{"report_id":"dbef2d49-32c6-4789-9f49-ed5e26230db8","version":6,"status":"done","tags":[],"date":"2026-04-05T00:10:04Z","url":{"schema":"http","addr":"laobanzaixian.com/","fqdn":"laobanzaixian.com","domain":"laobanzaixian.com","tld":"com"},"ip":{"addr":"43.165.175.73","port":0,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"http","addr":"laobanzaixian.com/","fqdn":"laobanzaixian.com","domain":"laobanzaixian.com","tld":"com"},"title":"403 Forbidden","dom":{"size":145,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"17416141d6408142368cddd4a6137b8d","sha1":"8fa91acaccdfcc20a6f9e597a4c12a39bd9ca522","sha256":"0c778acd4ccbc519fbc504ba4229727c63f7e86190c4dde3094579c42c6069be","sha512":"6348773e3aa3dcaa686de289a124f69f36a97e9e9ceda52dffea5fca4310fca3c603514687115a204cad1face5133ebd749214bf3dd2cf99ed4ee6527ccd7d22","ssdeep":"","tlshash":"52c04c56796f680caa5356c106c73e80d989c2764c8a4950db42069770c6567c4c7364","dom_hash":"domhash18da208b3b39949e9ba09528a720f5c0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"laobanzaixian.com/","fqdn":"laobanzaixian.com","domain":"laobanzaixian.com","tld":"com"},"ip":{"addr":"43.165.175.73","port":0,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-10T00:10:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"laobanzaixian.com","ip":{"addr":"43.165.175.73","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2024-04-17","domain_rank":0,"first_seen":"2026-04-05T00:10:04.448883Z","last_seen":"2026-04-05T00:10:04.448883Z","alert_count":9,"request_count":3,"received_data":1086,"sent_data":1247,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"laobanzaixian.com/","fqdn":"laobanzaixian.com","domain":"laobanzaixian.com","tld":"com"},"ip":{"addr":"43.165.175.73","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-05T00:09:42.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"laobanzaixian.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 17:54:15 GMT","end":"Wed, 01 Jul 2026 17:54:14 GMT"},"fingerprint":{"sha1":"61:65:03:EB:31:85:71:D5:C6:8E:1E:3B:4F:60:0F:25:99:8C:5B:60","sha256":"D0:C4:61:A8:40:60:F2:7E:2C:F6:9E:E6:F9:EB:86:4F:AA:F1:A6:80:EA:A2:19:A3:3C:94:9A:43:BF:5C:38:7F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: laobanzaixian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.2\r\nDate: Sun, 05 Apr 2026 00:09:42 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"77f5fb9f0a9d0ab37139e2e70cecc9d3","sha1":"9db4d7929459465f4b986a98bc55cff755d8dcb2","sha256":"34136895f64e50a2c33d64a46d6631bbac8b75fae2eb55ce847a9febee0347da","sha512":"60c62f0a0dd531821ba54582ec18845c5882eb5efce66ff5d464892f11eb0f8837c1635bfda15f7e3017c7fc8e4099af7ac92dacaffcd8f7484f40b5e54c7f02","ssdeep":"","tlshash":"eec08c26391e3c0c96e322b402c36e90d086c3314c9a1900c600020331c31168ac3315","first_seen":"2026-02-22T13:25:44.963435Z","last_seen":"2026-04-05T08:29:16.695962Z","times_seen":52,"resource_available":true,"data":null}},"time_used":1561,"timings":{"blocked":641,"dns":69,"connect":280,"send":0,"wait":279,"receive":0,"ssl":290},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"laobanzaixian.com/","fqdn":"laobanzaixian.com","domain":"laobanzaixian.com","tld":"com"},"ip":{"addr":"43.165.175.73","port":80,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-05T00:09:43.157Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: laobanzaixian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: nginx/1.28.2\r\nDate: Sun, 05 Apr 2026 00:09:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"77f5fb9f0a9d0ab37139e2e70cecc9d3","sha1":"9db4d7929459465f4b986a98bc55cff755d8dcb2","sha256":"34136895f64e50a2c33d64a46d6631bbac8b75fae2eb55ce847a9febee0347da","sha512":"60c62f0a0dd531821ba54582ec18845c5882eb5efce66ff5d464892f11eb0f8837c1635bfda15f7e3017c7fc8e4099af7ac92dacaffcd8f7484f40b5e54c7f02","ssdeep":"","tlshash":"eec08c26391e3c0c96e322b402c36e90d086c3314c9a1900c600020331c31168ac3315","first_seen":"2026-02-22T13:25:44.963435Z","last_seen":"2026-04-05T08:29:16.695962Z","times_seen":52,"resource_available":true,"data":null}},"time_used":830,"timings":{"blocked":275,"dns":1,"connect":277,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"laobanzaixian.com/favicon.ico","fqdn":"laobanzaixian.com","domain":"laobanzaixian.com","tld":"com"},"ip":{"addr":"43.165.175.73","port":80,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://laobanzaixian.com/","date":"2026-04-05T00:09:43.799Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: laobanzaixian.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://laobanzaixian.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.2\r\nDate: Sun, 05 Apr 2026 00:09:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"aad3bd278f678e0130de8270d76d8685","sha1":"3df1e1de8d09f143b3a86820cccba2ede497ed87","sha256":"1b99284bfc6859dc384b7c81a29eda1eb815005952a1a78f6d7b21ab30726286","sha512":"48f2c31f2e20812e8f9e9e516851bf6fc478bff4dcd0fef5f03a1a4ec4178fe4c2aefdf860da23ae064775a4dcb409bb0aad822bbf42835b7f94761a8085a740","ssdeep":"","tlshash":"6ec02b2d39137c4cc5a3317422c37880c0ca83376cba41128400800331cf2998ac3397","first_seen":"2026-02-09T01:33:08.879169Z","last_seen":"2026-04-05T12:13:41.720349Z","times_seen":2159,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"laobanzaixian.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}