{"report_id":"fc15c34f-c3d6-40e3-bfc8-7b51e44a89a9","version":6,"status":"done","tags":[],"date":"2026-01-06T14:22:35Z","url":{"schema":"http","addr":"961365.cc","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":0,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"961365.cc/","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"title":"欢迎莅临","dom":{"size":22722,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16138)","md5":"32d1d5879d51bbddd89c8e9944353f0b","sha1":"17c674fbede0b6826fd9899abfb09ed0e196b850","sha256":"1eaaf164bba62649b8d4eeb9e05055e504fbe66b4b9b1ec76e05d38ab3370c2c","sha512":"121036cc0e1ffa42c6a606d71a2ffb192280368628043818433d2c1dc85cfd179d8990682ec055f7109447e12ed348d3e260c1a675531e8f5a3904fefdbdd82c","ssdeep":"384:2X3W6Z/qhZkecZSJi0NQJ73nnnnOGyME7k6yr3ExMdRQjFFk5o9WenZbFnIE2Oei:7NQ9nnnnvTh6u3ExM3qFk69W8teh2WkN","tlshash":"65a2ae31eb4dac6b612640e8703eb79c808f992f9c03cc66f5ff4615dfc6aa48957885","dom_hash":"domhash555efe96e0c7216b13f922d85f980677","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"961365.cc","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":0,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-10T14:22:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"hrdbvlj.juqhbwfolcekjd.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"961365.cc","ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"2015-10-11","domain_rank":0,"first_seen":"2026-01-03T08:10:22.15452Z","last_seen":"2026-01-03T08:10:22.15452Z","alert_count":52,"request_count":13,"received_data":222826,"sent_data":5662,"comment":"","tags":null,"fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"hcdream.com","ip":{"addr":"45.194.140.3","port":443,"asn":134548,"as":"DXTL Tseung Kwan O Service","country":"Hong Kong","country_code":"HK"},"domain_registered":"2018-06-21","domain_rank":0,"first_seen":"2019-01-18T16:52:36Z","last_seen":"2025-12-30T06:56:08.276509Z","alert_count":0,"request_count":1,"received_data":3559,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"hrdbvlj.juqhbwfolcekjd.top","ip":{"addr":"40.83.99.88","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":20270,"sent_data":433,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"961365.cc/libs/script/jquery.min.js","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","size":95786,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-06-07T01:37:39.871484Z","times_seen":52043,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hrdbvlj.juqhbwfolcekjd.top/widget/linkchat.1.1.0.js","fqdn":"hrdbvlj.juqhbwfolcekjd.top","domain":"juqhbwfolcekjd.top","tld":"top"},"ip":{"addr":"40.83.99.88","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"59b0c9f1c537544a364cc03e11815b34","sha1":"88c488181283b1ed9bf3e3c48ac056a312e47506","sha256":"afd9b6f3b5ea5286fe30818f301786af0f5c79890e873ccf2b8d0ce2c1e65fe6","sha512":"fa4961eca50806364cf62f8c817cde4dfaa9d44ac7e1a7cb7376b08a4047d9bf6f5660417872bf03b6cd0167f8987985806697c7bd5fc1f014c053ddbf2ab98e","ssdeep":"384:s/AmLO+73nnnnOGyME7k6yr3ExMdRQjFFk5o9WenZbFnIE2OeIy4jAZktY9xkSxM:s/hiannnnvTh6u3ExM3qFk69W8teh2Wa","tlshash":"dd92b034f748652ad02d407921be7a4c799a386f9b054aec30b2e5e39dfc95c3571a3c","size":19939,"data":"","first_seen":"2023-09-02T04:11:25Z","last_seen":"2026-05-30T15:22:50.69376Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"00e3b1f62536702a94a051e29baa88e3","sha1":"67422867129ca7d2b391efa4c36422bf75203f17","sha256":"e501c4249a125fc6ff3063b26b82bd762a374c4eed4c434fc09e84267a43f8d6","sha512":"cd744fafd3fecce1b801842935927479d5cf363943c38d532b8ad26508cb3f43cafa76bc5e1275fb27c824818bfe524eb0b075c9dfb7f41d8c13645afcae4f53","ssdeep":"","tlshash":"c6f05c9687ad19d14ba01061f41d9181d21ccb3a5c828c43dc00cb768bc17dff345965","size":460,"data":"","first_seen":"2025-08-12T03:49:50.44686Z","last_seen":"2026-01-06T16:21:24.741486Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"97ce7d9f13bf642ae9c05e791b0f132e","sha1":"933bd1f39dcea06f6f884179fcaff489b350c39d","sha256":"257876105ecb5b13c3ba710c747328c91ec52427970282a9fba2fc3664da4ed2","sha512":"f6580e37103b66368f92b54844b21eb809c47b7ae1717260f18cf059ae0581973aa23ca56b8cc6b6588ee9ea151328661a5a604fd3cc8ab90b9ea374a539e3a0","ssdeep":"","tlshash":"a1f050d3a8ada0a89fee50fe301492cda511c09d3c45c493d10d0c315212fab9127c00","size":509,"data":"","first_seen":"2025-08-12T03:49:50.448954Z","last_seen":"2026-01-06T16:21:24.741984Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hcdream.com/berlin/customer-service/kefu78.js","fqdn":"hcdream.com","domain":"hcdream.com","tld":"com"},"ip":{"addr":"45.194.140.3","port":443,"asn":134548,"as":"DXTL Tseung Kwan O Service","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"22258c2199930f806a7f779bf5eb8dbe","sha1":"7f8011391361c93bd1153b1ff509abb9881c75ae","sha256":"95726622caa1f472a5ea2083f6ca97d88abe843f2c19e1d2c252876d0397a7ee","sha512":"20c326393647b5c30c94887ffbacccbd70aa15f99aad3ece6a7036c1affb4e7e43b8729d1d4864f9784471ec6ec65069a66810d8b93ecc3b010e641f7e975c35","ssdeep":"","tlshash":"925140d6a9ba5521450311f95beb3b68713b646ffd06ee21335cc98c0f89cda902f688","size":3103,"data":"","first_seen":"2025-12-30T06:56:12.510622Z","last_seen":"2026-01-29T02:15:31.285408Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"961365.cc/style/index.css","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /style/index.css HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nlast-modified: Tue, 28 Nov 2023 11:01:25 GMT\r\naccept-ranges: bytes\r\netag: \"80b0983aea21da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:15 GMT\r\ncontent-length: 3\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":3,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T02:09:46.692243Z","times_seen":16200239,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/images/vvimg.webp","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /images/vvimg.webp HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\nlast-modified: Sun, 07 Apr 2024 12:43:13 GMT\r\naccept-ranges: bytes\r\netag: \"80c65c27e988da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:15 GMT\r\ncontent-length: 12656\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":12656,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"37580c318d4b3f5739f0244a121759ac","sha1":"537f9c62d7e2ca64a3794b8e999c4547f5e31d4e","sha256":"cb41d7a892e0063fa791c39903fcca57a76944cd23bba160b1f85d1b212d3bfd","sha512":"804836dedd29152369d0d69e122b25d22f7a9d121c43fb38468de7e3e314b071110b6ef51933c993e6734fd749d6a860b8e99f6bd981929006de399047e563a4","ssdeep":"384:8yJX4Zz+Apn5DsK5slqF+anfTnqqcXPYKlG:8wXGqAXsK5eqF+aDmQx","tlshash":"c742c022060bd65a4f8de13530d1ba2b2c647a0d7b2c5632f1b21cdc49cae26d82e7cd","first_seen":"2025-04-06T09:42:02.51261Z","last_seen":"2026-01-29T02:15:31.284902Z","times_seen":12,"resource_available":false,"data":null}},"time_used":773,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":772,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hcdream.com/berlin/customer-service/kefu78.js","fqdn":"hcdream.com","domain":"hcdream.com","tld":"com"},"ip":{"addr":"45.194.140.3","port":443,"asn":134548,"as":"DXTL Tseung Kwan O Service","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hcdream.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Nov 2025 10:58:06 GMT","end":"Sun, 08 Feb 2026 10:58:05 GMT"},"fingerprint":{"sha1":"B4:A0:58:B9:60:06:9D:3F:20:4A:15:3F:72:C2:73:2F:16:AA:9D:F6","sha256":"70:52:BA:B1:D1:AE:4E:24:C2:17:D6:D8:54:72:87:FF:7E:2D:04:87:7D:0B:19:4E:FA:4E:AE:2C:D4:D1:56:0D"}}},"request":{"raw":"GET /berlin/customer-service/kefu78.js HTTP/1.1\r\nHost: hcdream.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:22:15 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 21 Dec 2025 10:52:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6947d158-c1f\"\r\nexpires: Wed, 07 Jan 2026 02:22:15 GMT\r\ncache-control: max-age=43200\r\nset-cookie: SITE_TOTAL_ID=3b04b6dd2f5876e5cf7b15a872d974ff; Path=/; Max-Age=259200000; HttpOnly\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3103,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text","md5":"22258c2199930f806a7f779bf5eb8dbe","sha1":"7f8011391361c93bd1153b1ff509abb9881c75ae","sha256":"95726622caa1f472a5ea2083f6ca97d88abe843f2c19e1d2c252876d0397a7ee","sha512":"20c326393647b5c30c94887ffbacccbd70aa15f99aad3ece6a7036c1affb4e7e43b8729d1d4864f9784471ec6ec65069a66810d8b93ecc3b010e641f7e975c35","ssdeep":"","tlshash":"925140d6a9ba5521450311f95beb3b68713b646ffd06ee21335cc98c0f89cda902f688","first_seen":"2025-12-30T06:56:12.510622Z","last_seen":"2026-01-29T02:15:31.285408Z","times_seen":14,"resource_available":true,"data":null}},"time_used":1127,"timings":{"blocked":451,"dns":28,"connect":212,"send":0,"wait":213,"receive":0,"ssl":220},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/images/vvbg.webp","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /images/vvbg.webp HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/style/global.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\nlast-modified: Sun, 07 Apr 2024 10:33:05 GMT\r\naccept-ranges: bytes\r\netag: \"80866ef9d688da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:16 GMT\r\ncontent-length: 1196\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1196,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 846x480, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"28fb5bfc57367b7346b470795f8d043f","sha1":"2c5511939e926e163ee683d38054b2dd9045bf67","sha256":"0e4aa4ae38aaf6dd312f9cf1235fa342d40170a5429d750e01e0e54df92c03fe","sha512":"659052c91428b9965fd384d3d39a60eee248db557754a43630ad465586b405a02ef62b770a68d1db02b16786bb7f2c7a27cf0349c6c62e8cc8fd12ed04f2a7aa","ssdeep":"","tlshash":"fa2184882654ce818810c913397fb9b20a546c5307aed37afb86c9216b39b3ee1517db","first_seen":"2025-04-06T09:42:02.518937Z","last_seen":"2026-01-29T02:15:31.277164Z","times_seen":12,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/images/bg2.webp","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /images/bg2.webp HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/style/global.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\nlast-modified: Sun, 07 Apr 2024 10:27:10 GMT\r\naccept-ranges: bytes\r\netag: \"0d3d525d688da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:16 GMT\r\ncontent-length: 10580\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":10580,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 845x517, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f11264c208fc36796be5ee8049e75ccf","sha1":"18ae57c3c7756c6b70671f1848f49242836fe0c2","sha256":"0dbe76b0360b430831442526f8791ce0ecb4e81d898126860472cc02a47475d5","sha512":"06bc919def01f4aac33b154f2d5143851f66e3d08e9bda9b41bd928e179a08fbfc5ff6158b959b661cf3fc5978c436cf6b97b37cb0fb07b3badcf14e9e3efb39","ssdeep":"192:8SQNqq/7Qm+kkmG7T63BtlACDMxP5zv7iKlWON1E7SDT4NecI/tpP:8S11Zd7TcBtoPVmuE/etd","tlshash":"7022bfa29c14261e5d71eb187278e3714f4fe4a82779ba2d3d38728972ddc8c43af211","first_seen":"2025-04-06T09:42:02.507482Z","last_seen":"2026-01-29T02:15:31.281863Z","times_seen":12,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/images/ico.js","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:16.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /images/ico.js HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 Dec 2023 21:26:30 GMT\r\naccept-ranges: bytes\r\netag: \"0c735b6c127da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:16 GMT\r\ncontent-length: 1150\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"application/javascript","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"78ced472c39ea826ef4c037f113d32a1","sha1":"c49391f4bea7109c7b0bc25a46f8d8802eccdf24","sha256":"547754129cd87bd3f2d6a890a128dee88f0bd1206e2505f6547ed0bf1370606d","sha512":"0a32eace2130d506ec94fb8ceb29806d2eccfbd682f743459d9c280a73571cf9e4343b93caf1e878f726997d1d5b59ead9f7e081828ef1128d4026f880ea0e17","ssdeep":"","tlshash":"8d317c8b52cd6f2ac619c3fdce83ae441224e759cf964bc79010a09e3d16ee8db4d5c8","first_seen":"2025-04-08T10:49:24.938652Z","last_seen":"2026-06-02T13:43:58.27191Z","times_seen":146,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/images/li.webp","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /images/li.webp HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/style/global.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\nlast-modified: Sun, 07 Apr 2024 11:32:45 GMT\r\naccept-ranges: bytes\r\netag: \"802c474fdf88da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:16 GMT\r\ncontent-length: 998\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":998,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1e6634906f405b09fed61ea2463e0aa4","sha1":"755c4b5db46468dcbf56d2e58f51f2adb419c7cb","sha256":"2c4dd8c81040772b7866551628be5d47a340c45ac10efa54b90a785b9d0d2701","sha512":"486ef2e3ee8803f4cc20210d90751e4ddc1d181652c007ec95a7b1f4a187397f0dc68a959dd13927e100d2bbaa757b22f5993fed9bf2ee470cf2fcb6cf32bd95","ssdeep":"","tlshash":"de11c82d87f20156df96a8d9a87e79740d0fdee440c6f0260b3b41d1d3aac22602b839","first_seen":"2025-04-06T09:42:02.516542Z","last_seen":"2026-01-29T02:15:31.282396Z","times_seen":12,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T14:22:13.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nlast-modified: Fri, 26 Dec 2025 03:50:01 GMT\r\naccept-ranges: bytes\r\netag: \"80fafb61a76dc1:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:15 GMT\r\ncontent-length: 2036\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":5695,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"33406b7dee798108294517c687a8ebfd","sha1":"6d0f7424dfa4c949c0c35ef9e9d9131e988d0c06","sha256":"8bb5a04773aeec21dea8b528bd1c1bb078b78e34be15747a1bcdc78de33e7686","sha512":"22fcab80b861a9e95852a4835fa9ec6e1156e8fd6a83b10761a752063847e9b9c79d501c190f4f38842ca394ff35dd24429518ab1f50e06d7e501b9b6aef8584","ssdeep":"96:nAswhzYxSS8arYWbEW6Z/qXxZkecZA8llpiip6sUZOpwclEAkNv:L18HW6Z/qXxZkecZ7pp6JiwtNv","tlshash":"3fc16462df4cbca7151641d97029f38d909f8a3ddc63c823f8f7492696d2ed4c52b892","first_seen":"2025-12-30T06:56:12.513687Z","last_seen":"2026-01-06T16:21:24.734454Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1893,"timings":{"blocked":817,"dns":17,"connect":256,"send":0,"wait":258,"receive":0,"ssl":541},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/style/global.css","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /style/global.css HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nlast-modified: Tue, 09 Apr 2024 12:55:39 GMT\r\naccept-ranges: bytes\r\netag: \"80d7d6387d8ada1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:15 GMT\r\ncontent-length: 1909\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1909,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"fb44a544b1acf6dea59a61d4c3bd8e81","sha1":"6733cf66a25c24235af0e00ec89ce6f65b0e98c9","sha256":"c5e10faa508bfd0cdad0ba4edd1630617e85dd434d68434e59be8915fb295c6b","sha512":"b7488b9b0ac257122cc5f0b960536ea3d2824177c1fe0fd577a373bc703b55ff97454c6ed6a42266728ca68626d401fdab3f5884d716b5140a7631f0dea92310","ssdeep":"","tlshash":"1e41fe632e4238cbb016c1b89d3625a4f20e89434f0f4e67fa6879beea4409115a3b4d","first_seen":"2025-04-08T10:49:24.941874Z","last_seen":"2026-01-29T02:15:31.281377Z","times_seen":11,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/libs/script/jquery.min.js","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /libs/script/jquery.min.js HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 26 Nov 2023 11:49:03 GMT\r\naccept-ranges: bytes\r\netag: \"8061458d5e20da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:15 GMT\r\ncontent-length: 95786\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":95786,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32086)","md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-06-07T01:37:39.871484Z","times_seen":52043,"resource_available":true,"data":null}},"time_used":772,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":260,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/images/a_06.webp","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /images/a_06.webp HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\nlast-modified: Sun, 07 Apr 2024 11:28:40 GMT\r\naccept-ranges: bytes\r\netag: \"0243fbdde88da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:15 GMT\r\ncontent-length: 7712\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":7712,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"73ee17c65fa420c4a6e0e77bd6ef900c","sha1":"f186f8ac3a435b8bebb454b1c7aab72936ef9c01","sha256":"98e1f3e4ef1e783c3936bb555407971efd8c93d8473de0ddd337b6842ec04e3c","sha512":"de407f010ecf3477288bc4bc5daa7c6a850325fcf65edd4838841e035f8f9dc26623fc4a352265cb139b63242c72c44021b12f227ed30a8db944ff82ba56ba2e","ssdeep":"192:0dwvENfvqjkfekdiU52zImnscCK9PTLGr+/WadS7e5St:Wwyfv+5aKzImnnCK9er+HYe","tlshash":"16f18ea0b948d5b4d4d9eda310e6c4b023df62b4831d17decae6889689df0d8846228f","first_seen":"2025-04-06T09:42:02.510106Z","last_seen":"2026-01-29T02:15:31.275629Z","times_seen":12,"resource_available":false,"data":null}},"time_used":984,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":983,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/images/bg1.webp","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /images/bg1.webp HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\nlast-modified: Sun, 07 Apr 2024 12:56:16 GMT\r\naccept-ranges: bytes\r\netag: \"01811faea88da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:16 GMT\r\ncontent-length: 78104\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":78104,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1480x833, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"49e9e8effd58a47f92515951963565c7","sha1":"b6429a5131f560ec0e66eaeed3dcd42255b62e1c","sha256":"e6d3a9565cb3a5d1eb0844b8ac94fb0341485befb6711feac10ae630887e8fcd","sha512":"ec86eb55dc4c80af914b4fe8f07b26410dd79523aadaa0adca3f1ad1b3a6b86afee7e0ea37fdae4166c8226efc4900cf5663d77c4c19dc984c768b1ab5dc4a13","ssdeep":"1536:UOoPEHszYR01TtYoGCRzosleRqHcDPumxZdY1nTe03KPC7D4v:JjeYSnTRzokeRq8DumxZC10CXG","tlshash":"a77312637df3c1817ca67a2fa81012e22e1e511fd3d0957f91e28b153c6b759d2b40b9","first_seen":"2025-04-06T09:42:02.51825Z","last_seen":"2026-01-29T02:15:31.28066Z","times_seen":12,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/style/reset.css","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /style/reset.css HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nlast-modified: Sun, 07 Apr 2024 10:55:28 GMT\r\naccept-ranges: bytes\r\netag: \"010ec19da88da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:15 GMT\r\ncontent-length: 1701\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1701,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1499)","md5":"d0365eb4c3438727e9170c6efa1582ab","sha1":"0b21c46331d5d63373b65f5cd03d7b77918720c4","sha256":"54bed87455bf810b1524f295608c6b9fead2967793e7bcf64d16b209e0c76a20","sha512":"a504af10c07b7b5045541a8be438875fe228ed19102b3716e604baf4d8dc59eb8ebd08a1639c2fa683a0c0409971c0d493cd37d28060c84493d8201be22e59f6","ssdeep":"","tlshash":"c3311121c338eca6f57bc8aa3405be59265c53924c8fcb74fa327819ce550673712b28","first_seen":"2023-04-19T08:45:00Z","last_seen":"2026-06-02T18:17:17.385762Z","times_seen":175,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"961365.cc/images/enter.webp","fqdn":"961365.cc","domain":"961365.cc","tld":"cc"},"ip":{"addr":"103.244.151.206","port":443,"asn":135357,"as":"HONG KONG KOWLOON TELECOMMUNICATIONS CO.,LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"952365.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 04:17:02 GMT","end":"Thu, 26 Mar 2026 04:17:01 GMT"},"fingerprint":{"sha1":"20:C0:87:82:E8:1D:5A:C3:90:75:AF:78:CD:A4:4B:CB:AC:1D:CC:9F","sha256":"F6:71:E5:49:83:24:3E:21:FE:48:39:A5:38:81:D6:ED:1A:2D:4A:16:1E:23:F4:F9:23:96:5E:D7:5A:2A:E0:53"}}},"request":{"raw":"GET /images/enter.webp HTTP/1.1\r\nHost: 961365.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/style/global.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\nlast-modified: Sun, 07 Apr 2024 11:31:50 GMT\r\naccept-ranges: bytes\r\netag: \"0d77e2edf88da1:0\"\r\nserver: Microsoft-IIS/10.0\r\ndate: Tue, 06 Jan 2026 14:22:16 GMT\r\ncontent-length: 2094\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":2094,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fc246b2e3bfa57a74e72913366f116cd","sha1":"bfcd8687c2404de4a0b0a2af542306bbe77f2e7d","sha256":"82a1926890454dbb54f5ead003428e4a6384a737a90ddb1b3e19d05e0dd8be03","sha512":"73949932acaf4bc8df12d21774400ccdd81b5eec4ef6c2d576b6c317a777febc60fa6a008838adf8a22b570dbd99bfaeb09011cc5d483d1d887638e88c8a0bec","ssdeep":"","tlshash":"4241198f7fab0a6c9c6bee8b1644e58180a66cd5058291307298192cc484739b3c03e6","first_seen":"2025-04-06T09:42:02.517537Z","last_seen":"2026-01-29T02:15:31.282992Z","times_seen":12,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"961365.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hrdbvlj.juqhbwfolcekjd.top/widget/linkchat.1.1.0.js","fqdn":"hrdbvlj.juqhbwfolcekjd.top","domain":"juqhbwfolcekjd.top","tld":"top"},"ip":{"addr":"40.83.99.88","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://961365.cc/","date":"2026-01-06T14:22:15.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hwcygjf.juqhbwfolcekjd.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Dec 2025 03:46:41 GMT","end":"Sun, 08 Mar 2026 03:46:40 GMT"},"fingerprint":{"sha1":"B0:50:C1:74:54:FA:CD:2F:D7:66:A6:7F:73:F6:C7:86:3C:62:49:AE","sha256":"B9:BB:68:00:D3:97:B1:28:49:9B:33:56:1A:F1:72:6A:8D:79:C6:7C:B8:15:CD:5B:59:1F:B1:F8:9A:FD:6C:8F"}}},"request":{"raw":"GET /widget/linkchat.1.1.0.js HTTP/1.1\r\nHost: hrdbvlj.juqhbwfolcekjd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://961365.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 06 Jan 2026 04:01:27 GMT\r\netag: W/\"6422ed22-4de3\"\r\nlast-modified: Tue, 06 Jan 2026 04:01:27 GMT\r\nserver: nginx\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-cache: HIT, policy, disk\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19939,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (19912)","md5":"59b0c9f1c537544a364cc03e11815b34","sha1":"88c488181283b1ed9bf3e3c48ac056a312e47506","sha256":"afd9b6f3b5ea5286fe30818f301786af0f5c79890e873ccf2b8d0ce2c1e65fe6","sha512":"fa4961eca50806364cf62f8c817cde4dfaa9d44ac7e1a7cb7376b08a4047d9bf6f5660417872bf03b6cd0167f8987985806697c7bd5fc1f014c053ddbf2ab98e","ssdeep":"384:s/AmLO+73nnnnOGyME7k6yr3ExMdRQjFFk5o9WenZbFnIE2OeIy4jAZktY9xkSxM:s/hiannnnvTh6u3ExM3qFk69W8teh2Wa","tlshash":"dd92b034f748652ad02d407921be7a4c799a386f9b054aec30b2e5e39dfc95c3571a3c","first_seen":"2023-09-02T04:11:25Z","last_seen":"2026-05-30T15:22:50.69376Z","times_seen":39,"resource_available":true,"data":null}},"time_used":2233,"timings":{"blocked":1014,"dns":601,"connect":203,"send":0,"wait":203,"receive":0,"ssl":210},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"hrdbvlj.juqhbwfolcekjd.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}