B:A0:40:62:6F:F0:5D","sha256":"A7:A4:4F:46:D2:F2:3B:CE:6E:97:20:0A:79:DE:8F:FA:59:4A:04:14:B9:A4:3B:DA:03:2D:A7:16:61:A2:DE:EF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cnzzla.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 13:39:06 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: PHPSESSID=5rim7l7f2klpu5ds587gu1ddv6; path=/\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":116,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"439937b1ab65b308085b4fd9fa5a1148","sha1":"9cb062dc1ad9359b9ea6e97ddeb0d0f9ed0530bf","sha256":"470ea98ae7b7cb37ece25d616356d830aca8dfb6e9b6c628b29c8c625fc7de85","sha512":"6577a02007769f95842f628c227cd995e345dc0e2457e28e30c426fff6929f49a49afa07327193086ddbc1de655f14ccc5f856e8a1cf3d764a448d03dbcec3d9","ssdeep":"","tlshash":"15b0141d17400f0fd3d10d3703dd4457d1315147dd14054113117575d454747d0537d7","first_seen":"2026-01-03T13:39:30.388356Z","last_seen":"2026-04-04T15:38:31.525234Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1759,"timings":{"blocked":757,"dns":286,"connect":230,"send":0,"wait":246,"receive":0,"ssl":235},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"cnzzla.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cnzzla.com/favicon.ico","fqdn":"cnzzla.com","domain":"cnzzla.com","tld":"com"},"ip":{"addr":"154.12.82.182","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cnzzla.com/","date":"2026-01-03T13:39:06.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cnzzla.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 05 Dec 2025 08:50:26 GMT","end":"Thu, 05 Mar 2026 08:50:25 GMT"},"fingerprint":{"sha1":"45:25:89:17:96:36:C7:C0:CA:05:22:C0:FE:8B:A0:40:62:6F:F0:5D","sha256":"A7:A4:4F:46:D2:F2:3B:CE:6E:97:20:0A:79:DE:8F:FA:59:4A:04:14:B9:A4:3B:DA:03:2D:A7:16:61:A2:DE:EF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cnzzla.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cnzzla.com/\r\nCookie: PHPSESSID=5rim7l7f2klpu5ds587gu1ddv6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 13:39:06 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":446,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (333), with CRLF, LF line terminators","md5":"e0463e9c853331a1b53c899b8447ebbf","sha1":"84564de7fa15bc8cde6020f3d24cea08368295aa","sha256":"62cd6641a64be85a82f52792110aa4457078452293e62406887f6cbebbd2b9d2","sha512":"1af2d558884c85ba7925bad67d9c78d41b9696dca20d9c908588e7d9cdf3db5ad8fb5d6d32fc819358e41399dc7d7aa61636496ee2070d30426eb740fefe2a4c","ssdeep":"","tlshash":"01f05c6d3d51ac1853a31c7d92fbe688e57be12d697d94114084c843a189bd94c82b16","first_seen":"2025-08-17T08:06:30.988866Z","last_seen":"2026-01-09T06:41:03.706044Z","times_seen":86,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"cnzzla.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}