{"report_id":"12b85025-5eaf-4510-a284-0c71a283684d","version":6,"status":"done","tags":[],"date":"2025-11-30T21:00:09Z","url":{"schema":"http","addr":"82.wugumil.com/index/m3?diff=0","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"172.67.213.11","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"about","addr":"about:neterror?e=dnsNotFound\u0026u=https%3A//sandbahn.com/x/dl%3Fp%3D1473%26clickid%3D%26siteid%3D\u0026c=UTF-8\u0026d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20sandbahn.com.","fqdn":"","domain":"","tld":""},"title":"Server Not Found","dom":{"size":7941,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (500)","md5":"d22b31bf7ec97533fcd08751ee067434","sha1":"67ce9d9fc48e83ac95b06652c1d8b4805823bcdf","sha256":"c8a08d74f3b6817b53232edb8c7e1317adde97bb53c76e77a8cbd85872f722fa","sha512":"b2c84f637da54020fc8310c73ac5b99fd973a3a13585a920ec0b20839dab08889759d39ad9222470e1f0a40760df4ac497608438744c6f017e1554d2b0cc3309","ssdeep":"96:rIPfVVvtARPy48S8k45USz+45RaIkata89+RzydNAIl9+kex8KdRonI7B1g/M:rIlZeRPyfS8LUSZRa2b9wm7I98IT","tlshash":"d0f162a862fa0d2b819386e938db7409bd01d297d35c24e5bf6d45f10fc7d61980f19b","dom_hash":"domhashc59d69afccb598c37df8c553a509577e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"82.wugumil.com/index/m3?diff=0","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"172.67.213.11","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-04T21:00:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"sandbahn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"82.wugumil.com","ip":{"addr":"172.67.213.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-04-11","domain_rank":0,"first_seen":"2025-11-30T21:00:09.666031Z","last_seen":"2025-11-30T21:00:09.666031Z","alert_count":12,"request_count":4,"received_data":113158,"sent_data":1861,"comment":"","tags":null,"fingerprints":[{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"sandbahn.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2019-01-24","domain_rank":0,"first_seen":"2019-01-25T19:31:07Z","last_seen":"2025-11-27T12:22:02.624656Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":543,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"82.wugumil.com/index/m3?diff=0","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"172.67.213.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d299fc4158f5ee271d32054f20c567b","sha1":"f7a0862ea30145dcb0a90604dd7898a40e53feb1","sha256":"c9ab2db9b28f51129edfd2aff30ad067245bd34b028991e08f56f7c947f60495","sha512":"cfd527d72368746c57394fde01a5bf34d2a2c64db14d77c41a73f02bd063c5d3a89edb8042774ec98a11cd77e5790004e4fd1d34025976df1dc2bcf49a1fc7bd","ssdeep":"384:hEO8LLwmwafzrI9INlsGx51lVEG42vx6jOv:2HLFNfaelsGL1l+G42vd","tlshash":"6ad26e1c8bf230b9a67fa17ea25f681478e3717b4084d501f5cd92406fd9a43c9ba6e8","size":30513,"data":"","first_seen":"2023-04-05T16:38:07Z","last_seen":"2026-04-18T22:50:34.4379Z","times_seen":454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"82.wugumil.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"172.67.213.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cce286a76c98655126ff55a5d756c2b9","sha1":"99eca2b5d02d57a7f6450cbdf902687ba16826d8","sha256":"9f3ad4589604825d80a022d66034f12bb86487f9215ecddc1f14499c7878f362","sha512":"2cadbc7194d6c75db3d962d25886f6c7aa1bdb8ba2ba7f8f9b23f8731862186dea096c7f3cb823f57c2d7fc10c302902d3ca2600642924039847e608deb53add","ssdeep":"768:jCEb5lCr9FbMv1gEEGZ2iPJT4VH4qiWDHV/8wUz:/AqJs14SDHV/8zz","tlshash":"20132c9932927025726ea9e1537f270af37e691748b55c00c603f8803a24edef227f9d","size":43506,"data":"","first_seen":"2025-09-06T15:06:29.605554Z","last_seen":"2025-12-03T12:51:21.521007Z","times_seen":212,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"82.wugumil.com/index/m3?diff=0","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"172.67.213.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"090e100258dadb305982de69ae2eee9d","sha1":"164ff094f9e3052e1f5bb9ded540ca66c35704be","sha256":"30b9ab271c114cb6c8ab54c35b9aea8cb31051e2ed8d59cbe40e873ac707c5b6","sha512":"a2ef627bf4a5fcb2e2970f3bcb8f019bfc4c207e998ee8664739296c6dea9b6c180f8d87027466dae318928672c765c1df306af445e7b5f645fcec528f4a3217","ssdeep":"","tlshash":"0b51e1bb48a712311ab321a64b5fb710292710771488dc11bfecd704bfa897b9125be8","size":3161,"data":"","first_seen":"2025-11-30T21:00:11.404577Z","last_seen":"2025-11-30T21:00:11.404577Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"82.wugumil.com/index/m3?diff=0","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"172.67.213.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"062fd9276b8b132d729ec1c6d5d16971","sha1":"1dc9655168c0ef28f5388e9d1d544e999b6b25ef","sha256":"c8e63197ad2336ed35f59f35b74bd0c7d3baa9c06b17c811f2c8ea211bae663f","sha512":"c77f1174a048402ab4e87d12da172225f44b37269cffaf1b30593badda1dcd24f2a09254bd9be566dbc87d524af8880caeee8f826dbd210eb2cec9b818f0e7ed","ssdeep":"","tlshash":"0ac02b2e3480033c800303c9064ed2b07a239c320d818000387e53c15fd0c03c4482ee","size":155,"data":"","first_seen":"2023-04-07T14:49:21Z","last_seen":"2026-04-18T22:50:34.445374Z","times_seen":293,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"82.wugumil.com/index/m3?diff=0#","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d299fc4158f5ee271d32054f20c567b","sha1":"f7a0862ea30145dcb0a90604dd7898a40e53feb1","sha256":"c9ab2db9b28f51129edfd2aff30ad067245bd34b028991e08f56f7c947f60495","sha512":"cfd527d72368746c57394fde01a5bf34d2a2c64db14d77c41a73f02bd063c5d3a89edb8042774ec98a11cd77e5790004e4fd1d34025976df1dc2bcf49a1fc7bd","ssdeep":"384:hEO8LLwmwafzrI9INlsGx51lVEG42vx6jOv:2HLFNfaelsGL1l+G42vd","tlshash":"6ad26e1c8bf230b9a67fa17ea25f681478e3717b4084d501f5cd92406fd9a43c9ba6e8","size":30513,"data":"","first_seen":"2023-04-05T16:38:07Z","last_seen":"2026-04-18T22:50:34.4379Z","times_seen":454,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"82.wugumil.com/index/m3?diff=0#","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":true,"md5":"0dca0221e84cde3b832129a2f91dcf53","sha1":"f47fac1fce4048ebcdb4384b2474c61d2a2d281c","sha256":"e91fc33107f18277405a089a66a1c66865f11349d0b6f616260dccb52219e8c3","sha512":"74f30599285de55da6a347d299770696b6c9cf1bc3cff19f5be5d4d98b0188d4fc3a87feb90e78b1b527ee944ca68cc641a239a8fc2b94c5e76751cf1607a5a5","ssdeep":"","tlshash":"cf51e1bb48a712311ab321a64b5fb710292710771488dc11bfecd704bfa897b9129be8","size":3161,"data":"","first_seen":"2025-11-30T21:00:11.40611Z","last_seen":"2025-11-30T21:00:11.40611Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"82.wugumil.com/index/m3?diff=0","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"172.67.213.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-30T20:59:47.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wugumil.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 09:11:57 GMT","end":"Sun, 22 Feb 2026 10:09:37 GMT"},"fingerprint":{"sha1":"94:D9:F7:95:12:9E:49:C2:7F:F8:A5:8A:64:E3:65:BB:D7:F3:6A:AB","sha256":"7A:A5:65:C7:F2:DA:C1:0F:1D:42:3D:A3:C9:6B:AE:C4:A7:16:6C:38:E5:D2:47:5D:D9:2F:43:D2:71:5E:7F:F8"}}},"request":{"raw":"GET /index/m3?diff=0 HTTP/1.1\r\nHost: 82.wugumil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 30 Nov 2025 20:59:47 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: no-transform\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OgHNlYcs548BbQA1KjNpwnq14T6rrdNYLmX4WNdVR73GM9uQ0907%2FHl9EB%2BIGPdlIWFaQxzwTtMUmFpjZCrx7o%2Fd89Hv0EEQ8%2BqsJHZd\"}]}\r\ncf-ray: 9a6d45444b9a35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56271,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (12693), with CRLF, LF line terminators","md5":"51a4968b4163d07c141b025343f7c0a8","sha1":"b3cd7beaa03c95e3632751db8e75be8d1ad09370","sha256":"94405ec399c0c6a62074fd5d866c79b5eccc669608dfdb79ea1ae25dbda4938b","sha512":"4c4d4c30c91482e0b68450aff44af0201d7ba1c1be6175942c9c672c4af324aad7e808cded156df56b93de7a39d181735fd0df43ff96fcd969899a303c237695","ssdeep":"768:0gLFNfaelsGLhO9e4NvgaHEm9oGgDa8pbkK4k:0gxNCehhMf79otDDkK4k","tlshash":"f1436c2e8a4231555037d3bae79b2e0cfea3527741818446fedc9200aff5942c9a6fdc","first_seen":"2025-11-30T21:00:11.40082Z","last_seen":"2025-11-30T21:00:11.40082Z","times_seen":1,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":177,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"82.wugumil.com/199f8c6.php?utm_source=\u0026utm_campaign=","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"172.67.213.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://82.wugumil.com/index/m3?diff=0","date":"2025-11-30T20:59:47.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wugumil.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 09:11:57 GMT","end":"Sun, 22 Feb 2026 10:09:37 GMT"},"fingerprint":{"sha1":"94:D9:F7:95:12:9E:49:C2:7F:F8:A5:8A:64:E3:65:BB:D7:F3:6A:AB","sha256":"7A:A5:65:C7:F2:DA:C1:0F:1D:42:3D:A3:C9:6B:AE:C4:A7:16:6C:38:E5:D2:47:5D:D9:2F:43:D2:71:5E:7F:F8"}}},"request":{"raw":"GET /199f8c6.php?utm_source=\u0026utm_campaign= HTTP/1.1\r\nHost: 82.wugumil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://82.wugumil.com/index/m3?diff=0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 30 Nov 2025 20:59:47 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tftZjwIGmf45rWaI0AJusQwewSLfFUQac1W8fbDh%2BZpxSLvkIyHFe%2Fl0GrqcE2lf9gx1Ut3AEf990GP%2BLJl1ReWD1HeMGxN8gPGmiw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a6d4546dea656bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43506,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (43458), with no line terminators","md5":"cce286a76c98655126ff55a5d756c2b9","sha1":"99eca2b5d02d57a7f6450cbdf902687ba16826d8","sha256":"9f3ad4589604825d80a022d66034f12bb86487f9215ecddc1f14499c7878f362","sha512":"2cadbc7194d6c75db3d962d25886f6c7aa1bdb8ba2ba7f8f9b23f8731862186dea096c7f3cb823f57c2d7fc10c302902d3ca2600642924039847e608deb53add","ssdeep":"768:jCEb5lCr9FbMv1gEEGZ2iPJT4VH4qiWDHV/8wUz:/AqJs14SDHV/8zz","tlshash":"20132c9932927025726ea9e1537f270af37e691748b55c00c603f8803a24edef227f9d","first_seen":"2025-09-06T15:06:29.605554Z","last_seen":"2025-12-03T12:51:21.521007Z","times_seen":212,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"82.wugumil.com/assets/styles/arrow.css?v1","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"172.67.213.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://82.wugumil.com/index/m3?diff=0","date":"2025-11-30T20:59:47.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wugumil.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 09:11:57 GMT","end":"Sun, 22 Feb 2026 10:09:37 GMT"},"fingerprint":{"sha1":"94:D9:F7:95:12:9E:49:C2:7F:F8:A5:8A:64:E3:65:BB:D7:F3:6A:AB","sha256":"7A:A5:65:C7:F2:DA:C1:0F:1D:42:3D:A3:C9:6B:AE:C4:A7:16:6C:38:E5:D2:47:5D:D9:2F:43:D2:71:5E:7F:F8"}}},"request":{"raw":"GET /assets/styles/arrow.css?v1 HTTP/1.1\r\nHost: 82.wugumil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://82.wugumil.com/index/m3?diff=0\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 30 Nov 2025 20:59:47 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"636262bc-1a14\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FvL9d5BgrRbmVmKCOFG7rGmjN2HD3CUKcQBZbNFKoI4dzojymT%2Fo1FD5CqRE7VSvav3IaquIHzin3S2SarPMuWNqZ7vUektsG2QCBw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a6d4546cea556bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6676,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ed4a61ae7235d0e7573766e78dd3fc02","sha1":"090b5cdab4ff3a3b87f491da06b4db99a8c51694","sha256":"ca50536990b949c20119f3134582c654fcd14fabce2517bbc5255fba7faa881b","sha512":"c2d58441829ea6697f14e85f01e1d0c006b6460cd110969578263423016232f407b40490eb5dfde4fbe02e47ac1e19c8db508b8fc0c7fea7a28920c0ad573165","ssdeep":"192:jKRrDP7WWP/8O+t6cjfwZVMLLmmGTA3P8JsRYJbwAzXJtMzZzINvOQpsLr6O:Y3MLLmmGTA3P8JsRWbwAzXJtMzZzSvO9","tlshash":"94d173236a5e2c46a05ed898efd09f4e261f41d7664f8c99fd80340d9fc89a48996f8c","first_seen":"2023-04-05T16:38:07Z","last_seen":"2026-04-23T13:51:39.996152Z","times_seen":483,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"82.wugumil.com/favicon.ico","fqdn":"82.wugumil.com","domain":"wugumil.com","tld":"com"},"ip":{"addr":"172.67.213.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://82.wugumil.com/index/m3?diff=0","date":"2025-11-30T20:59:47.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wugumil.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 09:11:57 GMT","end":"Sun, 22 Feb 2026 10:09:37 GMT"},"fingerprint":{"sha1":"94:D9:F7:95:12:9E:49:C2:7F:F8:A5:8A:64:E3:65:BB:D7:F3:6A:AB","sha256":"7A:A5:65:C7:F2:DA:C1:0F:1D:42:3D:A3:C9:6B:AE:C4:A7:16:6C:38:E5:D2:47:5D:D9:2F:43:D2:71:5E:7F:F8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 82.wugumil.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://82.wugumil.com/index/m3?diff=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 30 Nov 2025 20:59:48 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\nlast-modified: Wed, 02 Nov 2022 12:29:48 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"636262bc-1007\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FThLWz4qlTJg7mDASpRB5Dog7EWCQHNyG5plnZdRkxXvz6BR1929Zs5UYu6oOuHnoE9xR0FBpMnkDeZFlkSEtw%2FnnUwPoXYORng%2B%2Bg%3D%3D\"}]}\r\ncf-ray: 9a6d45485eb056bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4103,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"4cdf3256cd7b8ec3917adb79d6bf457e","sha1":"bc615337e9223183a126c8fb649774866fb53e69","sha256":"fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0","sha512":"2bcd90a667b80393690e244a979e36e9f482b419e52302571a41412aac296aac1d58f81787b38d00a00257dca8bd3dce7cfe6ab8ef12aa3a91e0801ee3c3f21a","ssdeep":"96:LSDZ/I09Da01l+gmkyTt6Hk8nT2JCkun8i01FZZN:LSDS0tKg9E05T23un8h5N","tlshash":"2e818daf99b0d47f7938fa400dce8281e279256c197637ad94e5c5ee00a7b031bb0232","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-05-01T15:36:04.654107Z","times_seen":8857,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"82.wugumil.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sandbahn.com/x/dl?p=1473\u0026clickid=\u0026siteid=","fqdn":"sandbahn.com","domain":"sandbahn.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-30T20:59:49.028Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /x/dl?p=1473\u0026clickid=\u0026siteid= HTTP/1.1\r\nHost: sandbahn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://82.wugumil.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T16:39:26.747397Z","times_seen":14480732,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-30","alert":"Sinkholed","trigger":"sandbahn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}