{"report_id":"ddb4aef1-1975-4ae5-a0bb-d05d97f50e57","version":6,"status":"done","tags":[],"date":"2026-01-05T13:16:46Z","url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":0,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"title":"yaksprout4的个人资料 - 萬兆集團有限公司","dom":{"size":20178,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2443)","md5":"ffa3309dc6cd1ea2fda5d3bcd28ae4e9","sha1":"afb8c38ce757b796b7aaeb7308b2a0d3687c986a","sha256":"d6f1133f6cb2a8a8bd10f6db457b145ce86ad2f9ae0c01ddb82fe99555c7f303","sha512":"b084ddd9fee06b6f437fe006a013ac1c166f0fb9082ac5b50c874b2d7e965802c1b6c0b3e749b70793b06768d45d1ece1e84d1f498010f4758396ffec992d7b6","ssdeep":"384:MTwRwqmrLzKLUt1dzQe5PHulCwQR+EXhR7F:MTz3DzQe5PHRwQRx7F","tlshash":"bd92840a94a9d43b03e1c6d9b9b0671e30d241abd7560e41b6fd4fa52fc9ecb6c0215f","dom_hash":"domhash38c56c39b5ac39bf3c1dbdd1430b07f0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":0,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T13:16:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.mainsino.com.hk","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2015-01-09T01:15:08Z","last_seen":"2025-05-26T10:38:40.98875Z","alert_count":0,"request_count":2,"received_data":0,"sent_data":806,"comment":"","tags":null,"fingerprints":null},{"fqdn":"wzgroupup.hkhz76.badudns.cc","ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2010-04-23","domain_rank":0,"first_seen":"2018-06-07T06:14:27Z","last_seen":"2026-01-01T23:20:47.945752Z","alert_count":29,"request_count":29,"received_data":314447,"sent_data":17273,"comment":"","tags":null,"fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Discuz! X:3.2","description":"Discuz! X is an internet forum software written in PHP and supports MySQL and PostgreSQL databases.","website":"https://www.discuz.net","common_platform_enumeration":"","icon":"Discuz X.png","categories":["Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"discuz.gtimg.cn","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2008-10-09","domain_rank":4705920,"first_seen":"2012-06-29T07:23:10Z","last_seen":"2025-12-28T20:33:05.791164Z","alert_count":0,"request_count":2,"received_data":0,"sent_data":732,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/static/js/common.js?PUW","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec73c26f3b4b3e606c9acf9904af6626","sha1":"cb4cb44a49df5a8c2d5637ba38572e798a666c21","sha256":"cdeeb619f719c870a50dbd5e225d7496b7e0d9a5c02ee464ac4d32977795dbb8","sha512":"4d960f669157e188759103dd153b73b34a9155f0ce9a9426c4483164663198edb5c9815e086bc79082cd0fc7d5ac54fe3b8cfc69cdc66281c41c600491f9d97f","ssdeep":"1536:swF+GXVKKWy0HwP4Q4YW2rpWqPGyc4Riz1uAI/0HS/031/is7TEPc5t:6GJ1lrpWqPdcei1PIHzPUt","tlshash":"9553d9a8320d613e82d63326863e9544ec7cd8365347d4bcf85c88d864b0e7a97a6dfd","size":63412,"data":"","first_seen":"2023-03-07T13:14:49Z","last_seen":"2026-05-03T04:10:21.987251Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"4b704049bb449560a7e16155b3d01d53","sha1":"c63ce43685021734249cbe2c8ed829fb3c521f10","sha256":"e225f77ed9a896d53048ea75bfeab57f08c128e083e1f849763de437d18e04bd","sha512":"453317e909047a6f89e1cbc056a7d7222390ae0069637d18e7295a46d25306aea033f16934dd975b94eb8a1fd91ca1f00d14769f7407d9cde6c3274b3d79ffbc","ssdeep":"","tlshash":"e970000002802000b8200088b008002832aa02030a88802080a0030000083803ac8200","size":20,"data":"","first_seen":"2023-03-07T01:16:54Z","last_seen":"2026-05-09T11:09:34.568014Z","times_seen":1646,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"8c1994b5f132a6d00db7043ca0fb5d34","sha1":"08ee2e698c7187ef69e45861abaa2e986a0e2656","sha256":"6baecf50ed14279e5b1e6f3e8472f26fb323e339b3f5e29349ccbf33a1b77c5b","sha512":"913ca4e12a3adf418096a5be985499ac7aabbbe4a69e1292bfa97d88b445c37611bf321657435357b56dc186b57797e168b0590a57b80ed0e4f41014ec4091f5","ssdeep":"","tlshash":"0970000002000008b0000880a8080008aa3020030ac000822020220080e00202a08220","size":19,"data":"","first_seen":"2023-03-07T01:16:54Z","last_seen":"2026-05-09T11:09:34.577827Z","times_seen":1645,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"d8b2bccdd8396b9f97e22f2e3fc13a49","sha1":"dcf73be0165354ac59dbfd5c7c3f9739fed624d4","sha256":"c3d8dd48ba3c697b4480c600905bd008a73d756f4ca7f32165ee1ef674ef7b80","sha512":"a18222e090d652aeaae2ac96c001a3b8744086cf720121996f0e527c772cb5047dc75800c0bb0b00b2119bfe2714e04b8d8ed2790bbacc4fead0b29d8091a06f","ssdeep":"","tlshash":"9670002083200000e000228080280088a22000230800a82032008a00c0000a82a28000","size":18,"data":"","first_seen":"2023-03-07T01:16:54Z","last_seen":"2026-05-09T11:09:34.563557Z","times_seen":1643,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/template/week_finance/images/js/week_nav.js","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"df282257c3d6a5cf8abc5641aaffd082","sha1":"4c9378f3128296110821db89b5f75e0bcfc57fd2","sha256":"2c965dbea91e7baa587ed1accc5dff79bc4e38fac041f33f004cc9bf62f07240","sha512":"b09a5d74f8c5b06e8a92d7dd3d8504e5c8fcaab59892cc3b7088c3890e1dbf156ee27bea1694594382f756c057d9c302eae64ca14cc20958a164986b763f7993","ssdeep":"","tlshash":"2a31beb83549b57081b7b36a733e96d8fd758127210260dabc4c94e89f30e2b5202fd9","size":1620,"data":"","first_seen":"2025-02-09T02:55:54.162342Z","last_seen":"2026-03-23T23:45:38.265772Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"43b2514fc22b50c3b727c20096f42335","sha1":"25d503117eaab0d4cbe7e418d2ebbbdb54d30338","sha256":"76621b6e90cc606cfefb42b8cb3116f3618d33bef789c5e786edf95e237971e3","sha512":"c6a23af13e0520ca35499d96843a104991a63d8cfe4dab21090db0e4e0d2d3b6e7786c56398b3e010bdd58d430c16f9b5e4e69ab25105b4345a2a99c4f9b3bf2","ssdeep":"","tlshash":"8df0541d7fb753000903f6207ba5112b9124b9ff5bce0470d59c346c00c1700f918b07","size":489,"data":"","first_seen":"2026-01-05T13:16:56.458107Z","last_seen":"2026-01-05T13:16:56.458107Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"0bbea63f8e43936a2da15fb0e24b24ac","sha1":"d711331a8c8b74a037e8758baf88df16baa69236","sha256":"2f41ab97ac43c4382461cc607ed39f109747088e7d47ffccc873372581545076","sha512":"7e397d4614391095fa43b1481b00f9d4169b5336ae4f592913a51145a0a84c7a5b6a37fc9b68b5ae49d80e55ed3e88921922357a64a3dd1a19bb0d2d284fb40a","ssdeep":"","tlshash":"af70000002808020a0800080c008000a2222000308000823b0228b0800220aa2a20000","size":19,"data":"","first_seen":"2023-03-07T01:16:54Z","last_seen":"2026-05-09T11:09:34.568647Z","times_seen":1642,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"7819c0d19b10856f8e2a55bb92f684a9","sha1":"7bea260aaa363acbed63896b5f1c10ccdaea6c08","sha256":"7492accd96d886675fb5f161543965a8cd07f1539e0960b7d603e72cefc8ce37","sha512":"0cc08a4a3e5e2e2c1cc5d6c9012dfcc145b36799c501ece9dba54c776c882b9346da34a6db29ffafa18a63be2e3b04573ba1287e9f345dda3cc83ecf7758b5de","ssdeep":"","tlshash":"7970000c0a208020a000208e8028000aea2020832a0000800002820000800002e20200","size":20,"data":"","first_seen":"2023-03-07T01:16:54Z","last_seen":"2026-05-09T11:09:34.569275Z","times_seen":1644,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"5f4ea336ed2a6f72617654d5e6986508","sha1":"7bee1abbf241c69851b3db9d55cdf61a5340118c","sha256":"130ddd31e00b4c5d4cc86c978a97535571fa74c22067a836e993f480b76d8c33","sha512":"dee14c99aacbd372c3a84b1068602331bb6616d78d495bc9f94047dba34fc6f57c9b51b2bfccdb76adbce8bffc46787cabc597eafb54d988f45f00d7c3bc69e7","ssdeep":"","tlshash":"c160000003000030f0000cccc00c000c33300c030c0000c030000333c0000c03f00303","size":15,"data":"","first_seen":"2023-03-07T01:16:54Z","last_seen":"2026-05-09T11:09:34.578463Z","times_seen":1637,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/static/js/home.js?PUW","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a5512f6a3c0d2e39e8d57173b2806c4f","sha1":"95e9debb52d4836d35d4f4e3fb0a07cca5f6b0f4","sha256":"fd1c7351d97a20ce40011302e4c196c8f211d8a4859fe22851719ab7f001672e","sha512":"0d0ebdbb5789e5e76ca9c4bbbe375f088b624a64c02a4ca2bda8c6e455038e06e7da6bfa96b94b4ddb59e755aaa69851795dc657278fd317159b82288a02e31d","ssdeep":"768:SFLG0Fnm14DGlLFrC4RQpl4UIaslWHKD4Ok8Sa53FmjO3lTotP1yMaFOlEsHmMmK:SG0pm14DGlLFXRQpl4UIasl+KD4OkFy4","tlshash":"fbe2a49a332e164dc3d77765a47f0909ad38d2355646d6bcec68d8e460f0e28b3239bc","size":33915,"data":"","first_seen":"2023-03-10T22:07:17Z","last_seen":"2026-05-08T23:18:45.269376Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"62d713867ed732fb17698098c55599e2","sha1":"5aeb8b96e316ce665747ba40a94fc0e9ed62c46c","sha256":"d2d6ccc27a39c8802af9557fb2ced0d6390811b98622abf7d0f652adf9288b07","sha512":"76a016450aac940f3985d8a0392646f5eb6b1af801e2ab426002b986a672c6d2aa7ab13b61c9d4624f177c42ac64199423dda83ef5d0bc6caabbb61c3f86f7bf","ssdeep":"","tlshash":"428000a0b000c02ca00b0282008c0aacb8ca00b0cb0a08808eb02282a88222308e23ea","size":34,"data":"","first_seen":"2023-03-07T13:14:49Z","last_seen":"2026-05-09T08:43:38.189562Z","times_seen":402,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"175fc6d1243653309b8957927a2e37a7","sha1":"8b51b4200048cf402a2181010bb08e31952d1a2a","sha256":"5c19b3d1c997e69b9a78c434e733f38e6a5d86a5862833015c022ca8eff8d9cb","sha512":"f9ac317e6687c024633c64ca9320348e1de48d0d1924d1fc876333c792aa7ac9e138bf081e97be25eae29d698a1773490376e1f5e4e5213770936d69fba34475","ssdeep":"","tlshash":"4580040500344573430cd545c141c40c4345154d4c105547c3540407050031110c750d","size":35,"data":"","first_seen":"2023-03-07T13:20:42Z","last_seen":"2026-05-09T11:09:34.56489Z","times_seen":578,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"901bf525bbedb8df1fada3e35e14b0bd","sha1":"7fa6b05c770a1d1ab71b42c0b0ccb273234896b3","sha256":"81590784ac8c4d2d56e3bd06e668ad49a0f1b783c57a47a799bb30efb6f8855c","sha512":"18fe0fd499d7db524186164c768cf07f558f8793aeae7f022631e684285a1b158fe46485624175eddd686ec42ba01f6c7301994b8c0b365aea9772244d71894e","ssdeep":"","tlshash":"2e70002b82002200b0022880e20c082822a088230800000000200a000200a002a80080","size":19,"data":"","first_seen":"2023-03-07T01:16:54Z","last_seen":"2026-05-09T11:09:34.573601Z","times_seen":1646,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/static/js/logging.js?PUW","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"92ddc79dff91e0a9be13c94f3122aae9","sha1":"6f39ccdef7985993ff146788a514acd383f0f037","sha256":"88d5cf56033b00c9fb060189cb763a8a0566c888ed2bc57d6f78cd655e47f8fa","sha512":"c8d4ce9c22f890d5a7cfe2c860172d04a2fbd59c01137308d8f53f4556b8b40df3616031761899f9c9ee0a066a371ad9932d5c2d3699bb89887e1f43f30e1e13","ssdeep":"","tlshash":"4ef00244376b161e4b8033e0007b8e45ff787630d015a46ce4103ac13e39916d463631","size":603,"data":"","first_seen":"2023-03-07T13:14:49Z","last_seen":"2026-05-09T08:43:38.057387Z","times_seen":374,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"2871c7c5088039983e5b6dfad6f613ae","sha1":"f6c25ac11b1aaad7838c60f5c456e7c2ebd56e1a","sha256":"e60c7913e2bba4ed614ff80191dd3e384d4897ac0fc83faecf3776abf84adcb1","sha512":"bf1a439ecefad80dbeca89b922aafbccb88315e2da0a4b56117e78328cc1655724abebb259c5f1f2faf7b42b5f0495ec1c39a214f6403677138c65fb0e819182","ssdeep":"","tlshash":"06a01122300020a08238a0f88a0a8b2e8000a80200a02a00880f88e22ea80ba2b0e808","size":76,"data":"","first_seen":"2023-03-07T12:08:39Z","last_seen":"2026-05-09T11:09:34.579116Z","times_seen":903,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"0dc82a782f79e3f6982657bb08dadfd6","sha1":"fa0bfb80f0415ad359f929d30bab9bee7c5c877f","sha256":"15a91bf5b3d68be5326f1c03fd1766761d80e542db10680ed2b8fdc6f2c0b25c","sha512":"00da18a34ed9a9c51468080829512d656ab51357ea2cc936d8355479684ffca7ffea7abb50b635f326aca769a9c4492ffaa38e803005dbe2076306c179c6ad89","ssdeep":"","tlshash":"1ea00295cf590137c16530d9242f425d549c0873ea0dcc254c61a51260c0043c112303","size":58,"data":"","first_seen":"2026-01-05T13:16:56.466466Z","last_seen":"2026-01-05T13:16:56.466466Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"27d58fc853760c4c5959ea4c18102e05","sha1":"a0b1e5bac4f9ffab125e2a72ec32515ecfe980a7","sha256":"2689585176589381b3c09d32ba2ae5ac4e9420773ef1de98ba8606d037aface4","sha512":"56ce2e09b837040f5c37c8c6470990a0e93f7372611a397000e3ee7449c73d30485f3ec41bcdac1a175ac027d3f7ac47452f3cacd5fd6f7d32088a015010f2c7","ssdeep":"","tlshash":"fc600000c3300000f00300ccc00cc03c33300c030c000cc00000030000c003c3f300c0","size":15,"data":"","first_seen":"2023-03-07T01:16:54Z","last_seen":"2026-05-09T11:09:34.576398Z","times_seen":1645,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"9b8e84ec31eced42c47a27947dfbabc8","sha1":"0589ff5bc7fc05b709c6d8a122990199ae38c8a3","sha256":"be18c62887de403f8303d82a815b8696b0acfb3cdc579e0714325cb03ba82f4d","sha512":"ff34b5f18234119afb382f2180bfedd35ca76fb32e5346d873e0d8394fde8d874269ecc9302149400a21a6fc8aaf750c97974c2dde1e3026a8a3f283d0376324","ssdeep":"","tlshash":"b370000283008000a000a888e0ac0008aa2202030a00002000000a0000008002aa8080","size":20,"data":"","first_seen":"2023-03-07T01:16:54Z","last_seen":"2026-05-09T11:09:34.577148Z","times_seen":1643,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"d23e36e1d5e020c7c17c6fb59cfb24b0","sha1":"49032b9bc25166cdaec5fdf13d0400cdce27ea93","sha256":"0b4008fb3d12c5cbf5985b3aa73bb2a6c5bc608febebafac52cdc5998a648e6c","sha512":"4285d743ffe803454202916de8bee14caae82a1815a4af1aab80971bb05f9559856d5147cc01edbb27ddf4cba7549b72a966e40c5a09d649fbc15047ebc94450","ssdeep":"","tlshash":"8a60000c03003c00f000ccccc00c000c333000330c00003000000f00f30030c3f00000","size":15,"data":"","first_seen":"2023-03-07T01:16:54Z","last_seen":"2026-05-09T11:09:34.570058Z","times_seen":1488,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"www.mainsino.com.hk/uc_server/avatar.php?uid=4114762\u0026size=small","fqdn":"www.mainsino.com.hk","domain":"mainsino.com.hk","tld":"com.hk"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:23.895Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /uc_server/avatar.php?uid=4114762\u0026size=small HTTP/1.1\r\nHost: www.mainsino.com.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/background.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.123Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/background.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:58 GMT\r\nContent-Length: 5186\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":5186,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"3b92d7ed69513d6cd41c70fa597d5deb","sha1":"a1fa3a068cf37589d66d521a9d045b33670a520e","sha256":"a1a0ffd30d53f23cc3afd2e08d17f8f883f205d480c0702c88f785c55f7aa5e7","sha512":"52a2900cd1d9c85f4d7f611c80dc5ebc1cf0d70031e87ff856075632a87fbc64f90f54c87aaf5146f5c21353112fb3e6497097d0d6cd181acb6eb7ff795453a4","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvgeigt9AG8TYcDms:Fz9XzHjKyDdUdscUZpr8b4Kmyl8p3TQq","tlshash":"04b1833182d03039e9a644bef473ba8ef744d513e5bb9a35f5969612cbc2d3b5113348","first_seen":"2025-02-20T05:04:39.131977Z","last_seen":"2026-01-05T13:16:56.434133Z","times_seen":4,"resource_available":false,"data":null}},"time_used":784,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":783,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/favicon.ico","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:31.797Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/x-icon\r\nLast-Modified: Tue, 08 Dec 2015 02:39:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"02268a16131d11:0\"\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:10:01 GMT\r\nContent-Length: 5558\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":5558,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel","md5":"c028c4822428e83a358c60a93ef65381","sha1":"5bf4e81d7bd3cdec66d9fb5962d83446bd428102","sha256":"7abda15c7f2a33108e2cf8941b785f5583d2f1be8640649e87358b22b2cc3fb0","sha512":"58270113a8485a98b765737c81039d7a140a4ad949944dbc9fb7da6604f0275cb017055b5274ca30ee5b02b7ac77a7918e47416962be555222c1715ab43c9cda","ssdeep":"96:PTUAwp1DoXoVbU8LKV32+fS3K1mmrv0njPqZoUn0TfUnSUnLUn4iLsBzmnA:Q4lNvELLtUsfUSULU4iLaKn","tlshash":"beb1dcc185e927b6ca348176d44294b2043bfe6d4566a352c8393bad20f2163f3af377","first_seen":"2023-05-05T20:14:48Z","last_seen":"2026-05-09T11:09:34.524363Z","times_seen":446,"resource_available":false,"data":null}},"time_used":1165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1164,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T13:16:21.892Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /home.php?mod=space\u0026uid=4114762 HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=utf-8\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/7.5\r\nSet-Cookie: fxVo_2132_saltkey=YHT5t838; expires=Wed, 04-Feb-2026 13:09:52 GMT; path=/; httponly\nfxVo_2132_lastvisit=1767614992; expires=Wed, 04-Feb-2026 13:09:52 GMT; path=/\nfxVo_2132_sid=p77P7F; expires=Tue, 06-Jan-2026 13:09:52 GMT; path=/\nfxVo_2132_lastact=1767618592%09home.php%09space; expires=Tue, 06-Jan-2026 13:09:52 GMT; path=/\nfxVo_2132_home_diymode=1; path=/\nfxVo_2132_sid=p77P7F; expires=Tue, 06-Jan-2026 13:09:52 GMT; path=/\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:53 GMT\r\nContent-Length: 7085\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Discuz! X:3.2","description":"Discuz! X is an internet forum software written in PHP and supports MySQL and PostgreSQL databases.","website":"https://www.discuz.net","common_platform_enumeration":"","icon":"Discuz X.png","categories":["Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":20312,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2386), with CRLF, NEL line terminators","md5":"5b1335980ab43b7d8a1e5a9102e093ec","sha1":"1499b594e20672a850b573aecc6b7f923fd30487","sha256":"e4556310e2fe171bd427c0f6b5dbedb87c86b7a1e700865c1bdc51b741664fb8","sha512":"2fb47a731a5134fe9449e3d2ee60ede05d66323f8193232d0c27e016337c3347940c458cb11f6d014a8fbedff427afdd3228880fe43a2b62ba3eb70fbdbd08e4","ssdeep":"384:SIxhIUmjrPswfefXw7aDpOvS+ztwkhJ/Q1BlR+4MEf/:Sh1befXw7akbw0Q1jRh/","tlshash":"ee92834696a5cb3703f2c5b8b8706359b0e141dad7471a01b7fe0ee32f85e8a6c4314e","first_seen":"2026-01-05T13:16:56.435591Z","last_seen":"2026-01-05T13:16:56.435591Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2368,"timings":{"blocked":206,"dns":1,"connect":212,"send":0,"wait":1244,"receive":705,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/data/cache/style_2_widthauto.css?PUW","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:23.644Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /data/cache/style_2_widthauto.css?PUW HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618592%09home.php%09space; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nContent-Encoding: gzip\r\nLast-Modified: Wed, 06 Apr 2022 14:39:31 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3c243820c449d81:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:53 GMT\r\nContent-Length: 764\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1515,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1515), with no line terminators","md5":"4e391622284ee0c6f5fa0ec203901c12","sha1":"bda8d0927f6dc322ba864bc4340d27d597b6e6d3","sha256":"0d308eb52360e5d4d31ef23e66e9bd1234551dbd24ab9effca8408b6e6022703","sha512":"1690156ba3efe28427b3fc46a4a1c40724a186a5439994d019b637e94614cb648ed77688d3b0a892d6a910f6631d12b4b59c995cd208416bb68819d3bf5d14dc","ssdeep":"","tlshash":"e23167a01bf2a10ea807c72bf4bd52ac2210606af3971696793665b4df0fb5f0d335e1","first_seen":"2025-02-09T02:55:54.146874Z","last_seen":"2026-02-25T11:39:54.137843Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1443,"timings":{"blocked":204,"dns":1,"connect":210,"send":0,"wait":371,"receive":656,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=misc\u0026ac=sendmail\u0026rand=1767618592","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:24.054Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /home.php?mod=misc\u0026ac=sendmail\u0026rand=1767618592 HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618592%09home.php%09space; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/javascript\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/7.5\r\nSet-Cookie: fxVo_2132_lastact=1767618595%09home.php%09misc; expires=Tue, 06-Jan-2026 13:09:55 GMT; path=/\nfxVo_2132_sendmail=1; expires=Mon, 05-Jan-2026 13:14:55 GMT; path=/\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:55 GMT\r\nContent-Length: 119\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":3197,"timings":{"blocked":822,"dns":0,"connect":0,"send":0,"wait":2375,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/w_icon.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.145Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/w_icon.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:58 GMT\r\nContent-Length: 5178\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":5178,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"82f37f54ebfa9565e1c9e2d5a485496b","sha1":"bbb6c25d8c76fca9f1b0ffb79bc22e0f87f58d12","sha256":"6485b23c4d7419001a16cae1f30cf8e9576e827d59b0d8a309e6508854184249","sha512":"40ec91f6751c12231bfb26e2c9002e4c6a8c27656048ab7d6b8d322ca22d99504c261a8c0e86407acc60327448b9481fb1e72cb5c393582b23ba90e348d1e3f1","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvgpiht9AG8TYcDms:Fz9XzHjKyDdUdscUZpr8b4Kmyl8p3czq","tlshash":"f8b1a53182d03039e9a640bef563ba8ef744d513e5bb9a35f5969a12cbc2d3b5113348","first_seen":"2025-02-20T05:04:39.133966Z","last_seen":"2026-01-05T13:16:56.437755Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/probg.gif","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.150Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/probg.gif HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:58 GMT\r\nContent-Length: 5176\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":317,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"2858339e0c5572a9e86c1055ef1d06e6","sha1":"10366eb8ba6de385f4e03426cd31b9257c7e82c5","sha256":"165dff62aecf5eb6dbb25107c638264ef4b3590a1b37bc9008f431c3155e8b3b","sha512":"b3730b17be654b4babb860bd3b2cfcab660970f211401c75847e74ae3d2038f401092bcb3ed28416ea3e895d57b5699dc69487c2cfe012114537c5d88f9a5d8f","ssdeep":"","tlshash":"cbe0264ca5a49b80c0caeaaa70f237d2a4818ba7a084076ca4c0e113c59a37e919438a","first_seen":"2026-01-05T13:16:56.438352Z","last_seen":"2026-02-16T14:43:26.293129Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1286,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/logo.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.152Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/logo.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:58 GMT\r\nContent-Length: 5174\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1365,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"7d4cb4b4064b09f6c12e91a92cfb76b8","sha1":"bf0ff97cdbb2e9306ef91f38468eba67f1074570","sha256":"bd0c98ec293199b6399f92d7991bf8116b4a973eb4df2efaf26c9e7cc04ba600","sha512":"71bcf02c71882cac61aab6e6c442d1d631cdb0c5f030d1e3b7d501a69581fe06c1c02076851db841abb16bb00ae53305f3cd86cd23e942882f5ba8e866cafb79","ssdeep":"","tlshash":"d52124369340b036fd6a48dff4a2b7d636050c63e0ac9b73dc56e212c4ca1375255309","first_seen":"2026-01-05T13:16:56.43919Z","last_seen":"2026-02-25T11:39:54.132662Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1319,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/static/image/common/scrolltop.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.227Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/static/image/common/scrolltop.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:10:00 GMT\r\nContent-Length: 5166\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":841,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"097d1fff79b6e6b33aa73bd049974029","sha1":"a6dabfdde7346249e30372f93731222d67d56b52","sha256":"5f208b06f280e6a6b460c5a44f955261b5f7209ea4d757705b25ff2b80d490ba","sha512":"63d136694c8017e95af1b95019df2bc74564a82bcdceb9143bf53c840468c5039fae7e31bc2c9530fffd4aea2e85c7d7c7408337f3d08a5f53523049e8bbbffa","ssdeep":"","tlshash":"7601cc29d280a176fcda58e6f8f237d77a064823e0988bbb9495f323c1d617ba115349","first_seen":"2025-08-13T09:52:56.731865Z","last_seen":"2026-02-25T11:39:54.133982Z","times_seen":5,"resource_available":false,"data":null}},"time_used":4118,"timings":{"blocked":2720,"dns":0,"connect":0,"send":0,"wait":1395,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:23.638Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /data/cache/style_2_common.css?PUW HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618592%09home.php%09space; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nContent-Encoding: gzip\r\nLast-Modified: Wed, 06 Apr 2022 14:39:30 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d49a2e20c449d81:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:53 GMT\r\nContent-Length: 23959\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":84545,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2e98986d3951da70c20799f1980e6262","sha1":"d93742bf2afd8d9f33c97cf2912d998fdcd37a85","sha256":"a961bb3c6fe4849a1769a534f2de503bf24fa5657b6263b83dda3713a692195b","sha512":"16215bfb7ce8eeecb28aa8c50172b4ce2438906a469e32d64a1947b4637c87b9fe740fb5a6164edde574fd42c19a4b523254ef657831d84c30c6eb37725656c9","ssdeep":"1536:k4u4Sls4DXLxkahnyuahVM/UJ8dGdCSVLMD33RkqenzhPD:8JlRtbeuGL","tlshash":"c683b724c6e1205db437c773e4e2a6dcb12ac12bf3530bbae57a3d74d90619528337a6","first_seen":"2025-02-09T02:55:54.153553Z","last_seen":"2026-03-23T23:45:38.258487Z","times_seen":11,"resource_available":false,"data":null}},"time_used":4377,"timings":{"blocked":204,"dns":1,"connect":209,"send":0,"wait":266,"receive":3697,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/static/js/common.js?PUW","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:23.643Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/js/common.js?PUW HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618592%09home.php%09space; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/x-javascript\r\nContent-Encoding: gzip\r\nLast-Modified: Tue, 08 Dec 2015 02:39:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"02268a16131d11:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:53 GMT\r\nContent-Length: 23062\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":63412,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (340), with CRLF line terminators","md5":"ec73c26f3b4b3e606c9acf9904af6626","sha1":"cb4cb44a49df5a8c2d5637ba38572e798a666c21","sha256":"cdeeb619f719c870a50dbd5e225d7496b7e0d9a5c02ee464ac4d32977795dbb8","sha512":"4d960f669157e188759103dd153b73b34a9155f0ce9a9426c4483164663198edb5c9815e086bc79082cd0fc7d5ac54fe3b8cfc69cdc66281c41c600491f9d97f","ssdeep":"1536:swF+GXVKKWy0HwP4Q4YW2rpWqPGyc4Riz1uAI/0HS/031/is7TEPc5t:6GJ1lrpWqPdcei1PIHzPUt","tlshash":"9553d9a8320d613e82d63326863e9544ec7cd8365347d4bcf85c88d864b0e7a97a6dfd","first_seen":"2023-03-07T13:14:49Z","last_seen":"2026-05-03T04:10:21.987251Z","times_seen":58,"resource_available":true,"data":null}},"time_used":4662,"timings":{"blocked":204,"dns":1,"connect":208,"send":0,"wait":286,"receive":3963,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/khd.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.217Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/khd.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:59 GMT\r\nContent-Length: 5172\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":5172,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"3540641ceb5e29e9f8cb71bb4e84dcaf","sha1":"2938ed6ac94f6a50e0b095d86422121f897098a7","sha256":"165213a170102870fcfd54695c191047e91a961bdbc88ade5e709d865554591d","sha512":"c3d3cae94d1af3047a0bf1a8245856120f3025bc1068c13454a94117e6e32f6e7fbb61366f4a9649ea86bdded2b48392d8d75854f25a48928d10e1658897a5c4","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvgTiFt9AG8TYcDms:Fz9XzHjKyDdUdscUZpr8b4Kmyl8p3W/q","tlshash":"c5b1a43182d03039e9a680bef473ba8efb40d513e5bb9a35f5969612cbc2d3b5113348","first_seen":"2025-02-20T05:04:39.138898Z","last_seen":"2026-01-05T13:16:56.442392Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2649,"timings":{"blocked":1532,"dns":0,"connect":0,"send":0,"wait":1117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/weibosohu.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.223Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/weibosohu.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:10:00 GMT\r\nContent-Length: 5184\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":5184,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"fef8b6ffaa6c7315132eaa9e42e25f3c","sha1":"47fb09626766f5a2c48c2ed74608c4a4ae32ead5","sha256":"b509df327553b15092abafaf1804f265fccf0aa76e7f0f37d9959e248bea5d9c","sha512":"bdc16fc57c873992d7921499e5a41e8321c970f5818ec83b3ae87f544d28241afbfbd7e55a601fbf864cdb1a077db844b5e22810616477f0cd991e053899e97b","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvgbilt9AG8TYcDms:Fz9XzHjKyDdUdscUZpr8b4Kmyl8p3Ofq","tlshash":"57b1a43182d03039e9a640bef563bb8efb44d513e5bb9a35f5969612cbc2e3b5113348","first_seen":"2025-02-20T05:04:39.142035Z","last_seen":"2026-02-16T14:43:26.324527Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3372,"timings":{"blocked":2184,"dns":0,"connect":0,"send":0,"wait":1187,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/static/js/home.js?PUW","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:23.646Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/js/home.js?PUW HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618592%09home.php%09space; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/x-javascript\r\nContent-Encoding: gzip\r\nLast-Modified: Tue, 08 Dec 2015 02:39:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"02268a16131d11:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:53 GMT\r\nContent-Length: 11861\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":33915,"size_decoded":0,"mime_type":"application/x-javascript","magic":"Unicode text, UTF-8 text, with very long lines (368), with CRLF line terminators","md5":"273c3f2f36c8e3370f4df6964c2c1344","sha1":"79d07e0973f3d13630798e894479260052f85d15","sha256":"ee22eeccdd7a24a540c18ac8c828f6c76eaafbe5be41f524175315d29d35b93c","sha512":"8a2b0bd07ff5d6746ae47230f77004bc36730da0e3cc892828ba57efff6c75b23477b09b1de50a8dc59f3a7611d0e9e7b7968c7e54288520a8fe060c4f9b8431","ssdeep":"768:SFLG0Fnm14DGlLFrC4mQpl4UIaslWHKD4Ok8Sa53FmjO3lTotP1yMaFOlEsHmMmK:SG0pm14DGlLFXmQpl4UIasl+KD4OkFy4","tlshash":"6be2a39a332e164dc3d77765a47f0909ad38d2355646d6bcec68d8e460f0e28b3239bc","first_seen":"2026-01-05T13:16:56.443453Z","last_seen":"2026-01-05T13:16:56.443453Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3797,"timings":{"blocked":203,"dns":1,"connect":207,"send":0,"wait":331,"receive":3055,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/left__bg.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.201Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/left__bg.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:58 GMT\r\nContent-Length: 5182\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":5182,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"79155d68e43e365aa18e70f91873b1af","sha1":"411f7479d0f23fd7ba50fdadc1b92a9fe6272c6e","sha256":"7c2d6789e2365688a9ee1265195d91bf94d535011e3fcf8d29a21b6402605dd8","sha512":"1b5ad2044963a54ab35dca0812e8c9bd560c637abe583ee964e152e0f88d629da697b7cfd340dc1798c8bde2ddb7cc99fdad741d62344f9a8f8e1862c66f9820","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvgSiMt9AG8TYcDms:Fz9XzHjKyDdUdscUZpr8b4Kmyl8p3PUq","tlshash":"a4b1943182d03039e9a644bef463bb8efb40d513e5bb9a35f5969612cbc2d3b6113348","first_seen":"2025-02-20T05:04:39.135761Z","last_seen":"2026-01-05T13:16:56.444328Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1800,"timings":{"blocked":706,"dns":0,"connect":0,"send":0,"wait":1093,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/static/image/common/pt_item.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.207Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/static/image/common/pt_item.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:59 GMT\r\nContent-Length: 5162\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":5162,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"5727c86b82cb02ff21265e49ea005917","sha1":"99d85e358f19932168d43dd2de5c7e1d1ab5a87f","sha256":"4c9d67c5d1465f8023628b53478c7781f1e96c48c991f9619c2ff6ad877c5fae","sha512":"3bc536df1e90c8813fe3ba1ee66681ce4255a1d180709122ce88eeb7c95e8e4c5925d6a436f63b8b1f34da5a4863cc85756430af3019a60ddb3b02c21e56ec45","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvWhst9AG8TYcDm+3:Fz9XzHjKyDdUdscUZpr8b4Kmyl8pXh0q","tlshash":"20b1a33182d03039a9a640bef463ba8ef740d513e5bb9a35f5569a12cbc2d3b5113388","first_seen":"2025-02-20T05:04:39.137806Z","last_seen":"2026-01-05T13:16:56.445268Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2200,"timings":{"blocked":1075,"dns":0,"connect":0,"send":0,"wait":1124,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/static/image/common/pmto.gif","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.213Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/static/image/common/pmto.gif HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:59 GMT\r\nContent-Length: 5156\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":841,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"097d1fff79b6e6b33aa73bd049974029","sha1":"a6dabfdde7346249e30372f93731222d67d56b52","sha256":"5f208b06f280e6a6b460c5a44f955261b5f7209ea4d757705b25ff2b80d490ba","sha512":"63d136694c8017e95af1b95019df2bc74564a82bcdceb9143bf53c840468c5039fae7e31bc2c9530fffd4aea2e85c7d7c7408337f3d08a5f53523049e8bbbffa","ssdeep":"","tlshash":"7601cc29d280a176fcda58e6f8f237d77a064823e0988bbb9495f323c1d617ba115349","first_seen":"2025-08-13T09:52:56.731865Z","last_seen":"2026-02-25T11:39:54.133982Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2571,"timings":{"blocked":1258,"dns":0,"connect":217,"send":0,"wait":1092,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/weiboqq.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.221Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/weiboqq.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:10:00 GMT\r\nContent-Length: 5180\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":5180,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ef5d827dc0fd7548cb4cae1c475f019d","sha1":"e0a4cbb487897aec3f86871d1060ac96cc6e6489","sha256":"a7dcca957bcb860b2dd093c1537f268086043023f8b9fe97e36be8f1772a8fb9","sha512":"e49437a9e1ad78688616484cc38632b3d55d9c8b5a23e348581123576f55f88251b058059e424adc4a7b850861ff4141c8605d8742a512695a8d026d6e3d352f","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvgciwt9AG8TYcDms:Fz9XzHjKyDdUdscUZpr8b4Kmyl8p3JAq","tlshash":"8bb1943182d03039e9a644bef463ba8efb40d513e5bb9a35f5969a12cbc2d3b5113348","first_seen":"2025-02-20T05:04:39.141Z","last_seen":"2026-02-16T14:43:26.323682Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3124,"timings":{"blocked":1967,"dns":0,"connect":0,"send":0,"wait":1156,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/static/image/common/security.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:23.923Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/image/common/security.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618592%09home.php%09space; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: image/png\r\nLast-Modified: Tue, 08 Dec 2015 02:39:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"02268a16131d11:0\"\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:58 GMT\r\nContent-Length: 2203\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":2203,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"bcc407ab412372a0ebcfd3ae822c5e88","sha1":"f0eb8982ad1dcf4ee28ed573c9df859d563f0d21","sha256":"bf6bbf22773c63888b9f9cbe10cb111bf197ada54cc70449e1254dae7140ecca","sha512":"b126afcb88aece4f3288d2a8930a862b86fd7bef84741e55c29f0a0bba9180ad2b085ae81e7949dec1d7d2ab01afdf1fb41f6ff389b4e82c9a6514495036a331","ssdeep":"","tlshash":"bf410a0f66627c8292fde6c118f8e82fcc0b48a093c6d0e6f5ddc11558715fa951bcda","first_seen":"2023-05-04T01:00:46Z","last_seen":"2026-05-08T09:59:56.931816Z","times_seen":126,"resource_available":false,"data":null}},"time_used":4885,"timings":{"blocked":4172,"dns":0,"connect":0,"send":0,"wait":712,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/static/image/common/switch_width.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.139Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/static/image/common/switch_width.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:58 GMT\r\nContent-Length: 5172\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":5172,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"73e2ccfebd9d6ffa240f5103c260bfd1","sha1":"abfda96f748ca7cd941d854c0f3697d05add1b3e","sha256":"6537aca51317b7c01c0f24e6e8e9e3eb469678e29971c27f279b46e4eca77b74","sha512":"c4a52755697ce8d9eebc1c4613128d2a7efe611471ed87f36d546b6c5d4111ff52a223c2c9f98bb2d640a51c02716c3e50aedf8514b73a32cdad96be8150e437","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvFt9AG8TYcDm+A0:Fz9XzHjKyDdUdscUZpr8b4Kmyl8pK9AR","tlshash":"6cb1b43182d07039e9a640bef473ba8ef740d513e5bb9a35f5969a12cbc2d3b5113348","first_seen":"2025-02-20T05:04:39.133073Z","last_seen":"2026-01-05T13:16:56.448333Z","times_seen":3,"resource_available":false,"data":null}},"time_used":957,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":957,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.mainsino.com.hk/uc_server/avatar.php?uid=4114762\u0026size=small","fqdn":"www.mainsino.com.hk","domain":"mainsino.com.hk","tld":"com.hk"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.175Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /uc_server/avatar.php?uid=4114762\u0026size=small HTTP/1.1\r\nHost: www.mainsino.com.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/template/week_finance/images/js/week_nav.js","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:23.840Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /template/week_finance/images/js/week_nav.js HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618592%09home.php%09space; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/x-javascript\r\nContent-Encoding: gzip\r\nLast-Modified: Mon, 28 Nov 2016 08:40:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"aacf97f5349d21:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:54 GMT\r\nContent-Length: 960\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1623,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"df282257c3d6a5cf8abc5641aaffd082","sha1":"4c9378f3128296110821db89b5f75e0bcfc57fd2","sha256":"2c965dbea91e7baa587ed1accc5dff79bc4e38fac041f33f004cc9bf62f07240","sha512":"b09a5d74f8c5b06e8a92d7dd3d8504e5c8fcaab59892cc3b7088c3890e1dbf156ee27bea1694594382f756c057d9c302eae64ca14cc20958a164986b763f7993","ssdeep":"","tlshash":"2a31beb83549b57081b7b36a733e96d8fd758127210260dabc4c94e89f30e2b5202fd9","first_seen":"2025-02-09T02:55:54.162342Z","last_seen":"2026-03-23T23:45:38.265772Z","times_seen":11,"resource_available":true,"data":null}},"time_used":1189,"timings":{"blocked":565,"dns":0,"connect":0,"send":0,"wait":624,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1","fqdn":"discuz.gtimg.cn","domain":"gtimg.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:24.057Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cloud/scripts/discuz_tips.js?v=1 HTTP/1.1\r\nHost: discuz.gtimg.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/static/image/feed/friend.gif","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.210Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/static/image/feed/friend.gif HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:59 GMT\r\nContent-Length: 5156\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":841,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"097d1fff79b6e6b33aa73bd049974029","sha1":"a6dabfdde7346249e30372f93731222d67d56b52","sha256":"5f208b06f280e6a6b460c5a44f955261b5f7209ea4d757705b25ff2b80d490ba","sha512":"63d136694c8017e95af1b95019df2bc74564a82bcdceb9143bf53c840468c5039fae7e31bc2c9530fffd4aea2e85c7d7c7408337f3d08a5f53523049e8bbbffa","ssdeep":"","tlshash":"7601cc29d280a176fcda58e6f8f237d77a064823e0988bbb9495f323c1d617ba115349","first_seen":"2025-08-13T09:52:56.731865Z","last_seen":"2026-02-25T11:39:54.133982Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2533,"timings":{"blocked":1223,"dns":0,"connect":211,"send":0,"wait":1097,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/weibosina.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.220Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/weibosina.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:59 GMT\r\nContent-Length: 5184\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":5184,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"65cdbfad85dab7f88728f8a8c5163c11","sha1":"e4d67a77bf659f63c4034034e9e101ed46682c25","sha256":"229a6e9f706907f9bb416d692fe5ae1d5e49072c51e1cb601f479ad52ac7097b","sha512":"1efd33f08cef845e7c0f4f5194492f174f2d7456275897d066e62e2ed348fc2f79a6a3ad543e8a163826af1bd44217bd3a39c4df5848c0b9efa6dfc73736ff28","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvg7ipt9AG8TYcDms:Fz9XzHjKyDdUdscUZpr8b4Kmyl8p3urq","tlshash":"54b1943182d03039e9b644bef563ba8efb40d513e5bb9a35f5969612cbc2d3b5113348","first_seen":"2025-02-20T05:04:39.139886Z","last_seen":"2026-02-16T14:43:26.319293Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2874,"timings":{"blocked":1781,"dns":0,"connect":0,"send":0,"wait":1093,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/erweima.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.225Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/erweima.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:10:00 GMT\r\nContent-Length: 5180\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":5180,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0ce11a30671079720f478c51264e979e","sha1":"63207b3b37e445f761076195bf0fff14da91b029","sha256":"c4d95ba5c1d3799c10fb4d00413e37349d2362678038351c1fd99bf0a53c677d","sha512":"db7ced0cf3e447bb04768cf74e64dbf5fc3b798672adaba5ca90e7423ecca9324b57bc6000888dbc7a5194a5268abc83151fec7c7326be313229c316e7f36c26","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvg2pTiKt9AG8TYc9:Fz9XzHjKyDdUdscUZpr8b4Kmyl8p3zGq","tlshash":"f0b1833182d03039e9a644bef463ba8efb40d513e5bb9a35f5969613cbc2e3b5113348","first_seen":"2025-02-20T05:04:39.143151Z","last_seen":"2026-01-05T13:16:56.451156Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3899,"timings":{"blocked":2519,"dns":0,"connect":204,"send":0,"wait":1257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1","fqdn":"discuz.gtimg.cn","domain":"gtimg.cn","tld":"cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.182Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /cloud/scripts/discuz_tips.js?v=1 HTTP/1.1\r\nHost: discuz.gtimg.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T13:16:21.047Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /home.php?mod=space\u0026uid=4114762 HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-09T15:38:22.40258Z","times_seen":14902800,"resource_available":true,"data":null}},"time_used":828,"timings":{"blocked":607,"dns":0,"connect":-1,"send":0,"wait":0,"receive":0,"ssl":222},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/data/cache/style_2_home_space.css?PUW","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:23.641Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /data/cache/style_2_home_space.css?PUW HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618592%09home.php%09space; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: text/css\r\nContent-Encoding: gzip\r\nLast-Modified: Mon, 10 Mar 2025 04:06:22 GMT\r\nAccept-Ranges: bytes\r\nETag: \"78bd2ac97191db1:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:53 GMT\r\nContent-Length: 8117\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":27178,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27178), with no line terminators","md5":"7a360d27212aa74ad7762f1266511134","sha1":"8a5f0fa73bd3b5af315d2ae24ab654f8a46c7b44","sha256":"a9431ffa5e4cc4e80752db92eafab3f0af56bdbeb6414c9fa3060b21ddf31574","sha512":"a76c1e4d700f478d732ab226c37e471f2cce8f1c9134a738dfd717074c920701e98954ee0a1e89eccfd6a5d8784ba8861dcef3c64223163bbd504e9b2affc49c","ssdeep":"768:cONDxOfXQXoJz2TlxND0PsZlUmoB5BMW/lH:hsfqND0kkTBUW/V","tlshash":"85c2aa2096e5140d7437c7b3fc929addb21ac11bf36307eae95a3db4d90b5882533792","first_seen":"2025-02-09T02:55:54.151343Z","last_seen":"2026-02-25T11:39:54.142047Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2633,"timings":{"blocked":202,"dns":1,"connect":211,"send":0,"wait":234,"receive":1985,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/template/week_finance/images/tel_icon.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.154Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/template/week_finance/images/tel_icon.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:58 GMT\r\nContent-Length: 5182\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":5182,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"d27563cce9ac6f6d63f25a6a99c90277","sha1":"3a299b776d79369483129958fef38f02bd0f413f","sha256":"181ac441d93e5281a5888b986ea6b294dc2f05c7a0082f91ec04124a4b6315e2","sha512":"11e2d3ee1612dc4f124822d7e5b2f730042339ef96ec2f793c5a79b4ade9dcc3c64594389feefb6c1d381127b65de748ec226f405164214e4fc5b9cfc2edf238","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvgti9t9AG8TYcDms:Fz9XzHjKyDdUdscUZpr8b4Kmyl8p3IHq","tlshash":"16b1a43183d03039e9a640bef563ba8efb44d513e5bb9a35f5969a12cbc2d3b5113348","first_seen":"2025-02-20T05:04:39.134798Z","last_seen":"2026-02-16T14:43:26.275004Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1594,"timings":{"blocked":654,"dns":0,"connect":0,"send":0,"wait":940,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/install/include/static/image/common/search.png","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:28.203Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /install/include/static/image/common/search.png HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/data/cache/style_2_common.css?PUW\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618595%09home.php%09misc; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nCache-Control: private\r\nContent-Type: text/html; charset=utf-8\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:59 GMT\r\nContent-Length: 5160\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":5160,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"5e6fc8bd8c3861d7cb34d8d4d75b5997","sha1":"a5b58603a6d472b25f9adaa4b4c831d8f1e5f4c4","sha256":"f6e4613c7abb7fc26888e4a363e2f3756e61fa47ceee8de0d32f0b34885fcd51","sha512":"8038183e3e21bab6076ba0c5d9ec3b55e522772625d25047c9ed016c708f373925b87b0cb7dbbee514be65a1fe197bfef428b26a55f8ac4e84583ead70133bdb","ssdeep":"96:19F7f9X/bHjKyDdUdx2cUIApHLUpM24KOnylwbFDZppyhwdOvNt9AG8TYcDm+A0:Fz9XzHjKyDdUdscUZpr8b4Kmyl8py9AR","tlshash":"c0b1a23182d03039a9a640bef4a3ba8ef740d513e5bb9a35f5569a12cbc2e3b5113348","first_seen":"2025-02-20T05:04:39.13694Z","last_seen":"2026-01-05T13:16:56.453951Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1985,"timings":{"blocked":892,"dns":0,"connect":0,"send":0,"wait":1093,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"wzgroupup.hkhz76.badudns.cc/static/js/logging.js?PUW","fqdn":"wzgroupup.hkhz76.badudns.cc","domain":"badudns.cc","tld":"cc"},"ip":{"addr":"154.39.68.54","port":80,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762","date":"2026-01-05T13:16:23.658Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/js/logging.js?PUW HTTP/1.1\r\nHost: wzgroupup.hkhz76.badudns.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wzgroupup.hkhz76.badudns.cc/home.php?mod=space\u0026uid=4114762\r\nCookie: fxVo_2132_saltkey=YHT5t838; fxVo_2132_lastvisit=1767614992; fxVo_2132_sid=p77P7F; fxVo_2132_lastact=1767618592%09home.php%09space; fxVo_2132_home_diymode=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/x-javascript\r\nContent-Encoding: gzip\r\nLast-Modified: Tue, 08 Dec 2015 02:39:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"02268a16131d11:0\"\r\nVary: Accept-Encoding\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET,HiSheng\r\nDate: Mon, 05 Jan 2026 13:09:53 GMT\r\nContent-Length: 543\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:7.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":603,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with CRLF line terminators","md5":"92ddc79dff91e0a9be13c94f3122aae9","sha1":"6f39ccdef7985993ff146788a514acd383f0f037","sha256":"88d5cf56033b00c9fb060189cb763a8a0566c888ed2bc57d6f78cd655e47f8fa","sha512":"c8d4ce9c22f890d5a7cfe2c860172d04a2fbd59c01137308d8f53f4556b8b40df3616031761899f9c9ee0a066a371ad9932d5c2d3699bb89887e1f43f30e1e13","ssdeep":"","tlshash":"4ef00244376b161e4b8033e0007b8e45ff787630d015a46ce4103ac13e39916d463631","first_seen":"2023-03-07T13:14:49Z","last_seen":"2026-05-09T08:43:38.057387Z","times_seen":374,"resource_available":true,"data":null}},"time_used":746,"timings":{"blocked":390,"dns":0,"connect":0,"send":0,"wait":356,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"wzgroupup.hkhz76.badudns.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}