{"report_id":"f05335c1-4d4e-4904-bc28-1cbbb11d5edd","version":6,"status":"done","tags":[],"date":"2025-12-28T12:15:04Z","url":{"schema":"http","addr":"uxdl.bigeyes.com/","fqdn":"uxdl.bigeyes.com","domain":"bigeyes.com","tld":"com"},"ip":{"addr":"163.181.243.177","port":0,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"http","addr":"uxdl.bigeyes.com/","fqdn":"uxdl.bigeyes.com","domain":"bigeyes.com","tld":"com"},"title":"403 Forbidden","dom":{"size":182,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"8768c9119530429a29694b62c3398ed6","sha1":"97380c0418df1b0119a588fa11a112a26e901e21","sha256":"6bc6ef2d60ba905d77dc3484e663ba7b6106bb3e66682a64f35c03b8f9caa2a5","sha512":"48e1d6f247b877d86f1ef89f49dedc836ad63017077b0e78c7693a35557bece84b9d1c1fa154ef24f3e754cc18451360e344bcab2923273b4e6b0989998b15e8","ssdeep":"","tlshash":"cdc0805fe69e111e5f5357d4599f2bd0b554531475934c84ff0584cbd00087ed11b55c","dom_hash":"domhashbff6f9baafe2112e931551a0c1321140","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"uxdl.bigeyes.com/","fqdn":"uxdl.bigeyes.com","domain":"bigeyes.com","tld":"com"},"ip":{"addr":"163.181.243.177","port":0,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-01T12:15:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"uxdl.bigeyes.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"uxdl.bigeyes.com","ip":{"addr":"163.181.243.186","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"domain_registered":"2000-02-03","domain_rank":0,"first_seen":"2025-12-28T12:15:04.228502Z","last_seen":"2025-12-28T12:15:04.228502Z","alert_count":3,"request_count":3,"received_data":2712,"sent_data":1243,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"uxdl.bigeyes.com/","fqdn":"uxdl.bigeyes.com","domain":"bigeyes.com","tld":"com"},"ip":{"addr":"163.181.243.186","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-28T12:14:40.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bigeyes.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Thu, 03 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:77:44:24:13:F5:39:D9:D3:2E:50:F7:96:29:83:49:63:54:5C:48","sha256":"62:D1:8A:2A:35:C1:CA:D3:11:DD:3A:4A:9C:72:81:10:F3:65:DF:0C:F4:E8:C3:18:59:97:5B:C9:CA:60:10:16"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: uxdl.bigeyes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nContent-Type: text/html\r\nContent-Length: 238\r\nConnection: keep-alive\r\nDate: Sun, 28 Dec 2025 12:14:41 GMT\r\nX-Tengine-Error: You are forbidden to list buckets\r\nVia: cache13.l2fr1[0,0,403-1280,M], cache7.l2fr1[2,0], ens-cache8.gb9[25,25,403-1280,M], ens-cache6.gb9[27,0]\r\nAli-Swift-Global-Savetime: 1766924081\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-Error: orig response 4XX error\r\nX-Swift-SaveTime: Sun, 28 Dec 2025 12:14:41 GMT\r\nX-Swift-CacheTime: 0\r\nAccess-Control-Allow-Origin: *\r\nTiming-Allow-Origin: *\r\nEagleId: a3b5f39a17669240811557797e\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"f9fe2e9a4770fe7ef4eebdbd6385299d","sha1":"f7fa02b5871bbc37c01ef7d10a1612e771cc8eb7","sha256":"6e1c38d044037281bc69275855c2951880dcf534f456035d0276a244a4a8c81f","sha512":"446dc05ab46dddd1294f3ef2fbcc21907541eb8ec7e2e07335fa7e4002a444dc31b08b4841e5db5513f0e1fa49ca10c5d7244fc2de0743515f2473313f4904b7","ssdeep":"","tlshash":"e7d0a7bee64e2c1d57a362f425c76ae070652390779318c87e04a043664047d860f61d","first_seen":"2023-04-08T14:38:15Z","last_seen":"2026-05-10T12:08:19.133827Z","times_seen":2475,"resource_available":true,"data":null}},"time_used":1122,"timings":{"blocked":536,"dns":246,"connect":23,"send":0,"wait":50,"receive":0,"ssl":264},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"uxdl.bigeyes.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"uxdl.bigeyes.com/","fqdn":"uxdl.bigeyes.com","domain":"bigeyes.com","tld":"com"},"ip":{"addr":"163.181.243.186","port":80,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-28T12:14:41.391Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: uxdl.bigeyes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nContent-Type: text/html\r\nContent-Length: 238\r\nConnection: keep-alive\r\nDate: Sun, 28 Dec 2025 12:14:41 GMT\r\nX-Tengine-Error: You are forbidden to list buckets\r\nVia: cache13.l2fr1[1,1,403-1280,M], cache38.l2fr1[2,0], ens-cache8.gb9[20,19,403-1280,M], ens-cache21.gb9[21,0]\r\nAli-Swift-Global-Savetime: 1766924081\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-Error: orig response 4XX error\r\nX-Swift-SaveTime: Sun, 28 Dec 2025 12:14:41 GMT\r\nX-Swift-CacheTime: 0\r\nAccess-Control-Allow-Origin: *\r\nTiming-Allow-Origin: *\r\nEagleId: a3b5f3a917669240813831643e\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"f9fe2e9a4770fe7ef4eebdbd6385299d","sha1":"f7fa02b5871bbc37c01ef7d10a1612e771cc8eb7","sha256":"6e1c38d044037281bc69275855c2951880dcf534f456035d0276a244a4a8c81f","sha512":"446dc05ab46dddd1294f3ef2fbcc21907541eb8ec7e2e07335fa7e4002a444dc31b08b4841e5db5513f0e1fa49ca10c5d7244fc2de0743515f2473313f4904b7","ssdeep":"","tlshash":"e7d0a7bee64e2c1d57a362f425c76ae070652390779318c87e04a043664047d860f61d","first_seen":"2023-04-08T14:38:15Z","last_seen":"2026-05-10T12:08:19.133827Z","times_seen":2475,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":20,"dns":1,"connect":22,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"uxdl.bigeyes.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"uxdl.bigeyes.com/favicon.ico","fqdn":"uxdl.bigeyes.com","domain":"bigeyes.com","tld":"com"},"ip":{"addr":"163.181.243.186","port":80,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://uxdl.bigeyes.com/","date":"2025-12-28T12:14:41.528Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: uxdl.bigeyes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://uxdl.bigeyes.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: Tengine\r\nContent-Type: application/xml\r\nContent-Length: 380\r\nConnection: keep-alive\r\nDate: Sun, 28 Dec 2025 12:14:42 GMT\r\nx-oss-request-id: 69511F32C4D33239366622E0\r\nx-oss-cdn-auth: success\r\nx-oss-server-time: 3\r\nx-oss-ec: 0026-00000001\r\nVia: cache16.l2fr1[955,955,404-1280,M], cache38.l2fr1[957,0], ens-cache3.gb9[978,978,404-1280,M], ens-cache21.gb9[980,0]\r\nAli-Swift-Global-Savetime: 1766924082\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-Error: orig response 4XX error\r\nX-Swift-SaveTime: Sun, 28 Dec 2025 12:14:42 GMT\r\nX-Swift-CacheTime: 1\r\nAccess-Control-Allow-Origin: *\r\nTiming-Allow-Origin: *\r\nEagleId: a3b5f3a917669240814991916e\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":380,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text","md5":"4c06e80ef9522846bc7a23428e003d73","sha1":"807e5eb80c6723b056b7bdfe4d02c88c0c2cff4a","sha256":"3e19ab90a504e105dc0a80d45252898f2d599d47f9a38ba461242872fb44688b","sha512":"18ec992a4df79e72ffe0b6f5cf5e839a48321cc6ecfb37d872c9744d5cb617db63348966bf933e3532738598d4532f6d2bbfc45164e2e66c3e63f2f98e3f21db","ssdeep":"","tlshash":"07e06862c348d016c6c0193a9927ff00c2a0f1fa3bd0813c168946e229985e20d9fa08","first_seen":"2025-12-28T12:15:06.297177Z","last_seen":"2025-12-28T12:15:06.297177Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1003,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1002,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-28","alert":"Sinkholed","trigger":"uxdl.bigeyes.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}