{"report_id":"f3c99c95-b7ed-4caa-b07d-08ed3b17ebb2","version":6,"status":"done","tags":[],"date":"2026-02-10T14:22:47Z","url":{"schema":"http","addr":"chromekz.com","fqdn":"chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"www.chromekz.com/","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"title":"Chrome插件,谷歌浏览器插件下载,谷歌商店插件crx应用分享与下载-Chrome扩展网","dom":{"size":70659,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (561)","md5":"2ffece9e315b59fd7007e96fb269b98f","sha1":"6bee8e299c0cf9eacd5dbcf867837bc113bc1ddb","sha256":"8014949057094a99bf5fd978d84ea2fe4dfbc67b3ff5550b53843ddc3e489a6f","sha512":"8c42d5607e13a5e39b536d79eb48f774ee51b1524a4b01b88485da679f9124c8bdd21dc4ca5640d371b837d8224edb8b5ea867439de273cac4c336af86442245","ssdeep":"1536:Fz40jFW1Vdn1Q6xO1XBnM1dipL1J4H/M1CxlM11iP9O1aHvL1OBYO1BdKIIIeg+X:Fz4OGM12Q450Akfv/c6w0ISizn8Z2Ogv","tlshash":"da63a4b2049eac3b5247aad1b054f72db9eb0e7bcf0249d3b3f7125497c2ea0a496415","dom_hash":"domhash928d34a96d0807b68098d53f5299fb9d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"chromekz.com","fqdn":"chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-17T14:22:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"chromekz.com","ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2023-10-16","domain_rank":0,"first_seen":"2026-02-10T13:43:52.90907Z","last_seen":"2026-02-10T13:43:52.90907Z","alert_count":2,"request_count":1,"received_data":62885,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"gravatar.loli.net","ip":{"addr":"172.67.69.40","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2011-05-28","domain_rank":3292733,"first_seen":"2018-05-27T21:58:11Z","last_seen":"2026-02-10T13:43:53.490588Z","alert_count":0,"request_count":1,"received_data":1108,"sent_data":582,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.chrome68.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-12-30","domain_rank":0,"first_seen":"2026-02-10T14:22:48.149918Z","last_seen":"2026-02-10T14:22:48.149918Z","alert_count":0,"request_count":9,"received_data":0,"sent_data":4273,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.chromekz.com","ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2023-10-16","domain_rank":0,"first_seen":"2026-02-10T13:43:52.910143Z","last_seen":"2026-02-10T13:43:52.910143Z","alert_count":62,"request_count":31,"received_data":1768198,"sent_data":16426,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-02-09T02:29:32.887209Z","alert_count":0,"request_count":2,"received_data":30880,"sent_data":1345,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"i1.wp.com","ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"1997-03-28","domain_rank":44421,"first_seen":"2012-09-27T05:17:34Z","last_seen":"2026-02-04T23:53:15.3049Z","alert_count":0,"request_count":1,"received_data":256,"sent_data":391,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/jquery.lazyload.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"6d40d658fe2d5293bcbdb363f182c705","sha1":"552f41b4ef3c172023ad7c01d216fb68c0d709e6","sha256":"d69ba2f7584da5ba005d5745bdbee3d9e1247a25e9e8bf1817b8903a8ca92576","sha512":"c14e7ffaa7263d6b6771c22f0e6fd5e4a5183bd336d288e98abb0e889a396eab15bbf6afda9dcd715e9b2e25ca55c0c12915fe90e1b5ad91dcfcfa831b000ebc","ssdeep":"192:lSbYJT1MoDV2GOYNrZiwevQx2xtPqDz8WPRbFbW16sPUZq40hz/b2:t1MMhiNvQx2xtPuzdPRFSg7qx2","tlshash":"de32f99c7592393aa9e325fc853f100aa536f96b40464d74f045e8c27cfcda55233e5e","size":11180,"data":"","first_seen":"2025-06-15T22:40:43.023909Z","last_seen":"2026-06-02T08:50:27.508212Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-includes/js/clipboard.min.js?ver=2.0.11","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce2cbdbff7c215d0e6ce9062b471511c","sha1":"1a4e72530ce52dd6e39800f98297a4c39c0827d0","sha256":"39d936419f925ba03cd40187aa35b0d892ac44a1e235d29a55e4d2af42eb4a74","sha512":"ad7796c2167518151f6104270d76a3b5e4a69407969d5b2fa630ede39756bd0367e5652d1a8b8d8d46d9f4b0730486d4c030d20d796eb19aa5a3df2c6d3cad2f","ssdeep":"192:jdHxtMHHwpUJTyHg4LyAalqkp/eo9sfkA37wx856kbHpGo+v:j9npUJTKzGqAGoWB7wx8gkdGo+v","tlshash":"eb329599b2c1b0b14bd770a9412f820ff277a969704a9090d269d8f0bdbcd9e4523f3d","size":11072,"data":"","first_seen":"2026-02-10T13:44:07.703544Z","last_seen":"2026-02-10T14:22:53.690436Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/begin-script.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef126ab817cc362c2080d6ac08404a83","sha1":"5e94305e0ed72fb43b72eab823f81bc07198cd7b","sha256":"0b9957b50756d08ce4b9e739e9f79770aa05473c79f46c9b7e0af8d3ae8dcc24","sha512":"1d984e909ed204b1b0e45eb8d31039df922f6f645a892510c7d175bc47215597e4fcd05dfef1bd39211fe4ef79ced6667bf9c4c51b37a1bd1ad43c90515407ca","ssdeep":"768:mZiEuxRwdl96UGcnwKWkcSTR26R2Q4aO+MxjmsFzZzDR1dU5ujfHnNsziWPJiV:mZlLVnnwKWkNV2q2yqdfR1dU5uDHNsz6","tlshash":"2113731df180b5b742fb62aa706f620671323ca7d605c499f56884f54eb8f8d6433b2e","size":42739,"data":"","first_seen":"2026-02-10T13:44:07.706786Z","last_seen":"2026-02-10T14:22:53.695026Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/3dtag.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"8497ce49b052225f989a861795e253a9","sha1":"7498b3150f7e1e9eabaef6a42eddacc8440e8c6b","sha256":"4f1cafafbbe7f88908c2e03ca76cdbae4ec293a6fa9c71dba676d7c45c8fc4e2","sha512":"c7faab1f56269012bb3643e5e8b9ca772d3001e5a2d6b1a516de219ee3b3909869ab743b1bcc45531d5081220680009a925c2562b425d24265b6e2be292cbf2f","ssdeep":"","tlshash":"1b51ff0eb717506a9ce6d369d4ce664f212070779c83e7e62c2581a0ff656f910ff928","size":2940,"data":"","first_seen":"2025-10-13T04:55:58.311206Z","last_seen":"2026-02-10T14:22:53.696964Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?2a5fae2db31888ea71e8757a3d6314b8","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"a38ec1e12629934d8da19ebb28df6bfd","sha1":"c65a6f8115b9d5680d62e11ff6e41ff219b2256d","sha256":"6d1ae6ea405bc7c66833350449b57dca703362134d09a196c47fd202d7f8eed1","sha512":"5adf0dd4ffa82346308a2db0b506e9e9d83dcaf7220d541d9ed65ad449f10a83190e19a5eb4faafd1b935ade962f5a598206014dfa32d1b5e4762c0c5659e85f","ssdeep":"384:YoJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:Yo4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"76d2daa9b282713293a324a5153f724ef07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29898,"data":"","first_seen":"2026-02-10T14:22:53.669641Z","last_seen":"2026-02-10T14:22:53.669641Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/favorite-script.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"2bdda0b14a5909aee692d865218ba814","sha1":"e2ff538bf193447217ed1dfd8a2fd8c186febd03","sha256":"cf1e64bcae20cf2fee936c67156c268de4a1a8ef0d026f9cea89ea19bb683ed1","sha512":"596198c311cb169c0c1702af5d84201ef531a9658d5b9997ed25195d62133b5cfd3ffb06dbe2486bf4e48a27c8ec901753f1432801064e9815e44128764c965c","ssdeep":"","tlshash":"3311bd00735ef58e40c733581237a806787dc373c8498169157b38596bd45aa6301c4c","size":1002,"data":"","first_seen":"2023-03-13T01:59:02Z","last_seen":"2026-05-12T22:46:14.389932Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/superfish.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ae52b48517becd3020c5b5aac3b4be8","sha1":"84ee7417964ddfa0546f2d2166e1262075bf0db7","sha256":"dec346a62a2b9ace71463a36b6be2369bb8770044d72bdbd0d68c1a3b41b0bd3","sha512":"0274729d1710e6cc73fcc75f51431b217daeb6d867d0724cceb977a19dc99182c5581fa17f26868ce7f332371719c0e756e7cc95130fad117e5440d2f6b92f72","ssdeep":"384:CJnc87y0u1MjA5BD1xWr+pM9GfNSSWXpphupE07/8sQeGe5Qs:KqqKBD1vM9GY9XpphupHme755","tlshash":"ba92c85db34a31b291fbb219503f5609a23aa929d80340acf979c5d80cf5e2a7137f7d","size":21187,"data":"","first_seen":"2025-06-15T22:40:43.036022Z","last_seen":"2026-06-02T08:50:27.482243Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/nice-select.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"12052115432a42eae66d854e54842a34","sha1":"598788459ae6f290cfcf3e5688fb22e8d8a73ac7","sha256":"f4a70b52786f548df23da7200ca49080976ee84c1a14f96eaa7fe762f188ce2a","sha512":"0b015494e61044b333f2c3a41ce94ee9a1c9b1edc60923b20ed6c571283cf43e489cebc771107dea7f13f4c55f73d6aaac7565b445e07a265a5d985b624ffe00","ssdeep":"","tlshash":"84514018b10522f548ff24d37912b147a075193dc42ac14be9be86b21efec02aab7d4f","size":2924,"data":"","first_seen":"2023-03-07T01:28:32Z","last_seen":"2026-06-02T08:50:27.50915Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/sticky.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"65282225eda225ffbf3fc0f880508468","sha1":"fe0d21e82f31ebeec48bffabe64ce377a5842e53","sha256":"81b670546b75faa9112c06f766bcd5ccc6f167ec42d63fa1058b8a824adae071","sha512":"199a5c1ae31d3a4ff1af5849647728cfa5c82d60960f74058dabb1c60450513f6bc88878a46541edc72dd312114b643c0136cb416fca75a28a59069f0d57c4f1","ssdeep":"96:nYVAQF3UUw03Az/S99YUOkXZkvSca0AcW5PWgbRVKAl:gASEo99YUOL6cdAhP/TK4","tlshash":"5bf12d1a2b90623596ebb2cf91dfa03a917e8e7307c6c435661c46dc1c99366e0c3fc9","size":7497,"data":"","first_seen":"2023-03-07T01:28:32Z","last_seen":"2026-06-02T08:50:27.495258Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"77c975d66732cc34eff721b1093bd0a2","sha1":"99928ce994ee08def5b39397f2180e277e48dba5","sha256":"902c60a5438c142b32404a842c9a6ac628970f86a0eb01380982d39c94b64313","sha512":"d415915197764750133692ad9d1bf478df02d88c1144ad7fb8758ae45eeff0aad79ef264fe6636db48cc625f392ba5c50e3129aa4e6dbd66f7c6c0d72bd10daf","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKPkd0v:sHNwcv9VBQpLl88SMBQ47GKMdI","tlshash":"1493f8df73cab02247a770b9006f550bf276599d684d4400f259d8e9bc78a4a823bf7d","size":89616,"data":"","first_seen":"2026-02-10T13:44:07.705859Z","last_seen":"2026-02-10T14:22:53.681628Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/ajax-tab.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b95582ee36c5d783b38fef1843527ed","sha1":"fedba18f622359bde6d1bfb77e3acdb6a4113892","sha256":"45e05b0044a7ec9fadb4796d05ca148ac10fe4f78141a33e3aacd3fbc7ab42d9","sha512":"2b41947a988fd52345e54f49e90aa09f57b779de74e95c46c4536a54db33152ad5297703849fb0ab4bdfd1d53d46ca8f36d0431089f65b044359a5917b222a2b","ssdeep":"","tlshash":"d831d060721589fe13b6782d3d2ff052a822a633fa025649717cb47454f16de83b2777","size":1487,"data":"","first_seen":"2024-08-21T03:39:09.971487Z","last_seen":"2026-06-02T08:50:27.505195Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/qrious.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ebdbea5bd9a567cc840b0093c472628","sha1":"4be712985a6caad17cce2bf5819839f32140c85c","sha256":"c072a9d799db77102a0c257076fddf6adfb98335390f55ecc372ab00b16c7a0f","sha512":"efb3b7bf88688c42616570a495d62e2fb08212d43f1e6774b0dbd37b1aabeb72dad8077c81091324f68f2300c93c1a55a6139971121d5544ebfb4a40116dcdd7","ssdeep":"384:y2HJOCXOLl8aRuhBhp+zlwcqiI12m8jtlr:yhLqaRAQzlvmur","tlshash":"f8829695b3a1956a639a2ad50c3f244f42f2e4593418419cfbb2c9dfbd3c4c96039f3a","size":17661,"data":"","first_seen":"2023-03-13T01:59:02Z","last_seen":"2026-06-02T08:50:27.518415Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/owl.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"d517ef9f127ea4fdfd6eb4cc2caeb9a5","sha1":"1475f52aba87611aeb684508f92d48a2bdc05bc7","sha256":"3395cf57dd1508c146b34ff419604e58909dcd3d01faef1b397592e90dd0b5ae","sha512":"b4433c36160d3ad94fca2832014c25cc44ea7bcd39630821b11d48dedb786e4c27a593da4a6e52c9038f050206aaddb56c3f4e74766471fda739086720bf7af5","ssdeep":"768:OCI7dmuMFAAJG4dlQKNORpnXGAtep2lcwJeL+wr2RSNc7UuHjRUQuFBt3AJ2vdbJ:VITMFC4dbMVRSNcgRDSJ2vdbwYI4XT","tlshash":"1c239545b3202d2a8a9b61e0663f160bb23e241ce415907d79b9a5ee5c7d84d203fbfd","size":49475,"data":"","first_seen":"2025-06-15T22:40:43.070965Z","last_seen":"2026-06-02T08:50:27.516619Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/fancybox.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"5875bcd3efa83fdb3ead060e6a6ad3de","sha1":"efedaea13450dbb438a815f77b33001562af4c78","sha256":"82db74393d079391cdd9633de11c296b8885b78094f2be8d87305ec959219df5","sha512":"1ca3c9cb32dc701bc63ee747f658a5924daffb71da5dbef26b25de79722d7722900ffbcaf11f31e532e7150d5ce1ee88d3fa07c63a51b2ae46ef76742257ee81","ssdeep":"1536:Ebz/GevmZzMMTZYu+gfsI30NcNyYMJA65IqRGcTJ7jBTA:a/GevmZzMMTZYu+gkI30+NyYMfWqRGcI","tlshash":"8543f89eb710703186bb15a4a30f520ed5377516f20285f278add4951ae4fc822ebffa","size":59799,"data":"","first_seen":"2023-03-13T01:59:02Z","last_seen":"2026-06-02T08:50:27.471211Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-07T01:12:55.001935Z","times_seen":121501,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f4d1696aeb07760f0c9784225a36c8d1","sha1":"09c8eed809600f9251f16d0f4b79538c27b9d25f","sha256":"07d4c1e02da7f409f781bf518b347b546356d9af19a3a65bc56c25d0a2e02c1a","sha512":"1ff4dec6c2db029eb160a310041013274e7220e2145ef7715ceaaf7e2b220ce58e8c9b8b5e19e8e9f2724b43014607a78f605bdbdcb80421decc465a0da04e83","ssdeep":"384:5rprxaefKI0LP19m4q1WW+h4MjgkdGo+v:lK60LP3m4qJ+h4MMkdGtv","tlshash":"b262e86d7596b9354bb761b9b02f924f71b7198e160d8940d19cc8f6383cc6e822bf38","size":15640,"data":"","first_seen":"2026-02-10T13:44:07.697437Z","last_seen":"2026-02-10T14:22:53.68281Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/ias.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"0e67b55b2532417f3cf93ffb8b9b0f6c","sha1":"369d12776c4e34c3a76d9c7b9d8e46f5ee0541dc","sha256":"1778ab8f546109c939f4bea5c83aee23926897d26ce0115faece229fc6b08ee4","sha512":"1e6b135f3490ac862964412a747cdb29f35388edaee5daea8a409aab34522026dc8218c8f2c88e616a5121f388fe30b0c9b389cbb997900175fbb8621f79a7a8","ssdeep":"384:UQn0S4RE+IV5aZGrWFSMekvo/FIGtrnBeJV:UQn0HRfIVEGrkSMvoNIGtrBoV","tlshash":"de62524d71957a2586bfa0b9e17b0709b337581db84ad26c7188d8dabcb450c322af38","size":14538,"data":"","first_seen":"2023-05-01T20:18:57Z","last_seen":"2026-06-02T08:50:27.486356Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-07T01:12:55.001935Z","times_seen":121501,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"f7859800bca65082f311e4bba97ff261","sha1":"951eeea8c1db1d22721f480907f96f906f546562","sha256":"65a23cbc236d3edba21c4fee196d9252648b2c15fa4c85f5bd729e74489c68e9","sha512":"eda124eb3c8a2f40eb61d954babbfb2f3dddcbfc3493c19d3e3dbc62f0df354aac3fe8f137b3779c99738f9988cbebd69ef6a45ae8e030ab703f7f13912d283b","ssdeep":"","tlshash":"67f059df6380cd8c3ad33c78a01a4a4c69994d36edaf59d58849700d25c992218d25ef","size":534,"data":"","first_seen":"2026-02-10T14:22:53.699013Z","last_seen":"2026-02-10T14:22:53.699013Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.chrome68.com/wp-content/uploads/2024/05/2024052810205989.jpeg","fqdn":"www.chrome68.com","domain":"chrome68.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.946Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2024/05/2024052810205989.jpeg HTTP/1.1\r\nHost: www.chrome68.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/owl.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/owl.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-c143\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49475,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31997), with CRLF line terminators","md5":"d517ef9f127ea4fdfd6eb4cc2caeb9a5","sha1":"1475f52aba87611aeb684508f92d48a2bdc05bc7","sha256":"3395cf57dd1508c146b34ff419604e58909dcd3d01faef1b397592e90dd0b5ae","sha512":"b4433c36160d3ad94fca2832014c25cc44ea7bcd39630821b11d48dedb786e4c27a593da4a6e52c9038f050206aaddb56c3f4e74766471fda739086720bf7af5","ssdeep":"768:OCI7dmuMFAAJG4dlQKNORpnXGAtep2lcwJeL+wr2RSNc7UuHjRUQuFBt3AJ2vdbJ:VITMFC4dbMVRSNcgRDSJ2vdbwYI4XT","tlshash":"1c239545b3202d2a8a9b61e0663f160bb23e241ce415907d79b9a5ee5c7d84d203fbfd","first_seen":"2025-06-15T22:40:43.070965Z","last_seen":"2026-06-02T08:50:27.516619Z","times_seen":4,"resource_available":true,"data":null}},"time_used":2685,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2685,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/uploads/2023/02/2023020806510448.png","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/uploads/2023/02/2023020806510448.png HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 208245\r\nlast-modified: Wed, 08 Feb 2023 06:51:04 GMT\r\netag: \"63e34658-32d75\"\r\nexpires: Thu, 12 Mar 2026 14:22:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":208245,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 702 x 693, 8-bit/color RGB, non-interlaced","md5":"95fabf9f5039c2dbfce1f59e21d83fd2","sha1":"0f6cd0ca1690eb3f1c92f21e80156896c4d61522","sha256":"3e2ee4577ade1be9f2f846c2c0a4e1352312cd3c58fbe24155c93492ed538d30","sha512":"aead72a508a8673a26e1dfffbaadaafe1c29e2b7ef3c5b72788ed8d8684464f1c25fa68476f0bcb66faee67332f009598645bc7525e98e2f7c7aa0aae6bda597","ssdeep":"6144:gyQIeDG3RWN+3e3bJOe8BW+QctBrAzvQN:gyQIeC3c+yOB0cbrUQN","tlshash":"3c1412a54ea7a3d1de5016536ecbe81069eb1e8370fd4d96c8275c7380213a877f99c3","first_seen":"2026-02-10T13:44:07.700905Z","last_seen":"2026-02-10T14:22:53.663295Z","times_seen":2,"resource_available":false,"data":null}},"time_used":7762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2694,"receive":5068,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/css/be.css?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/css/be.css?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 02 Jan 2024 12:32:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025c-6711c\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":422172,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c04984dfdbb4726bf9d1f9f2746bb6c0","sha1":"bcb6e250c0c81d7188580a0266043944058aecde","sha256":"f11947d0ca65a1713e6bdd5bbc135d0af342eebcda345ca9bfde0049400ffc7c","sha512":"6583fd46c17d3510ae6b72fee52798b163f3d3ecf93fbe6b32e9fec4f458cfae4093b49f6c5ce1b636abf28e6a0bf5c1ff272b25143909fd5472fabb00999431","ssdeep":"3072:AqshgwGncaNKOk19F5MKzqDHnJuJTluwSgBvlPInAfwKg9KPnvZ5PfAN4n9:AqgxGncaNKJuwSgv1Z53AN49","tlshash":"1594c5b1e680312cb823db61aad556ec363c9013fe230dedf6697634c6c39e506b7649","first_seen":"2026-02-10T13:44:07.702499Z","last_seen":"2026-02-10T14:22:53.66538Z","times_seen":2,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-10T14:22:26.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:29 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um; path=/\r\nlink: \u003chttps://www.chromekz.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":62465,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (561), with CRLF, LF line terminators","md5":"305dcd059366c695eb4b31a026c3a488","sha1":"1437fcfff0dbd9f5d399f0c67a61800fffd1eadf","sha256":"0c5322eab8985354e7b8580a305a2f1f99b483b8c14b17a168a5c98131084ab6","sha512":"5050b8df165795976debb2fe4639fb96d5100ff63e0aaae6efab1097989711af73ac453ed3d40edc0f18fb48b3a42784a160cfb0bf755468737fcd107cb97a0f","ssdeep":"1536:Hz4R4LKnfA0Tb1LJk1Smi1xVW1JA/1Xj0K1cbq1Nizs1ubH10nl1RLIIIeHzIII+:Hz4FZxDumjeU66F1TcV0ISizn8Z2OgWN","tlshash":"8753747264aee83b52539ad3a074f72da4dbc93bcf0244d3b2f6277753c2ea06486115","first_seen":"2026-02-10T14:22:53.667308Z","last_seen":"2026-02-10T14:22:53.667308Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2893,"timings":{"blocked":384,"dns":0,"connect":0,"send":0,"wait":2509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?2a5fae2db31888ea71e8757a3d6314b8","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:33.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?2a5fae2db31888ea71e8757a3d6314b8 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11292\r\nContent-Type: application/javascript\r\nDate: Tue, 10 Feb 2026 14:22:40 GMT\r\nEtag: c6cb3441a70f73176d45c0a3190999dc\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=D5E76C8F8C31137F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29898,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (622)","md5":"a38ec1e12629934d8da19ebb28df6bfd","sha1":"c65a6f8115b9d5680d62e11ff6e41ff219b2256d","sha256":"6d1ae6ea405bc7c66833350449b57dca703362134d09a196c47fd202d7f8eed1","sha512":"5adf0dd4ffa82346308a2db0b506e9e9d83dcaf7220d541d9ed65ad449f10a83190e19a5eb4faafd1b935ade962f5a598206014dfa32d1b5e4762c0c5659e85f","ssdeep":"384:YoJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:Yo4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"76d2daa9b282713293a324a5153f724ef07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-02-10T14:22:53.669641Z","last_seen":"2026-02-10T14:22:53.669641Z","times_seen":1,"resource_available":true,"data":null}},"time_used":9661,"timings":{"blocked":2800,"dns":282,"connect":204,"send":0,"wait":4063,"receive":2,"ssl":2306},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i1.wp.com/mm%202x","fqdn":"i1.wp.com","domain":"wp.com","tld":"com"},"ip":{"addr":"192.0.77.2","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:35.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wp.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 19:44:49 GMT","end":"Sun, 03 May 2026 19:44:48 GMT"},"fingerprint":{"sha1":"74:16:DF:29:E8:C6:D5:FE:A5:36:94:0A:16:BE:D1:6C:47:5D:73:4E","sha256":"6B:F6:59:57:FF:CF:20:B1:02:F4:62:B9:0B:13:CF:BC:2A:97:53:23:B5:D3:82:11:79:85:81:64:BE:85:54:75"}}},"request":{"raw":"GET /mm%202x HTTP/1.1\r\nHost: i1.wp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:35 GMT\r\ncontent-type: text/html; charset=utf-8\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: EXPIRED arn 18\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=EXPIRED;dur=23.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":32,"dns":0,"connect":8,"send":0,"wait":30,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chrome68.com/wp-content/uploads/2024/06/2024060209051998.jpeg","fqdn":"www.chrome68.com","domain":"chrome68.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.925Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2024/06/2024060209051998.jpeg HTTP/1.1\r\nHost: www.chrome68.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-includes/css/dashicons.min.css?ver=6.4.2","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-includes/css/dashicons.min.css?ver=6.4.2 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 03 Mar 2021 21:16:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"603ffca6-e688\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59016,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58981)","md5":"d68d6bf519169d86e155bad0bed833f8","sha1":"27ba9c67d0e775fc4e6dd62011daf4c3902698fc","sha256":"c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e","sha512":"fd0956d1a7165e61348fda53d859493a094d5a669aa0ba648be3381b02ed170efd776704af6965f1e31143f510172ee941d4f2fc32c4751d9b8763b66301486d","ssdeep":"768:oey/Z24B3P3aXOhUzSv16CAyLquqSfurIdUMbs73KO08QSJ2BQH02CRqxMWs5rJq:ox/ZvB/qPWMiquqioMUXQSJYIMW+rJq","tlshash":"9c43c2b1a74a40d677b0c843af65b26a5582bd7df8409cdef40b821c1af3635069dfb8","first_seen":"2023-04-05T05:16:42Z","last_seen":"2026-06-06T23:49:07.874956Z","times_seen":131122,"resource_available":true,"data":null}},"time_used":2470,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2470,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/qrious.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/qrious.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-44fd\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17661,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (17412)","md5":"3ebdbea5bd9a567cc840b0093c472628","sha1":"4be712985a6caad17cce2bf5819839f32140c85c","sha256":"c072a9d799db77102a0c257076fddf6adfb98335390f55ecc372ab00b16c7a0f","sha512":"efb3b7bf88688c42616570a495d62e2fb08212d43f1e6774b0dbd37b1aabeb72dad8077c81091324f68f2300c93c1a55a6139971121d5544ebfb4a40116dcdd7","ssdeep":"384:y2HJOCXOLl8aRuhBhp+zlwcqiI12m8jtlr:yhLqaRAQzlvmur","tlshash":"f8829695b3a1956a639a2ad50c3f244f42f2e4593418419cfbb2c9dfbd3c4c96039f3a","first_seen":"2023-03-13T01:59:02Z","last_seen":"2026-06-02T08:50:27.518415Z","times_seen":15,"resource_available":true,"data":null}},"time_used":2687,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2687,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=D5E76C8F8C31137F\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1832603845\u0026si=2a5fae2db31888ea71e8757a3d6314b8\u0026v=1.3.2\u0026lv=1\u0026sn=43196\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.chromekz.com%2F\u0026tt=Chrome%E6%8F%92%E4%BB%B6%2C%E8%B0%B7%E6%AD%8C%E6%B5%8F%E8%A7%88%E5%99%A8%E6%8F%92%E4%BB%B6%E4%B8%8B%E8%BD%BD%2C%E8%B0%B7%E6%AD%8C%E5%95%86%E5%BA%97%E6%8F%92%E4%BB%B6crx%E5%BA%94%E7%94%A8%E5%88%86%E4%BA%AB%E4%B8%8E%E4%B8%8B%E8%BD%BD-Chrome%E6%89%A9%E5%B1%95%E7%BD%91","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:40.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=D5E76C8F8C31137F\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1832603845\u0026si=2a5fae2db31888ea71e8757a3d6314b8\u0026v=1.3.2\u0026lv=1\u0026sn=43196\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.chromekz.com%2F\u0026tt=Chrome%E6%8F%92%E4%BB%B6%2C%E8%B0%B7%E6%AD%8C%E6%B5%8F%E8%A7%88%E5%99%A8%E6%8F%92%E4%BB%B6%E4%B8%8B%E8%BD%BD%2C%E8%B0%B7%E6%AD%8C%E5%95%86%E5%BA%97%E6%8F%92%E4%BB%B6crx%E5%BA%94%E7%94%A8%E5%88%86%E4%BA%AB%E4%B8%8E%E4%B8%8B%E8%BD%BD-Chrome%E6%89%A9%E5%B1%95%E7%BD%91 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Tue, 10 Feb 2026 14:22:41 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=1BC06A01DF13A25C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-07T01:12:54.972934Z","times_seen":366886,"resource_available":true,"data":null}},"time_used":890,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":890,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chrome68.com/wp-content/uploads/2024/05/202405281032046.jpeg","fqdn":"www.chrome68.com","domain":"chrome68.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.938Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2024/05/202405281032046.jpeg HTTP/1.1\r\nHost: www.chrome68.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/sticky.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/sticky.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-1d49\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7497,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5041)","md5":"65282225eda225ffbf3fc0f880508468","sha1":"fe0d21e82f31ebeec48bffabe64ce377a5842e53","sha256":"81b670546b75faa9112c06f766bcd5ccc6f167ec42d63fa1058b8a824adae071","sha512":"199a5c1ae31d3a4ff1af5849647728cfa5c82d60960f74058dabb1c60450513f6bc88878a46541edc72dd312114b643c0136cb416fca75a28a59069f0d57c4f1","ssdeep":"96:nYVAQF3UUw03Az/S99YUOkXZkvSca0AcW5PWgbRVKAl:gASEo99YUOL6cdAhP/TK4","tlshash":"5bf12d1a2b90623596ebb2cf91dfa03a917e8e7307c6c435661c46dc1c99366e0c3fc9","first_seen":"2023-03-07T01:28:32Z","last_seen":"2026-06-02T08:50:27.495258Z","times_seen":27,"resource_available":true,"data":null}},"time_used":2681,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2681,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/css/fonts/be.woff?t=1501323857226","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:34.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/css/fonts/be.woff?t=1501323857226 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/wp-content/themes/begin/css/fonts/fonts.css?ver=2023/05/25\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:34 GMT\r\ncontent-type: font/woff\r\ncontent-length: 16504\r\nlast-modified: Tue, 02 Jan 2024 12:32:28 GMT\r\netag: \"6594025c-4078\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16504,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 16504, version 1.0","md5":"658a1f9d757fd1e923aa916e5a9b1253","sha1":"35fafcb8ac168e67cc5d6613aff7eb3b22613354","sha256":"7dc6a7e6ebcc595fa857f92a31acef539639c6ff7341ea019a8d1c3f8e8d773e","sha512":"ee0f7d5cd297cc02f2feb624188bae7e8cb4ac9699f6c87369180abed8aaec5d43134a8517641ec8dcd426d26d6bf9ba666fd3fa4a0b909eabf186e51836832e","ssdeep":"384:o/gXj82PEJeU2eMirLbbZOXQZuLC1/13/zUHESmjw/pnQyq:oIzvPqeU2eNfuCj3/MxPRny","tlshash":"bb72d096b6112ab7de9e807bad3326279bb0021043d9078fb3b185074dc7bb5469f593","first_seen":"2023-05-01T20:18:57Z","last_seen":"2026-06-06T18:45:53.713806Z","times_seen":106,"resource_available":false,"data":null}},"time_used":1292,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1290,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/uploads/2024/06/2024060906220559.jpg","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/uploads/2024/06/2024060906220559.jpg HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um; Hm_lvt_2a5fae2db31888ea71e8757a3d6314b8=1770733361; Hm_lpvt_2a5fae2db31888ea71e8757a3d6314b8=1770733361; HMACCOUNT=D5E76C8F8C31137F\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:42 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 68442\r\nlast-modified: Sun, 09 Jun 2024 06:22:06 GMT\r\netag: \"66654a0e-10b5a\"\r\nexpires: Thu, 12 Mar 2026 14:22:42 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":68442,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 640x400, components 3","md5":"48f03d70102599e7b0260fac26e6d088","sha1":"0a6236ce943b20e4aa37ae46570b8191f91c14d9","sha256":"7d5ca81a6bd50d0437f57c03b75081d710ca5c5f9e3563ec70d6428f71420eb7","sha512":"c4fcad817ef42ed7d363644bb4a160c69b9ab02d0f1331b6706c04a3ce83d4ee77e0a0899fee78a38cae1d5bc0beddd908ab3c6350071bab3aaf7fb06a5c26fd","ssdeep":"1536:3mdggggggggggg4ZoyiHJ0KXiZNL7ygZVccg8JLaz/4HTjydPpr:2HmyNND3ccg8JQ/4H6Lr","tlshash":"9463e1376c0449cbb27d81e6fd095ebcbea45a4e75a12ecb01955ecd3bad4732c0e108","first_seen":"2026-02-10T13:44:07.700047Z","last_seen":"2026-02-10T14:22:53.677756Z","times_seen":2,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chrome68.com/wp-content/uploads/2024/06/2024060209104811.jpeg","fqdn":"www.chrome68.com","domain":"chrome68.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.917Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2024/06/2024060209104811.jpeg HTTP/1.1\r\nHost: www.chrome68.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chrome68.com/wp-content/uploads/2024/06/2024060204131390.jpeg","fqdn":"www.chrome68.com","domain":"chrome68.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.927Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2024/06/2024060204131390.jpeg HTTP/1.1\r\nHost: www.chrome68.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/ias.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/ias.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-38ca\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14538,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5048), with CRLF line terminators","md5":"0e67b55b2532417f3cf93ffb8b9b0f6c","sha1":"369d12776c4e34c3a76d9c7b9d8e46f5ee0541dc","sha256":"1778ab8f546109c939f4bea5c83aee23926897d26ce0115faece229fc6b08ee4","sha512":"1e6b135f3490ac862964412a747cdb29f35388edaee5daea8a409aab34522026dc8218c8f2c88e616a5121f388fe30b0c9b389cbb997900175fbb8621f79a7a8","ssdeep":"384:UQn0S4RE+IV5aZGrWFSMekvo/FIGtrnBeJV:UQn0HRfIVEGrkSMvoNIGtrBoV","tlshash":"de62524d71957a2586bfa0b9e17b0709b337581db84ad26c7188d8dabcb450c322af38","first_seen":"2023-05-01T20:18:57Z","last_seen":"2026-06-02T08:50:27.486356Z","times_seen":23,"resource_available":true,"data":null}},"time_used":2680,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2680,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/nice-select.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/nice-select.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-b6c\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2924,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2822)","md5":"12052115432a42eae66d854e54842a34","sha1":"598788459ae6f290cfcf3e5688fb22e8d8a73ac7","sha256":"f4a70b52786f548df23da7200ca49080976ee84c1a14f96eaa7fe762f188ce2a","sha512":"0b015494e61044b333f2c3a41ce94ee9a1c9b1edc60923b20ed6c571283cf43e489cebc771107dea7f13f4c55f73d6aaac7565b445e07a265a5d985b624ffe00","ssdeep":"","tlshash":"84514018b10522f548ff24d37912b147a075193dc42ac14be9be86b21efec02aab7d4f","first_seen":"2023-03-07T01:28:32Z","last_seen":"2026-06-02T08:50:27.50915Z","times_seen":34,"resource_available":true,"data":null}},"time_used":2679,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2679,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/css/fonts/cx.woff2?t=1653125599687","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:34.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/css/fonts/cx.woff2?t=1653125599687 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/wp-content/themes/begin/css/fonts/fonts.css?ver=2023/05/25\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:34 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 3660\r\nlast-modified: Tue, 02 Jan 2024 12:32:28 GMT\r\netag: \"6594025c-e4c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3660,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 3660, version 1.0","md5":"8b33941e37d6d875a06dad447e64ed93","sha1":"6ddadea0fc892488563a9152260aa01e45be57f0","sha256":"6b668795a56f190be3ffca0eaea200ea43c409cff0a1b9fcab5b98e67c166ef8","sha512":"0659dc24a91c9fe8f774b84bb91bf7b7313882300a0cb59f8fcc3d52a71e72a6652fc0d15d600e35f9b19f7070320801ecfc6cc360f8b92de52ec10900826f11","ssdeep":"","tlshash":"02713b3ed52aa4a4db739738a9f3cfd9285a43f75cdb478c28200d3576b14842825f98","first_seen":"2024-06-22T14:49:49Z","last_seen":"2026-06-02T08:50:27.497715Z","times_seen":15,"resource_available":false,"data":null}},"time_used":1253,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1251,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 28 Aug 2023 17:14:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ecd5f0-15e10\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":89616,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"77c975d66732cc34eff721b1093bd0a2","sha1":"99928ce994ee08def5b39397f2180e277e48dba5","sha256":"902c60a5438c142b32404a842c9a6ac628970f86a0eb01380982d39c94b64313","sha512":"d415915197764750133692ad9d1bf478df02d88c1144ad7fb8758ae45eeff0aad79ef264fe6636db48cc625f392ba5c50e3129aa4e6dbd66f7c6c0d72bd10daf","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKPkd0v:sHNwcv9VBQpLl88SMBQ47GKMdI","tlshash":"1493f8df73cab02247a770b9006f550bf276599d684d4400f259d8e9bc78a4a823bf7d","first_seen":"2026-02-10T13:44:07.705859Z","last_seen":"2026-02-10T14:22:53.681628Z","times_seen":2,"resource_available":true,"data":null}},"time_used":2740,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2740,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 09 Jun 2023 05:49:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6482bd64-3d18\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15640,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"f4d1696aeb07760f0c9784225a36c8d1","sha1":"09c8eed809600f9251f16d0f4b79538c27b9d25f","sha256":"07d4c1e02da7f409f781bf518b347b546356d9af19a3a65bc56c25d0a2e02c1a","sha512":"1ff4dec6c2db029eb160a310041013274e7220e2145ef7715ceaaf7e2b220ce58e8c9b8b5e19e8e9f2724b43014607a78f605bdbdcb80421decc465a0da04e83","ssdeep":"384:5rprxaefKI0LP19m4q1WW+h4MjgkdGo+v:lK60LP3m4qJ+h4MMkdGtv","tlshash":"b262e86d7596b9354bb761b9b02f924f71b7198e160d8940d19cc8f6383cc6e822bf38","first_seen":"2026-02-10T13:44:07.697437Z","last_seen":"2026-02-10T14:22:53.68281Z","times_seen":2,"resource_available":true,"data":null}},"time_used":2739,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2739,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/jquery.lazyload.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/jquery.lazyload.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-2bac\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11180,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4890), with CRLF line terminators","md5":"6d40d658fe2d5293bcbdb363f182c705","sha1":"552f41b4ef3c172023ad7c01d216fb68c0d709e6","sha256":"d69ba2f7584da5ba005d5745bdbee3d9e1247a25e9e8bf1817b8903a8ca92576","sha512":"c14e7ffaa7263d6b6771c22f0e6fd5e4a5183bd336d288e98abb0e889a396eab15bbf6afda9dcd715e9b2e25ca55c0c12915fe90e1b5ad91dcfcfa831b000ebc","ssdeep":"192:lSbYJT1MoDV2GOYNrZiwevQx2xtPqDz8WPRbFbW16sPUZq40hz/b2:t1MMhiNvQx2xtPuzdPRFSg7qx2","tlshash":"de32f99c7592393aa9e325fc853f100aa536f96b40464d74f045e8c27cfcda55233e5e","first_seen":"2025-06-15T22:40:43.023909Z","last_seen":"2026-06-02T08:50:27.508212Z","times_seen":4,"resource_available":true,"data":null}},"time_used":2699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2699,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/uploads/2023/02/2023020806540439.jpg","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/uploads/2023/02/2023020806540439.jpg HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 28167\r\nlast-modified: Wed, 08 Feb 2023 06:54:04 GMT\r\netag: \"63e3470c-6e07\"\r\nexpires: Thu, 12 Mar 2026 14:22:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28167,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=360, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=750], baseline, precision 8, 276x276, components 3","md5":"3c40b1c568be79f963ee817770531665","sha1":"8404f33a658592df3d41380d404738d66ea9fcbf","sha256":"1e2a027b08a6f54bf09119a26c71d7fd16d6aa37d7c5422d1b49812e0e3c878b","sha512":"a25399f31460a05dedffb7b2ef77b089752aa244f66de77522f39fa33186619b7e673dedd3b7a30730eee04f5481b711321a9e9969b426d8ec8c841e81a748d0","ssdeep":"384:oQjZSVwikfTPiPjZSVwikfFnUULr5lszy8cRBJooT0Hd2NsoJSIGl9B:oJIfTPHIfFp5oyZ7JooXNsoJSDl9B","tlshash":"bbc29d349f148c62f9d1147b5aa1c7a2d3214e9497632b43fdac6b0a37b97c2883cb17","first_seen":"2026-02-10T13:44:07.684389Z","last_seen":"2026-02-10T14:22:53.685099Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2698,"receive":2736,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/uploads/2023/03/2023031407183952.png","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/uploads/2023/03/2023031407183952.png HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 337070\r\nlast-modified: Tue, 14 Mar 2023 07:18:38 GMT\r\netag: \"64101fce-524ae\"\r\nexpires: Thu, 12 Mar 2026 14:22:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":337070,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 350, 8-bit/color RGBA, non-interlaced","md5":"a91365e9be377a4b5626bb0f8401c6ef","sha1":"c75f770d2aac91c38bbb666aa002f022d87c2aff","sha256":"6d4b02efc17793c16559fbb1ca05752d50064ee4258eb4b0963b4859177a873b","sha512":"a4b6b9a894fa86379d232925fd6e8a33ec4e9cff7ca61ac574d444d39ed0c967474c001ac7c2e899658ba370736547e580445971f169ed066aa6a1258a2676e8","ssdeep":"6144:KQgdOKx7+cB5kv5kbPRjzwTdRby6Rus9Fhlu2CupflOYayCbC:KQgsKBW54RjEjL91uSdOYaBbC","tlshash":"356422d88423b4156ddae3609bcc48c1b1ada383f236799578ed00476f9d79a5c27f0a","first_seen":"2026-02-10T13:44:07.688421Z","last_seen":"2026-02-10T14:22:53.686812Z","times_seen":2,"resource_available":false,"data":null}},"time_used":7897,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2695,"receive":5202,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chromekz.com/","fqdn":"chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-10T14:22:24.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:26 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://www.chromekz.com/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=jheqotrkciac5i6ljo89ubfi93; path=/\r\nx-redirect-by: WordPress\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62465,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":4628,"timings":{"blocked":1819,"dns":520,"connect":271,"send":0,"wait":990,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/style.css?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/style.css?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: text/css\r\ncontent-length: 363\r\nlast-modified: Tue, 02 Jan 2024 12:32:31 GMT\r\netag: \"6594025f-16b\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":363,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"e08ed930b5bce63a44065a2c527b66bf","sha1":"8ccdc4af51ecef0691b49c8ead8a03ef2ac4e361","sha256":"64284a67fe96e1bcdea1d2397e9a1b71c3e473ee4023ac640627574b5a906e15","sha512":"d0686320dbf7b2427377a636725f57dc13ac13a9da908710a68eb1260255e59df6707db8777e63bf520222c9a91990311cfd88574f78453f7fdcab07f3b5a44f","ssdeep":"","tlshash":"a0e0c0929b4e526031370ad41d7c9207f2741b3934f6d342ece7107c34d675b0721ea0","first_seen":"2026-02-10T13:44:07.68184Z","last_seen":"2026-02-10T14:22:53.687895Z","times_seen":2,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/css/fonts/fonts.css?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/css/fonts/fonts.css?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 02 Jan 2024 12:32:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025c-1872\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6258,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3300), with CRLF line terminators","md5":"018079a8ab40dcd6ecf8e4911f47c395","sha1":"3fb638478d6ddd2456248228edd7bb5a4a8cc9e8","sha256":"177071d8ac0c868f91eb6493dc9c697c5bd3dd7b18fb6c9b64828d1cc3a69569","sha512":"d0018d2d45900a24a1256920d3649e673f1bc889dd9f9fd3e9e29bdf3980844abee51039315da8a7e7a3785e90615555124857425e769f2e4f6d2c4ffe03233e","ssdeep":"192:+UNGxvAJnG6Np33M6od1cOhJxiRssthQZ15S8n/3f:WyvzMndnPf","tlshash":"28d168f4d55e16ea7322dcd3a3a5bb1d3a95f131da040c18f06b399c9bc972401cabad","first_seen":"2023-11-14T03:44:32Z","last_seen":"2026-06-02T08:50:27.511319Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2741,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2741,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/favorite-script.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/favorite-script.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1002\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\netag: \"6594025e-3ea\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1002,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"2bdda0b14a5909aee692d865218ba814","sha1":"e2ff538bf193447217ed1dfd8a2fd8c186febd03","sha256":"cf1e64bcae20cf2fee936c67156c268de4a1a8ef0d026f9cea89ea19bb683ed1","sha512":"596198c311cb169c0c1702af5d84201ef531a9658d5b9997ed25195d62133b5cfd3ffb06dbe2486bf4e48a27c8ec901753f1432801064e9815e44128764c965c","ssdeep":"","tlshash":"3311bd00735ef58e40c733581237a806787dc373c8498169157b38596bd45aa6301c4c","first_seen":"2023-03-13T01:59:02Z","last_seen":"2026-05-12T22:46:14.389932Z","times_seen":20,"resource_available":true,"data":null}},"time_used":3787,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2694,"receive":1093,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-includes/js/clipboard.min.js?ver=2.0.11","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-includes/js/clipboard.min.js?ver=2.0.11 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 04 Oct 2022 15:55:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"633c576c-2b40\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11072,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11037)","md5":"ce2cbdbff7c215d0e6ce9062b471511c","sha1":"1a4e72530ce52dd6e39800f98297a4c39c0827d0","sha256":"39d936419f925ba03cd40187aa35b0d892ac44a1e235d29a55e4d2af42eb4a74","sha512":"ad7796c2167518151f6104270d76a3b5e4a69407969d5b2fa630ede39756bd0367e5652d1a8b8d8d46d9f4b0730486d4c030d20d796eb19aa5a3df2c6d3cad2f","ssdeep":"192:jdHxtMHHwpUJTyHg4LyAalqkp/eo9sfkA37wx856kbHpGo+v:j9npUJTKzGqAGoWB7wx8gkdGo+v","tlshash":"eb329599b2c1b0b14bd770a9412f820ff277a969704a9090d269d8f0bdbcd9e4523f3d","first_seen":"2026-02-10T13:44:07.703544Z","last_seen":"2026-02-10T14:22:53.690436Z","times_seen":2,"resource_available":true,"data":null}},"time_used":2693,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2693,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/ajax-tab.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/ajax-tab.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-5cf\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1487,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1487), with no line terminators","md5":"8b95582ee36c5d783b38fef1843527ed","sha1":"fedba18f622359bde6d1bfb77e3acdb6a4113892","sha256":"45e05b0044a7ec9fadb4796d05ca148ac10fe4f78141a33e3aacd3fbc7ab42d9","sha512":"2b41947a988fd52345e54f49e90aa09f57b779de74e95c46c4536a54db33152ad5297703849fb0ab4bdfd1d53d46ca8f36d0431089f65b044359a5917b222a2b","ssdeep":"","tlshash":"d831d060721589fe13b6782d3d2ff052a822a633fa025649717cb47454f16de83b2777","first_seen":"2024-08-21T03:39:09.971487Z","last_seen":"2026-06-02T08:50:27.505195Z","times_seen":5,"resource_available":true,"data":null}},"time_used":2690,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2690,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/superfish.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/superfish.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-52c3\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21187,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6333), with CRLF line terminators","md5":"7ae52b48517becd3020c5b5aac3b4be8","sha1":"84ee7417964ddfa0546f2d2166e1262075bf0db7","sha256":"dec346a62a2b9ace71463a36b6be2369bb8770044d72bdbd0d68c1a3b41b0bd3","sha512":"0274729d1710e6cc73fcc75f51431b217daeb6d867d0724cceb977a19dc99182c5581fa17f26868ce7f332371719c0e756e7cc95130fad117e5440d2f6b92f72","ssdeep":"384:CJnc87y0u1MjA5BD1xWr+pM9GfNSSWXpphupE07/8sQeGe5Qs:KqqKBD1vM9GY9XpphupHme755","tlshash":"ba92c85db34a31b291fbb219503f5609a23aa929d80340acf979c5d80cf5e2a7137f7d","first_seen":"2025-06-15T22:40:43.036022Z","last_seen":"2026-06-02T08:50:27.482243Z","times_seen":4,"resource_available":true,"data":null}},"time_used":2693,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2693,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-admin/admin-ajax.php","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:35.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"POST /wp-admin/admin-ajax.php HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 37\r\nOrigin: https://www.chromekz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"action=random_action\u0026data=random_data"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:37 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: https://www.chromekz.com\r\naccess-control-allow-credentials: true\r\nx-robots-tag: noindex\r\nx-content-type-options: nosniff\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-frame-options: SAMEORIGIN\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2708,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (529), with CRLF line terminators","md5":"029744aaf020dfc40be48a84d4696266","sha1":"5f25f035495914eaed55d2465b9b3e6337309275","sha256":"be64a0d59026a16eafef33163cc8146f3a65e66b379ab8d92c7de36cfcdf2758","sha512":"38cfe2261458f75a7cc9ccb9040a878608a22769f6090dd6668f7a18b7e31ffc34789a7522c9f39d08a6071470973e68aac16a69655a9738ad0d5fad23ec4d3e","ssdeep":"","tlshash":"e05191b380b7642a5267e6f15160736d76f2057fd98209e333ff23a897c5e62308a815","first_seen":"2026-02-10T14:22:53.6929Z","last_seen":"2026-02-10T14:22:53.6929Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2883,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2883,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/img/default/options/user.jpg","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/img/default/options/user.jpg HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13569\r\nlast-modified: Tue, 02 Jan 2024 12:32:29 GMT\r\netag: \"6594025d-3501\"\r\nexpires: Thu, 12 Mar 2026 14:22:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13569,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 360x100, components 3","md5":"5a237a2788941b9389ebb05e8ca8597e","sha1":"fe1a831bc6115fb05fa87b38f6c980dee2146284","sha256":"923cb01e837f273d9fb1856b8ab1cce2cd9a7f50713bfe5869b7ebe2b7d45502","sha512":"da8fac710a42dbb20fde2c2918de69eac75a05b0f7d078cfd829ec0db8d9a0682e9340eb94214dc0c24802173a7e86dce4cdb6f8374d17269e735bc220975681","ssdeep":"384:Peuwt4xLLJodBbDqKp70JdUtVhvtDj5KuC2:WdQLJIvqKp7/VhV1c2","tlshash":"f652d06b51561d08ae1e3eb89d322245983f7ce5b8727c4840fa074f9fe17a59b860c9","first_seen":"2024-06-22T14:49:48Z","last_seen":"2026-06-02T08:50:27.49426Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2697,"receive":2737,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/begin-script.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/begin-script.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-a6f3\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42739,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5192), with CRLF line terminators","md5":"ef126ab817cc362c2080d6ac08404a83","sha1":"5e94305e0ed72fb43b72eab823f81bc07198cd7b","sha256":"0b9957b50756d08ce4b9e739e9f79770aa05473c79f46c9b7e0af8d3ae8dcc24","sha512":"1d984e909ed204b1b0e45eb8d31039df922f6f645a892510c7d175bc47215597e4fcd05dfef1bd39211fe4ef79ced6667bf9c4c51b37a1bd1ad43c90515407ca","ssdeep":"768:mZiEuxRwdl96UGcnwKWkcSTR26R2Q4aO+MxjmsFzZzDR1dU5ujfHnNsziWPJiV:mZlLVnnwKWkNV2q2yqdfR1dU5uDHNsz6","tlshash":"2113731df180b5b742fb62aa706f620671323ca7d605c499f56884f54eb8f8d6433b2e","first_seen":"2026-02-10T13:44:07.706786Z","last_seen":"2026-02-10T14:22:53.695026Z","times_seen":2,"resource_available":true,"data":null}},"time_used":2690,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2690,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gravatar.loli.net/avatar/21eb5bcb876240636c47ac649f55fd43?s=96\u0026d=mm\u0026r=g%27%20srcset=%27https://gravatar.loli.net/avatar/21eb5bcb876240636c47ac649f55fd43?s=192\u0026d=mm\u0026r=g%202x","fqdn":"gravatar.loli.net","domain":"loli.net","tld":"net"},"ip":{"addr":"172.67.69.40","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:35.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gravatar.loli.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 14 Jan 2026 23:04:10 GMT","end":"Wed, 15 Apr 2026 00:04:09 GMT"},"fingerprint":{"sha1":"C3:79:02:36:8F:2D:89:99:7C:DF:55:CC:B2:70:DD:04:98:F5:00:36","sha256":"B5:7C:4C:16:BA:36:5F:AF:0F:D5:4E:66:4E:52:4E:B2:B6:89:18:35:98:F8:E6:87:A8:9D:3A:F0:D2:F0:C5:16"}}},"request":{"raw":"GET /avatar/21eb5bcb876240636c47ac649f55fd43?s=96\u0026d=mm\u0026r=g%27%20srcset=%27https://gravatar.loli.net/avatar/21eb5bcb876240636c47ac649f55fd43?s=192\u0026d=mm\u0026r=g%202x HTTP/1.1\r\nHost: gravatar.loli.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 10 Feb 2026 14:22:35 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: http://i1.wp.com/mm%202x\r\nlast-modified: Wed, 11 Jan 1984 08:00:00 GMT\r\nlink: \u003chttps://gravatar.com/avatar/21eb5bcb876240636c47ac649f55fd43?s=96\u0026d=mm+2x\u003e; rel=\"canonical\"\r\nx-redirect-by: Gravatar\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-nc: MISS nrt 3\r\nserver-timing: a8c-cdn, dc;desc=nrt, cache;desc=MISS;dur=137.0\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nage: 451312\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=364r%2B6scyIe33cl2k5bhT%2FTWKBdrTvXoibX87MVFVFgxVeqbC%2BlWihDlZGCfeMZsVMHggbYzWEtol%2Bei8B%2BHoS50UkeanweGaosg3qGhnsc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cbc426e5da94e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":60,"dns":40,"connect":1,"send":0,"wait":13,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/uploads/2023/02/2023020806540439.jpg","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:35.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/uploads/2023/02/2023020806540439.jpg HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 28167\r\nlast-modified: Wed, 08 Feb 2023 06:54:04 GMT\r\netag: \"63e3470c-6e07\"\r\nexpires: Thu, 12 Mar 2026 14:22:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28167,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=360, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=750], baseline, precision 8, 276x276, components 3","md5":"3c40b1c568be79f963ee817770531665","sha1":"8404f33a658592df3d41380d404738d66ea9fcbf","sha256":"1e2a027b08a6f54bf09119a26c71d7fd16d6aa37d7c5422d1b49812e0e3c878b","sha512":"a25399f31460a05dedffb7b2ef77b089752aa244f66de77522f39fa33186619b7e673dedd3b7a30730eee04f5481b711321a9e9969b426d8ec8c841e81a748d0","ssdeep":"384:oQjZSVwikfTPiPjZSVwikfFnUULr5lszy8cRBJooT0Hd2NsoJSIGl9B:oJIfTPHIfFp5oyZ7JooXNsoJSDl9B","tlshash":"bbc29d349f148c62f9d1147b5aa1c7a2d3214e9497632b43fdac6b0a37b97c2883cb17","first_seen":"2026-02-10T13:44:07.684389Z","last_seen":"2026-02-10T14:22:53.685099Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1777,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1643,"receive":134,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/uploads/2024/06/2024060903542210.png","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/uploads/2024/06/2024060903542210.png HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um; Hm_lvt_2a5fae2db31888ea71e8757a3d6314b8=1770733361; Hm_lpvt_2a5fae2db31888ea71e8757a3d6314b8=1770733361; HMACCOUNT=D5E76C8F8C31137F\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 123376\r\nlast-modified: Sun, 09 Jun 2024 03:54:22 GMT\r\netag: \"6665276e-1e1f0\"\r\nexpires: Thu, 12 Mar 2026 14:22:42 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":123376,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 554 x 864, 8-bit/color RGBA, non-interlaced","md5":"b4ffa4bcd0f747c7305eaeb73f598ef7","sha1":"855c52780cefe20209da08cc49dd22cb15638add","sha256":"702d6dda9e1c905d19e2fc7988e864b96ec0927a223a00e0b058461a800eb477","sha512":"57ac7ae58bd0a38ce230a4d87555843d3c25a1bd57d6979cdea085b8870386453ce4fbe4c92598a691bd2c9ccd6ea49b84da4b8c2008d966a164b94d3021e568","ssdeep":"3072:hzM4DyUi+2vGq6XvEKxd7Xe+rLZzc8J0K8CvblOCGr:q4DyUi+2B4xprlw8J08oCC","tlshash":"b3c30231bb3074f68c3cbf005d9a800f3eb0265d929599be6572025b5bd8a5f0db3a67","first_seen":"2026-02-10T13:44:07.696556Z","last_seen":"2026-02-10T14:22:53.696002Z","times_seen":2,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chrome68.com/wp-content/uploads/2024/06/2024060209440483.png","fqdn":"www.chrome68.com","domain":"chrome68.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.923Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2024/06/2024060209440483.png HTTP/1.1\r\nHost: www.chrome68.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chrome68.com/wp-content/uploads/2024/06/2024060203441145.jpeg","fqdn":"www.chrome68.com","domain":"chrome68.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.929Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2024/06/2024060203441145.jpeg HTTP/1.1\r\nHost: www.chrome68.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chrome68.com/wp-content/uploads/2024/05/2024052810080596.jpeg","fqdn":"www.chrome68.com","domain":"chrome68.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.949Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2024/05/2024052810080596.jpeg HTTP/1.1\r\nHost: www.chrome68.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/3dtag.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/3dtag.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-b7f\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2943,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2940), with no line terminators","md5":"8497ce49b052225f989a861795e253a9","sha1":"7498b3150f7e1e9eabaef6a42eddacc8440e8c6b","sha256":"4f1cafafbbe7f88908c2e03ca76cdbae4ec293a6fa9c71dba676d7c45c8fc4e2","sha512":"c7faab1f56269012bb3643e5e8b9ca772d3001e5a2d6b1a516de219ee3b3909869ab743b1bcc45531d5081220680009a925c2562b425d24265b6e2be292cbf2f","ssdeep":"","tlshash":"1b51ff0eb717506a9ce6d369d4ce664f212070779c83e7e62c2581a0ff656f910ff928","first_seen":"2025-10-13T04:55:58.311206Z","last_seen":"2026-02-10T14:22:53.696964Z","times_seen":3,"resource_available":true,"data":null}},"time_used":2678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2678,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/themes/begin/js/fancybox.js?ver=2023/05/25","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:30.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/themes/begin/js/fancybox.js?ver=2023/05/25 HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Jan 2024 12:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6594025e-e997\"\r\nexpires: Wed, 11 Feb 2026 02:22:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59799,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5669), with CRLF line terminators","md5":"5875bcd3efa83fdb3ead060e6a6ad3de","sha1":"efedaea13450dbb438a815f77b33001562af4c78","sha256":"82db74393d079391cdd9633de11c296b8885b78094f2be8d87305ec959219df5","sha512":"1ca3c9cb32dc701bc63ee747f658a5924daffb71da5dbef26b25de79722d7722900ffbcaf11f31e532e7150d5ce1ee88d3fa07c63a51b2ae46ef76742257ee81","ssdeep":"1536:Ebz/GevmZzMMTZYu+gfsI30NcNyYMJA65IqRGcTJ7jBTA:a/GevmZzMMTZYu+gkI30+NyYMfWqRGcI","tlshash":"8543f89eb710703186bb15a4a30f520ed5377516f20285f278add4951ae4fc822ebffa","first_seen":"2023-03-13T01:59:02Z","last_seen":"2026-06-02T08:50:27.471211Z","times_seen":23,"resource_available":true,"data":null}},"time_used":2679,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2679,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chromekz.com/wp-content/uploads/2023/02/2023020806540439.jpg","fqdn":"www.chromekz.com","domain":"chromekz.com","tld":"com"},"ip":{"addr":"120.79.71.44","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:35.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chromekz.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 28 Jan 2026 15:12:42 GMT","end":"Tue, 28 Apr 2026 15:12:41 GMT"},"fingerprint":{"sha1":"71:68:B4:5C:3E:83:22:9B:BC:EC:38:DF:12:A5:FD:A0:E2:5F:36:E3","sha256":"DF:80:79:B9:C6:7F:D7:9C:01:77:24:9C:9B:F9:0F:8E:35:2F:9C:9D:A5:60:D2:95:3F:B1:0D:EE:21:23:8E:D6"}}},"request":{"raw":"GET /wp-content/uploads/2023/02/2023020806540439.jpg HTTP/1.1\r\nHost: www.chromekz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nCookie: PHPSESSID=ar8n7gl9u5pa4dvtlgdqdgr3um\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 10 Feb 2026 14:22:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 28167\r\nlast-modified: Wed, 08 Feb 2023 06:54:04 GMT\r\netag: \"63e3470c-6e07\"\r\nexpires: Thu, 12 Mar 2026 14:22:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28167,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=360, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=750], baseline, precision 8, 276x276, components 3","md5":"3c40b1c568be79f963ee817770531665","sha1":"8404f33a658592df3d41380d404738d66ea9fcbf","sha256":"1e2a027b08a6f54bf09119a26c71d7fd16d6aa37d7c5422d1b49812e0e3c878b","sha512":"a25399f31460a05dedffb7b2ef77b089752aa244f66de77522f39fa33186619b7e673dedd3b7a30730eee04f5481b711321a9e9969b426d8ec8c841e81a748d0","ssdeep":"384:oQjZSVwikfTPiPjZSVwikfFnUULr5lszy8cRBJooT0Hd2NsoJSIGl9B:oJIfTPHIfFp5oyZ7JooXNsoJSDl9B","tlshash":"bbc29d349f148c62f9d1147b5aa1c7a2d3214e9497632b43fdac6b0a37b97c2883cb17","first_seen":"2026-02-10T13:44:07.684389Z","last_seen":"2026-02-10T14:22:53.685099Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1778,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1645,"receive":133,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-10","alert":"Sinkholed","trigger":"www.chromekz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.chrome68.com/wp-content/uploads/2024/06/2024060209492948.jpeg","fqdn":"www.chrome68.com","domain":"chrome68.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.chromekz.com/","date":"2026-02-10T14:22:41.911Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/uploads/2024/06/2024060209492948.jpeg HTTP/1.1\r\nHost: www.chrome68.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.chromekz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T01:09:46.71643Z","times_seen":16198612,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}