{"report_id":"faf3eb56-cb17-44f8-a6d3-5cbb5fdbf933","version":0,"status":"done","tags":[],"date":"2026-06-20T12:38:04Z","url":{"schema":"http","addr":"ztedjdd.com/wap.html","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":0,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"ztedjdd.com/wap.html","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"title":"57365z线路检测中心(中国)有限公司","dom":{"size":283,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"db9251fec9303a7e263965f401b1592e","sha1":"2bdf9170c484cf4763573f06e193b34d65c9edbd","sha256":"0fb5d1896142aaf306d86682dc7944a699fd2c374c910980de94c4277dc632a8","sha512":"11bbb714e7127c88ecfca421e513fe82fede58b2467e0c765b37795a4fd5b53d75bc8920dd6ab6b82c97c715a8d815f6bc7364f8374bdad1061edc40ecd26b5c","ssdeep":"","tlshash":"9ad02b8b6c05c81e56001ec898e3fc6c90e8f53ab520dc4dc5f530ec59917e949019d0","dom_hash":"domhash93825f6f8d6ace7c94109c2853ed4159","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ztedjdd.com/wap.html","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":0,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-25T12:38:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"www.ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"www.ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ztedjdd.com","ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":38,"request_count":19,"received_data":239359,"sent_data":7951,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}]},{"fqdn":"www.xhxhbkj.com","ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2023-03-08T10:17:18Z","last_seen":"2023-03-08T10:17:18Z","alert_count":0,"request_count":10,"received_data":912316,"sent_data":4426,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fcl.xueyuxingfeng.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2021-06-17","domain_rank":0,"first_seen":"2021-06-17T13:30:21Z","last_seen":"2026-06-19T23:21:21.706303Z","alert_count":2,"request_count":1,"received_data":0,"sent_data":467,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.ztedjdd.com","ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":1,"received_data":1039,"sent_data":350,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"ztedjdd.com/jquery.min.js","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"860a90b0212d8615304d18bf31252cc2","sha1":"a3a97c292481b400ec6416363a965dfbd304d895","sha256":"4fb0a7c042e5c2631d36a50d1770e98156729e6a6214aa797ae1fb6c1d31d6d8","sha512":"d14ba6137c010701f8b40aeb61d6494d935f7d776ef1a006f6833e66d76e9e6f9bc29e6bd96163bd6146c87364b0e4161f2d3bda951634d548f428a6646ca047","ssdeep":"","tlshash":"a501fbe887c4d85b7edc5d43ea14eeca21b2813ba7d971838328fa8c05a9552c59c449","size":726,"data":"","first_seen":"2023-03-13T03:06:36Z","last_seen":"2026-06-20T16:18:53.09829Z","times_seen":291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"ztedjdd.com/Public/bnimg/5fd97a7fb5c7b.jpg","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.753Z","timestamp":1781959062753,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/bnimg/5fd97a7fb5c7b.jpg HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.xhxhbkj.com/Public/bnimg/5fd97a7fb5c7b.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":888,"timings":{"blocked":725,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xhxhbkj.com/Public/uploads/20201218/5fdc5058b415f.jpg","fqdn":"www.xhxhbkj.com","domain":"xhxhbkj.com","tld":"com"},"ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.500Z","timestamp":1781959063500,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20201218/5fdc5058b415f.jpg HTTP/1.1\r\nHost: www.xhxhbkj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:38 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 18 Dec 2020 06:46:48 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5fdc5058-6055\"\r\nExpires: Mon, 20 Jul 2026 12:37:38 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24661,"size_decoded":24723,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x225, components 3","md5":"d9893ff24816aec3f0cfca8ea25598c3","sha1":"674cb9b8b166959d9805f3c1697cf46cdf7e9e27","sha256":"510ceb3d5f357e001bf03700ff509d04c62fb84fc425e5c984165115b3362f42","sha512":"447dab197562e5c6d065cabc4024f2b49b21e5e7c1e59b8c2652bb0eb5fad98d8c213929b7280e76cef184d997635f62f95898ef6561ebe18b318b0db61fed9f","ssdeep":"384:kRpv3t3SUmAvbAN6p+j5H7+W3KKET6DWq+whc/m/hueNm+iN6dA:a5ZS0TAb5H7+xKE1PW/hueriNUA","tlshash":"59b2e14eee001f84ded8a7fa91f8d5bb86f344d193889819a5f8182658cbbf414f4a47","first_seen":"2026-06-20T12:38:13.977797Z","last_seen":"2026-06-20T13:16:59.856189Z","times_seen":2,"resource_available":false,"data":null}},"time_used":17987,"timings":{"blocked":-1,"dns":537,"connect":298,"send":0,"wait":2330,"receive":14822,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/jquery.min.js","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.725Z","timestamp":1781959062725,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.min.js HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:42 GMT\r\nContent-Type: text/html\r\nContent-Length: 178\r\nConnection: keep-alive\r\nLocation: http://www.ztedjdd.com/jquery.min.js\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/uploads/20201218/5fdc50e21794c.jpg","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.756Z","timestamp":1781959062756,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20201218/5fdc50e21794c.jpg HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.xhxhbkj.com/Public/uploads/20201218/5fdc50e21794c.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":727,"timings":{"blocked":557,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xhxhbkj.com/Public/uploads/20210831/612dd44042873.jpg","fqdn":"www.xhxhbkj.com","domain":"xhxhbkj.com","tld":"com"},"ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.502Z","timestamp":1781959063502,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20210831/612dd44042873.jpg HTTP/1.1\r\nHost: www.xhxhbkj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:53 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Tue, 31 Aug 2021 07:03:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"612dd440-18c61\"\r\nExpires: Mon, 20 Jul 2026 12:37:53 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":101473,"size_decoded":101392,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=Adobe Photoshop CC Windows, datetime=2021-08-31T14:56:24+08:00], baseline, precision 8, 720x540, components 3","md5":"ad82bb14d27bf3a8f12c99f2de148da7","sha1":"7151a92ef346956dae055c91e0109d5748ba77a3","sha256":"064d4f2ed4e07acc427c18ee8e90ec25e9d7895515e12918b8cbb7b0c92bcdb2","sha512":"8ddac23be5da7773ea7846c8f6fe3037c3a9093be1f3df7b9d7ec038cdc76cf25c64b765f88780aa375db14e4f4052f4fff1712756f78574ad547b3f720d84f6","ssdeep":"3072:8Fa3kzEtCxtiTRISYgM8bkT7y2Kfi6cqKCZrZgeJ:sa3kzEt+4qSG8b+RyEVG+eJ","tlshash":"50a312088ba01f01cf8634a6a13d5b9d311424f167a5ad7cc9f4b866eaf60d15eb7f1c","first_seen":"2026-06-20T12:38:13.979092Z","last_seen":"2026-06-20T13:16:59.86182Z","times_seen":2,"resource_available":false,"data":null}},"time_used":18557,"timings":{"blocked":-1,"dns":535,"connect":15568,"send":0,"wait":13741,"receive":909,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xhxhbkj.com/Public/bnimg/5fd97a8681e18.jpg","fqdn":"www.xhxhbkj.com","domain":"xhxhbkj.com","tld":"com"},"ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.665Z","timestamp":1781959063665,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/bnimg/5fd97a8681e18.jpg HTTP/1.1\r\nHost: www.xhxhbkj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:53 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 16 Dec 2020 06:48:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5fd9add4-782e6\"\r\nExpires: Mon, 20 Jul 2026 12:37:53 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ztedjdd.com/wap.html","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-20T12:37:41.933Z","timestamp":1781959061933,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wap.html HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/wap.html","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-20T12:37:42.107Z","timestamp":1781959062107,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /wap.html HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:42 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":12335,"size_decoded":4444,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (553)","md5":"7f1bc94b8d47d3e9c58d4df02152269b","sha1":"245174e28f3a57a90a9d285539bdf65a531fdab3","sha256":"87ef6dd3e1b68306c94ddb76ea9cd617799b47c2548f1012da9b72ad620fa8b8","sha512":"e20b2b1bce796ce133c06dbff431a0612ae6bf66f9f465d3396084a15c44f4993388426026267305b83048b84aa8af8b1df15f44372d4d79245d1ab3aabe2ce7","ssdeep":"192:JIGDpCFf+u42IIlsxpgY3NtNKBRvuWI2ekazc2KJd:a9sbgY0BSkKb+d","tlshash":"1142b70592e95f2b092e13d82ccd732ab0cbab25d6035942b2fe97d90fc5fe44a43557","first_seen":"2026-06-20T12:38:13.980669Z","last_seen":"2026-06-20T13:16:59.832924Z","times_seen":2,"resource_available":true,"data":null}},"time_used":448,"timings":{"blocked":-1,"dns":3,"connect":143,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fcl.xueyuxingfeng.com:6987/3366/ahui/sj.js","fqdn":"fcl.xueyuxingfeng.com","domain":"xueyuxingfeng.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.467Z","timestamp":1781959063467,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /3366/ahui/sj.js HTTP/1.1\r\nHost: fcl.xueyuxingfeng.com:6987\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xhxhbkj.com/Public/uploads/20201218/5fdc50e21794c.jpg","fqdn":"www.xhxhbkj.com","domain":"xhxhbkj.com","tld":"com"},"ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.507Z","timestamp":1781959063507,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20201218/5fdc50e21794c.jpg HTTP/1.1\r\nHost: www.xhxhbkj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:52 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 18 Dec 2020 06:49:06 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5fdc50e2-16eab\"\r\nExpires: Mon, 20 Jul 2026 12:37:52 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93867,"size_decoded":93755,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 720x540, components 3","md5":"6df64c153b1cbb2918a99f9738edcf90","sha1":"f0b064f9037a0205b912c69921a3f972d0852f18","sha256":"c3e651ac38423a0fdf59f4e5759595ddbc12dc9e8d95c65e7546cf622446643c","sha512":"10a465e28825c09697736d4651e333907cd1114700b9e59b7acc1ea64c51eb31b7f17b292688a1622f862983ed33192f6ef031336d6b56d6463ac42a7b3bf9be","ssdeep":"1536:c6M7X27jEv2x4dQ3eNFATv2Z8YtBbn5d/dkoyWvsTYp5h4t3qRJCRt5phVYr7RBk:c6ML202xAEA8Y3r12Yp5A3EJSRhVEBIr","tlshash":"b19312077696939630809f34a4e120076da1570af3de06ddabb3548f9e6b33f5e1708e","first_seen":"2026-06-20T12:38:13.982059Z","last_seen":"2026-06-20T13:16:59.848299Z","times_seen":2,"resource_available":false,"data":null}},"time_used":18166,"timings":{"blocked":0,"dns":531,"connect":1303,"send":0,"wait":14536,"receive":1796,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xhxhbkj.com/Public/uploads/20210831/612dd4bfc2d59.jpg","fqdn":"www.xhxhbkj.com","domain":"xhxhbkj.com","tld":"com"},"ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.660Z","timestamp":1781959063660,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20210831/612dd4bfc2d59.jpg HTTP/1.1\r\nHost: www.xhxhbkj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:53 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Tue, 31 Aug 2021 07:05:34 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"612dd4be-1ae82\"\r\nExpires: Mon, 20 Jul 2026 12:37:53 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110210,"size_decoded":109376,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=www.meitu.com, datetime=2021-08-31T14:46:03+08:00], baseline, precision 8, 500x375, components 3","md5":"6200414caa4d6dab6b55d385c5150986","sha1":"b8aadd68cd18cfcd6673536c746ffa799ac85a0a","sha256":"5466fcb310069554b546d9d35a4c5be300bb8a4ef1c37130b1e83c72eaa593ca","sha512":"4ef228f27c1ae2710937133ec1318504ab203980e4b4aa41f978b120a7a8136b7cf35cfe1a23328200db90ba97e4bee578fbb1e2e12313400acb4c53666c663b","ssdeep":"3072:mPqCQUGI8w5VIlg6eh9+3QIYD+hxEtJHiQB2JoJ1LNByN1m33:mPq33I8C8glKQIxKkJoJpMmH","tlshash":"13b302b46ac10bb3a49c0717cae341fd97649dc6bf73c80b789aec1496d1c1b50968eb","first_seen":"2026-06-20T12:38:13.983261Z","last_seen":"2026-06-20T13:16:59.865961Z","times_seen":2,"resource_available":false,"data":null}},"time_used":18153,"timings":{"blocked":16808,"dns":0,"connect":0,"send":0,"wait":302,"receive":1043,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/wap/css/css.css","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.727Z","timestamp":1781959062727,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/wap/css/css.css HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:42 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10899,"size_decoded":3476,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"0581128fea78afd8977c8401d4d2a298","sha1":"a1b6a73f781ef97f58a783645c2f4d7a6c39dcb7","sha256":"5b74401beddac1333cd33c64d91300ad9f06cff06dd48fb23c83b996b42a8709","sha512":"a1fa10b29e10dcc2acddf166706e8f9ff34912badf78961c0ce286f65865e464f08d20fe391cb8d3f17f8832ec68643833df90092030a363d1a4ac71497aa750","ssdeep":"192:bnYq1cC2IDe2OlVxBdXIX4H4yf96SRLNhiMEYFG/6xMY2OlfD:11cC2KO/nlHXiqgOx","tlshash":"d3221325e360315df437a2b7ba11abed3365d117a30b16b8e9d13424d08f4aa16327da","first_seen":"2026-06-20T12:38:13.984345Z","last_seen":"2026-06-20T13:16:59.852779Z","times_seen":2,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":142,"send":0,"wait":161,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/wap/css/font-awesome.min.css","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.740Z","timestamp":1781959062740,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/wap/css/font-awesome.min.css HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:42 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31000,"size_decoded":8041,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-06-20T16:31:05.897395Z","times_seen":288323,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":142,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/wap/css/animate.css","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.741Z","timestamp":1781959062741,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/wap/css/animate.css HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:42 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":74739,"size_decoded":6084,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"fcf7bc5abd63f01600961ba62d7cadf6","sha1":"9b91227fadb4d0d95ad2579f8bedacc7c822ff76","sha256":"77ea2d9b0f657fd1f3d34682b7889a117a5b8dadb92a42f5a0f92ae674d590cc","sha512":"f9fe5fbdcc7c147b738a6c3d62cd02feebbb3390dfe0f0f4bd53b8c7d9c621d522353c470acadc40c5e89ba2d1b91154761735c6ea03febf9d1224521f79edfd","ssdeep":"384:hKNuKuDLJunuFl3lqGHG0uJuDqDxbe3NxdV2PVrib:QNuKuRunubuJul","tlshash":"e2731f6d2991108456738a1d83df5e68573ce573182aacef73c2488bcf8bfa867c9147","first_seen":"2026-01-02T09:06:40.744337Z","last_seen":"2026-06-20T13:16:59.860806Z","times_seen":4,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":143,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/bnimg/5fd99741421fa.jpg","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.765Z","timestamp":1781959062765,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/bnimg/5fd99741421fa.jpg HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.xhxhbkj.com/Public/bnimg/5fd99741421fa.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":726,"timings":{"blocked":556,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/uploads/20201218/5fdc53962f4cf.jpg","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.758Z","timestamp":1781959062758,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20201218/5fdc53962f4cf.jpg HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.xhxhbkj.com/Public/uploads/20201218/5fdc53962f4cf.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":718,"timings":{"blocked":556,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/uploads/20201218/5fdc5058b415f.jpg","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.759Z","timestamp":1781959062759,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20201218/5fdc5058b415f.jpg HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.xhxhbkj.com/Public/uploads/20201218/5fdc5058b415f.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":724,"timings":{"blocked":557,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xhxhbkj.com/Public/bnimg/5fd97a78c922c.jpg","fqdn":"www.xhxhbkj.com","domain":"xhxhbkj.com","tld":"com"},"ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.486Z","timestamp":1781959063486,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/bnimg/5fd97a78c922c.jpg HTTP/1.1\r\nHost: www.xhxhbkj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:52 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 16 Dec 2020 06:48:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5fd9add4-2f5d\"\r\nExpires: Mon, 20 Jul 2026 12:37:52 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12125,"size_decoded":11635,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 480x120, components 3","md5":"45ab220ae87d4e09721bd2f368a2a6a2","sha1":"1962506c216429d39cec038247e521d27aa00391","sha256":"867da049ab356eb0fd2ad6e952ec286b3a099ed7ce3cbdecc8cacfc7df27ace3","sha512":"65686754fba630aaf31f52e9d3a395c882acd77504158ad3cb259e4e48de594715ef13bd12a1a8b8ff08d4cd439ce8cb82f77d9808d5d3dd6a19fcfaf60c5719","ssdeep":"192:bCq0Pr87VsQuaW92l+tjcEAg75MFutaUptZ/811NvRuwwwLwys1TMsswhoGoBLJ7:coh3uaW92lIjcEAg75UutaU1011LxZc0","tlshash":"77428c0aa4490771f7d8dda23bf3ea6b465f45052bb1cd9624b78ad3e620dfec5050c8","first_seen":"2026-06-20T12:38:13.987332Z","last_seen":"2026-06-20T13:16:59.875959Z","times_seen":2,"resource_available":false,"data":null}},"time_used":16982,"timings":{"blocked":-1,"dns":551,"connect":1295,"send":0,"wait":15022,"receive":860,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xhxhbkj.com/Public/uploads/20201218/5fdc53962f4cf.jpg","fqdn":"www.xhxhbkj.com","domain":"xhxhbkj.com","tld":"com"},"ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.491Z","timestamp":1781959063491,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20201218/5fdc53962f4cf.jpg HTTP/1.1\r\nHost: www.xhxhbkj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:39 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Fri, 18 Dec 2020 07:00:38 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5fdc5396-cdff\"\r\nExpires: Mon, 20 Jul 2026 12:37:39 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52735,"size_decoded":52757,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x450, components 3","md5":"0fcf74815aaa22cfd4479d6644a03dd6","sha1":"12f9d71a00d3a1080a50d9e0522f2b36ab322fd3","sha256":"b36b007b711cbc33988cdb9a4b39d35c835c1edec683f7fab6709ca7adff92c1","sha512":"f515314d62e8e5f167e15d8b666e13bc37b5f1ec3d31014ced3939337d6630359a16077ad9402c342fa083db223f06258d1a244b31467aecdfc84924a0e592a4","ssdeep":"768:+L1LJBj6JTQYmLsv8X5HpTpJ5yZq3KtnQQXCRVOBUGyRAKox9tvzz/XQ4WZxeqe/:O1LEjv8ljvyZNBQQSLONnzz/XQp8Pwdg","tlshash":"ee330248ba7f8bcfc52589748e35de5ef1aeb96368c1cb9e28977079ae90900715340c","first_seen":"2026-06-20T12:38:13.988291Z","last_seen":"2026-06-20T13:16:59.887776Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3917,"timings":{"blocked":0,"dns":546,"connect":1308,"send":0,"wait":1386,"receive":677,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/uploads/20210831/612dd44042873.jpg","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.764Z","timestamp":1781959062764,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20210831/612dd44042873.jpg HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.xhxhbkj.com/Public/uploads/20210831/612dd44042873.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":724,"timings":{"blocked":556,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.ztedjdd.com/jquery.min.js","fqdn":"www.ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.875Z","timestamp":1781959062875,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.min.js HTTP/1.1\r\nHost: www.ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 726\r\nLast-Modified: Fri, 27 Jun 2025 12:59:09 GMT\r\nConnection: keep-alive\r\nETag: \"685e959d-2d6\"\r\nExpires: Sat, 20 Jun 2026 13:37:43 GMT\r\nCache-Control: max-age=3600\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":726,"size_decoded":1039,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (725)","md5":"860a90b0212d8615304d18bf31252cc2","sha1":"a3a97c292481b400ec6416363a965dfbd304d895","sha256":"4fb0a7c042e5c2631d36a50d1770e98156729e6a6214aa797ae1fb6c1d31d6d8","sha512":"d14ba6137c010701f8b40aeb61d6494d935f7d776ef1a006f6833e66d76e9e6f9bc29e6bd96163bd6146c87364b0e4161f2d3bda951634d548f428a6646ca047","ssdeep":"","tlshash":"a501fbe887c4d85b7edc5d43ea14eeca21b2813ba7d971838328fa8c05a9552c59c449","first_seen":"2023-03-13T03:06:36Z","last_seen":"2026-06-20T16:18:53.09829Z","times_seen":291,"resource_available":true,"data":null}},"time_used":290,"timings":{"blocked":0,"dns":5,"connect":142,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"www.ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"www.ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xhxhbkj.com/Public/uploads/20210831/612dd4a64c93a.jpg","fqdn":"www.xhxhbkj.com","domain":"xhxhbkj.com","tld":"com"},"ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.649Z","timestamp":1781959063649,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20210831/612dd4a64c93a.jpg HTTP/1.1\r\nHost: www.xhxhbkj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:52 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Tue, 31 Aug 2021 07:05:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"612dd4a4-14ad4\"\r\nExpires: Mon, 20 Jul 2026 12:37:52 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84692,"size_decoded":83834,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2021-08-31T14:49:37+08:00], baseline, precision 8, 400x300, components 3","md5":"e9ea20f6528aaaefd85761f4d9095c04","sha1":"061c05ec17750a834994679b76e18bde4de2abd8","sha256":"79e13d9d09fa175c6be344a527d0b05c077989779f33f87275779e2c57e4a39f","sha512":"a894b0d6a6f74ef009f5d370aea934d67588675e46d0a36091c0716d0b0f2b355375a7d6b130fe47f07baed6214e5c08fc7cd58f596bdf779bdc3b6fdd20c9dc","ssdeep":"1536:gL4ETEZNBZcn447rcCCtuMYynPE1GEtUzVL4Gf2ZeVNbqZ:80NvuAt3bnPQGEyVFVNuZ","tlshash":"1d8312cf51e70951ca25fe3953c9c7a10f51db04b7623c54fcda56caa823099cae62a3","first_seen":"2026-06-20T12:38:13.990501Z","last_seen":"2026-06-20T13:16:59.85068Z","times_seen":2,"resource_available":false,"data":null}},"time_used":17143,"timings":{"blocked":15956,"dns":0,"connect":0,"send":0,"wait":284,"receive":903,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xhxhbkj.com/Public/bnimg/5fd97a7fb5c7b.jpg","fqdn":"www.xhxhbkj.com","domain":"xhxhbkj.com","tld":"com"},"ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.668Z","timestamp":1781959063668,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/bnimg/5fd97a7fb5c7b.jpg HTTP/1.1\r\nHost: www.xhxhbkj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:53 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 16 Dec 2020 06:48:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5fd9add4-4501b\"\r\nExpires: Mon, 20 Jul 2026 12:37:53 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":282651,"size_decoded":281520,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x600, components 3","md5":"f9ae379bece7c67d9bdfab1cbd1b2a50","sha1":"c53b4420725dca4933d00660af619664260bfe2c","sha256":"09dad12933985b38947c636ed2a796a1a112ea7cf3feb58f0e9533b0488d869f","sha512":"ae73c5469dd89d2a948440ae05bc6ab307061477973c13048149238782b0c99bd12f6968892af4d4bea6f14c948c48cf189e940c5b402e50d5a9dc137e8281ce","ssdeep":"6144:Wjnap4jZgu93Vfegi7bUEU9xzy/Ae1+HLqWkgc4Hw:WbJCuxde/fUn957+t","tlshash":"9854234798785f935ddd4494be30a83f32c652e620c388139d774a98bae24ff6105eaf","first_seen":"2026-06-20T12:38:13.99286Z","last_seen":"2026-06-20T13:16:59.858735Z","times_seen":2,"resource_available":false,"data":null}},"time_used":18721,"timings":{"blocked":17173,"dns":0,"connect":0,"send":0,"wait":288,"receive":1260,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/wap/js/jquery-1.10.2.min.js","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.729Z","timestamp":1781959062729,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/wap/js/jquery-1.10.2.min.js HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:42 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":94136,"size_decoded":37701,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32072)","md5":"6f6ff34583778b88707c93674cac5b3b","sha1":"f92588d19de8913bec1eb1922129d698cc4376f8","sha256":"445bfd07fa72c8d622e6436165ce6120f9d8bf3a5c15f22498bc3716b9187b45","sha512":"86b7625d362d1145abf7431cfa0a7ee763eca0f20bf48f4d9914688acb4e960dc425d07a5a69c5b5c9e3e5423f4c49002efa21f6db918a9d50a8ece56b590825","ssdeep":"1536:g4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qAnZnuUsFv:gGsKXlI2p0WPSbtLstfam","tlshash":"909308ddb2d1b06257ab30bd006f540ff236195e280d8850f129e8eabc75a4d9277fad","first_seen":"2026-06-20T12:38:13.995719Z","last_seen":"2026-06-20T13:16:59.871972Z","times_seen":2,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":-1,"dns":0,"connect":142,"send":0,"wait":168,"receive":286,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/wap/js/wow.min.js","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.743Z","timestamp":1781959062743,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/wap/js/wow.min.js HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:42 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8415,"size_decoded":3231,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (8385)","md5":"36050285bfeeb7395752f0f9bbc08273","sha1":"5924f7bbbf1dfa3f0926851d01f782f23a59e805","sha256":"0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69","sha512":"bf887e087c52583114b77bfb417d7dffa0ee8634d39155af14591a24b2add9ef4c8a0c0555364122800d07a55f5f1fb0c723b39541b069a437ff558ddbf380a3","ssdeep":"96:UrZgL1xvPV6GqKgR6TYLWHFMLJA6pOROVEE1fosvGeaMozHImBaoqbl:Ury9PVfIFrlAJROVEEdos+eatzHILoA","tlshash":"750267c97a967031d75796f6833f0106b6361aeeb028047cb5b88dd57c78868523bf38","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-06-20T16:12:04.786564Z","times_seen":13036,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":118,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/bnimg/5fd97a8681e18.jpg","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.755Z","timestamp":1781959062755,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/bnimg/5fd97a8681e18.jpg HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.xhxhbkj.com/Public/bnimg/5fd97a8681e18.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":888,"timings":{"blocked":725,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/wap/js/responsiveslides.min.js","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.733Z","timestamp":1781959062733,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/wap/js/responsiveslides.min.js HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:42 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3344,"size_decoded":1735,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (521)","md5":"ed1f41cbdd5f9dc3c69fb27fffe1edfd","sha1":"915022ddef5b596b51f417de0112229542033dd3","sha256":"87a2584f8a57a0f2931fdfa1902d4a52d37c35a08cd24eaa1a71f66caa6cf1c8","sha512":"58027c39c779c1dbd2932d633b7052bca48820c0f6e379231e0e2598c9cb47ffad921b25093e07a585aad5c59be5c54d8ccd7a41d87f53cb7707e5f7b10e39ec","ssdeep":"","tlshash":"3961d9adbb713239a09b7dcd336fcc04593611a377234455716a2c905df968c08b3faa","first_seen":"2023-03-26T03:57:47Z","last_seen":"2026-06-20T13:16:59.855225Z","times_seen":21,"resource_available":true,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":142,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/uploads/20210831/612dd4bfc2d59.jpg","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.761Z","timestamp":1781959062761,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20210831/612dd4bfc2d59.jpg HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.xhxhbkj.com/Public/uploads/20210831/612dd4bfc2d59.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":882,"timings":{"blocked":718,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/uploads/20210831/612dd4a64c93a.jpg","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.763Z","timestamp":1781959062763,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/uploads/20210831/612dd4a64c93a.jpg HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.xhxhbkj.com/Public/uploads/20210831/612dd4a64c93a.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":874,"timings":{"blocked":714,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.xhxhbkj.com/Public/bnimg/5fd99741421fa.jpg","fqdn":"www.xhxhbkj.com","domain":"xhxhbkj.com","tld":"com"},"ip":{"addr":"103.36.196.122","port":80,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:43.505Z","timestamp":1781959063505,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/bnimg/5fd99741421fa.jpg HTTP/1.1\r\nHost: www.xhxhbkj.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://ztedjdd.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:52 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Wed, 16 Dec 2020 06:48:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"5fd9add4-23c49\"\r\nExpires: Mon, 20 Jul 2026 12:37:52 GMT\r\nCache-Control: max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146505,"size_decoded":146487,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 926x440, components 3","md5":"9daf9e1e08a16f850784b208fde466d5","sha1":"0adc498181f62c1d18c0b8112d53726f4a0c7fb7","sha256":"40aa5ec983ba5f3ec12e8875a199dd36b9c2d027262d14b9f059b754f6facfdc","sha512":"563dc888360970e49306f949dfbedd9b6e4c132fda9732b5c5d3758e4ca272a77e45d2476229fe8c7ba568d9fd71f5de67508e713345bbff578af660ba9bcf1c","ssdeep":"3072:2vozyH3t3B/LddI8vZLJTNEPbl+FOnrXH9x/aXKyfr:KoeHZZLd2Q5Je5OONlaXKyfr","tlshash":"f8e312238d067808dd8ff1d93afcc21948be96e6ba9db9d0a9559d45dac3f613c00293","first_seen":"2026-06-20T12:38:14.003303Z","last_seen":"2026-06-20T13:16:59.830331Z","times_seen":2,"resource_available":false,"data":null}},"time_used":17335,"timings":{"blocked":-1,"dns":532,"connect":1304,"send":0,"wait":14521,"receive":978,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ztedjdd.com/Public/bnimg/5fd97a78c922c.jpg","fqdn":"ztedjdd.com","domain":"ztedjdd.com","tld":"com"},"ip":{"addr":"170.130.92.10","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ztedjdd.com/wap.html","date":"2026-06-20T12:37:42.749Z","timestamp":1781959062749,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /Public/bnimg/5fd97a78c922c.jpg HTTP/1.1\r\nHost: ztedjdd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ztedjdd.com/wap.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Sat, 20 Jun 2026 12:37:43 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.xhxhbkj.com/Public/bnimg/5fd97a78c922c.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":715,"timings":{"blocked":558,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"ztedjdd.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"ztedjdd.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}