{"report_id":"245e1c6b-01ef-40a5-84c0-99fc0fe66155","version":0,"status":"done","tags":[],"date":"2026-06-11T12:48:33Z","url":{"schema":"http","addr":"gobamalltk.org","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gobamalltk.org/#/","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"title":"TikTok","dom":{"size":18451,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (5208)","md5":"e220bf6dec0a525c5081b0a336e0a4fa","sha1":"39e8f5e748f2413af4d240902744846e11599a20","sha256":"335d41d440ea644b9c404a281fe034fc9a5a23caf841e5cd023638a9ca1e486d","sha512":"eec68f38d790a4e72b7a627c430ec4f72b2a6c18d018e63cfc2c836edcd3aabf4b159521916fb21823f0cbb2832fe261c1612ab4ddae2f2cc877701f5d0e34bb","ssdeep":"192:zqCcufJt2vDYbNVNtISj1aEIbPbDSnnVN7lfevN9zGyP5l0XuTi211sMEslvkCoN:3t2M3JharbPe7lGXim1pk7r4PPaL6/u","tlshash":"b182b5e79ae072dca00fdb49d8659d28f29f31772660cec9d7d8ab59cb942cc408d9c4","dom_hash":"domhash1138762cf9bf6aa291ebdf31a0d34ff5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gobamalltk.org","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-16T12:48:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"gobamalltk.org","ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-06-09","domain_rank":0,"first_seen":"2026-06-11T12:48:05.33832Z","last_seen":"2026-06-11T12:48:05.33832Z","alert_count":100,"request_count":25,"received_data":5520846,"sent_data":10578,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"dc.js","description":"A multi-dimensional charting library built to work natively with crossfilter and rendered using d3.js","website":"https://dc-js.github.io/dc.js/","common_platform_enumeration":"","icon":"dc.js.png","categories":["JavaScript graphics","JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gobamalltk.org/js/app-root.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce85666382b2541f91630ec19a39107e","sha1":"b0c7cf853194eaeafa1c3b507fa0f2fc15b9a394","sha256":"b8abbbb99d95141e3581ac4123cec26f54f0f298adcfbb9ca585c37eccf52aa9","sha512":"3d63bddec8a1a80edeaa6410778137e98d952f324075beaee5c4ce1c4b2f2827b4854932298b7abad588a1822efd1334ccc1e8c424292b17715881b843da7534","ssdeep":"384:2S+LylmQ5HuvY7D4SEmgt4t6EP+z6+yXWvzpH73VnHh+O6fl7OBM6hkl1w//:2ymQBDh7P+z64Hh+Pfl7O6m","tlshash":"f4a2f8e8f695b47a1b6730b4a03f220aba77b859240a8085f644e4cb7c7d50e6567f3c","size":22637,"data":"","first_seen":"2026-06-11T12:48:10.855187Z","last_seen":"2026-06-11T13:27:57.604604Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/entry.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"36083fc94a36797ea24d33f8d77a7002","sha1":"edb9054b6d42f02c1ffbe4e6ea9de5a375210e00","sha256":"dd20d2e3672fc637a657cd336bae5b1c1a4afe7798325be6698967eef0564328","sha512":"5d065a80a4628689651bde1acf3139ffd63c33c1d9f400153e377e82a1c6570c9bb6d53f06df4ce52e5b3fd83297765ae05ca48b61cfe9c4d5942a3567978b71","ssdeep":"384:K3L+GIdkbHzWRksCh2ZUJe8NFUG5IsVCogsgy1+fw79tj+gCdNLvXds2dXgjh1D6:QL+GIdkbHRsCZe8N6mIsVCRsN7WgCdN7","tlshash":"8b822bd73091743d539a11be70bf6205b3b91860f84db4d0e72ca8993e96e6203abf5d","size":18022,"data":"","first_seen":"2026-06-11T12:48:10.844879Z","last_seen":"2026-06-11T13:27:57.580126Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/pc-init.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"badc93f17c574b7b8be37fb009727061","sha1":"d4cd1bf0a6d836279845213aa047af619bcfa0a8","sha256":"2ad41e7684687b9c89b3d46c9c76b879135002cf9fa2c53913466a81332acc47","sha512":"b35ce2010f9bca47c868d905eab766f574b89fd891ccabdd2e32073780364dc34e77da1eb209c649f2029b95427ab335d001af9d84b921ea77fa93f23dacde33","ssdeep":"","tlshash":"63218bb53026ac140e481ceef20bff44181aac7aa873afa14259de60697bc72b714a00","size":1139,"data":"","first_seen":"2026-06-11T12:48:10.845828Z","last_seen":"2026-06-11T13:27:57.622319Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/ui-element.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd24d7c24c5f5b45f802824f54c77586","sha1":"1774023c8bee973bff8714fd2473aed5d9a5995f","sha256":"d98e659feec6b738fc9f9561ab6b39763afd2a8a0aed0d1bea56fec1c1eac60d","sha512":"98f0cb1b8961ca3161c691b5e15f0d7c4943925ca5300b6aa270ab42acdf5551d648d1e3aaf8ee51f79954626ecbea2237b1f469507225bd316ce3b53ad159d2","ssdeep":"768:tgh/+aULDeX424Nw+f9+fq/46/zlgbrsRLOaFcSsTfTyHW1kDENe4U7QuJmZZzE9:OWaUuXH4i+FmWzmMLAZU4U7QH7zUp","tlshash":"e373d6dcb385b07113ab20b540bf150bf33a7955a80ac1a0f252e4da7d7885da16bf7e","size":79444,"data":"","first_seen":"2026-06-07T01:37:22.73038Z","last_seen":"2026-06-11T13:27:57.558082Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/app-core.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"63cad17c693da064ca84dcdbfe2b53a5","sha1":"33e66bab1901d5419a9ca76282f7cf9f2953ea9f","sha256":"783cf4f3f236606ba679efd353a23df329846dcca0282876f8cf64ccd6040a76","sha512":"5560241c8dc8c620b03be1b854f9b075d872623201cc21301c8760371cd1855c8691451d22ea7b87854ee7823dc97637e7883f5f600616370e098226f69b8f8b","ssdeep":"12288:KJexQ/Btdz29evPU+BOpkYEK3xLZYHiT6r49XD7B9FQcT/LYCk5Fyrx3rqahQ5F0:Etdz29evPU+BOpfhxLZYHiT6r49XD7B1","tlshash":"81d47cdd27d7b7b8059402c2802f747632b95d7aff9da0e054e9f99a20e8684c113f7a","size":617766,"data":"","first_seen":"2026-06-11T12:48:10.863085Z","last_seen":"2026-06-11T13:27:57.633826Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/app-globals.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"49b3e91ba13f930de65c76dc465a34f6","sha1":"a405f7cf60a697ece162e661c9576325e9f421b2","sha256":"5cf0a2a507edeb082ec24b817026751a22048a27f8a19a9df394b3068d9dbc1c","sha512":"f0da0440f54fc529dcec13deee68de96d7025002a046531a497b582118010ede2e99ecacd3248ac6f3f422629b4691fc2ee1942a9c8b99b8c3a229d7208c887b","ssdeep":"12288:CpEMdFXMtdz29evPU+BOpkYEK3xLZYHiT6r49XD7B9FQcT/LYCk5Fyrx3rqahQ53:dtdz29evPU+BOpfhxLZYHiT6r49XD7B8","tlshash":"19d47ced27d6b7f8059402c2902f747632bd1c7aff9da4e05499f99a20e8684c113f7a","size":646133,"data":"","first_seen":"2026-06-11T12:48:10.850477Z","last_seen":"2026-06-11T13:27:57.600558Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/chunk-2d0c4283.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"54168cad936bc5f8728acedfea5930bd","sha1":"cb301659bfdd7ca0128f060533c49fa9a09ee9e3","sha256":"55f8c4b7ccad3c610086f71c685d980a5dc7fce3a03646b46507e1ccb028d360","sha512":"e0d1403f5fa9d54903374fe569a261450b4a5855050ccd0c5bdece036865187476452e6af7c9d899c6aa409900b700d096c299989393c93c44dd362a5d96026a","ssdeep":"","tlshash":"04019c4c78993c5a597bf4b080af5b8e227950672c1d457547a0f1d03f7497d2217f4e","size":747,"data":"","first_seen":"2026-06-07T01:37:22.702634Z","last_seen":"2026-06-11T13:27:57.603911Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/chunk-vendors.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6253e6ddb7d1b642320cb333e2405207","sha1":"d6fed508b35f4399a996b1cf820c3d70ab25994e","sha256":"a88552f204f378fe8ecdb03beff166675b6b012dd2f10d28192964a8ac4611ba","sha512":"c5eadcdce47c46a7f6d58742afc843cd391a5e070d5f2df28dad2fa94cc7a4d6041f107ed280a10fbf9e678f7126e97685f83a39084a8f6b1f871087591cbc24","ssdeep":"12288:oNaUp+AKIukYNX+EaT0WvOPpxW2MmWGdYsKLF1UDRpE2rhMSqdUtV7xr4NT5b:oNaXfAYNXajIYhF1UDRSwelDNFb","tlshash":"5b95c6182a5bf3449549c0dbe93b3c84d2ade18aa40b14d15f718bf31bb2746ebadd13","size":1944595,"data":"","first_seen":"2026-06-11T12:48:10.867802Z","last_seen":"2026-06-11T13:27:57.650923Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/chunk-vue.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa1d201554544649e71aacd39fa2d917","sha1":"fef3f95e1852cee2457f229510be970063c0d1bd","sha256":"4922f9bb8b656a8666ec2640ac24059bfb2b20fcf44b384e64c403fcdcfec2e8","sha512":"8db6c4bbfd60ddf4afdcf9b5c4c2241f26b0e77e38c2e669848626e6cb18bacf396f313c163826ceac546ce9e9e298b5c97169a4332b38db75094c44fe3e0070","ssdeep":"768:Agh/+aULDeX424Nw+f9+fq/46/zlgbrsRLOaFcSsTfTyHW1kDENe4U7QuJmZZzEQ:PWaUuXH4i+FmWzmMLAZU4U7QH7zUM","tlshash":"8e73d6dcb385b07113ab20b540bf150bf33a7955a80ac1a0f252e4da7d7845ea16bf7e","size":79287,"data":"","first_seen":"2026-06-07T01:37:22.870456Z","last_seen":"2026-06-11T13:27:57.587223Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/chunk-element.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"08d1982af6ee67fcb706319a76fd4e32","sha1":"839c4aec3de1e0bbf0a421f2fda2130abdef715d","sha256":"9543b352cc086d018afd9c9fbd89eb3c600644e46cfe004bf3d63269f0fcda07","sha512":"38706f08f22a3f995c9362e72acc20a7f2b49dd563dd5ba1a57ba2b53ea818312768709ceb6b6aec431e0013ea77933c6c74b4256b154cedc7bd802654ebb22f","ssdeep":"6144:klMa5rLwLTUVe2as9+mCtleDOUFcFeiIW8CsjIU+QTBdFelE4E:kvwXUVe2axDmOUGtI8QTJelE4E","tlshash":"0b051a8d72c5f57147a360b0106f240bb33b2eac6809809cb675e8d96dbd909626ff7d","size":807599,"data":"","first_seen":"2026-06-07T01:37:22.762377Z","last_seen":"2026-06-11T13:27:57.541688Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/app-shared.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d24af43b86193eb90ccde1feb177d6a3","sha1":"f9cf760750f5e1a8dd1aac33d855b1fb46a58757","sha256":"4b47eabbb1dca3fa9c9c7841056ab5b6e9e91150055d6476e9398b422f3c76f7","sha512":"b6bf5004fd284787209604b7bd60e45686e27ffa1d72edf03ca602d41f201eb0e818216ebc1e1f62554a8d8dbd8e9490658944cb95449fbeff22482fb7e0ba87","ssdeep":"768:oCTzHahMp02iB/DPDGMn5dNjRoz2n5+FiDtzXq08A1965h1r2sAy9jSYMrjc1XWj:JTKDaZxDsyQvdvO0","tlshash":"e863b98ef1e2b06d057a75b1707b6015b03929f478058542e77998fa3f6c858333bbae","size":70944,"data":"","first_seen":"2026-06-11T12:48:10.854235Z","last_seen":"2026-06-11T13:27:57.614115Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/i18n-locales.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0ca3d5d5639e3eabc1dcd4d1a677cda9","sha1":"e4452a36889ac7eed6750d0fceb16e5b3629d1e5","sha256":"977afa51b58ce4dac69d692c9db5722489c737fa2761aa4ec086573c8d0a1efd","sha512":"7215c31a3763acc24e6067f5c69699b33ea741235b43f91180dced0f06c071630e2c395137f8c0968879c5e03994b697ade5921974273651f8fa8adf03e0c031","ssdeep":"12288:czDLTbhAWREDM9aGD3A0XNMU9EV3elQ8Y1bCZsyqx+qM18Wq3Wn4hHlbDCvIKfcq:ghSyMU9M8Ob/WR","tlshash":"8df48eefabd932fc0c58694ab08e3e7561dc1cb6f792e5e00cec962512f5d419212f29","size":724549,"data":"","first_seen":"2026-06-11T12:48:10.851333Z","last_seen":"2026-06-11T13:27:57.547872Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"ES_LANGUAGE_MAP -\u003emap[actor:server1.conn0.watcher14.process7//obj33 class:Object extensible:true frozen:false isError:false ownPropertyLength:21 preview:map[kind:Object ownProperties:map[af:map[configurable:true enumerable:true value:af writable:true] de:map[configurable:true enumerable:true value:de writable:true] el:map[configurable:true enumerable:true value:el writable:true] en:map[configurable:true enumerable:true value:en writable:true] ja:map[configurable:true enumerable:true value:ja writable:true] ms:map[configurable:true enumerable:true value:ms writable:true] pt:map[configurable:true enumerable:true value:pt writable:true] th:map[configurable:true enumerable:true value:th writable:true] zhCN:map[configurable:true enumerable:true value:zh-CN writable:true] zhTW:map[configurable:true enumerable:true value:zh-TW writable:true]] ownPropertiesLength:21] sealed:false type:object]","filename":"https://gobamalltk.org/js/app-shared.214d29dc.js","line_number":0,"column_number":0},{"level":"error","text":"Loading CSS chunk pages-core failed.\n(/css/pages-core.a850ad1a.css)","filename":"https://gobamalltk.org/js/app-globals.214d29dc.js","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"gobamalltk.org/css/app-shared.32a5a438.css","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:03.992Z","timestamp":1781182083992,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /css/app-shared.32a5a438.css HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"19101-1781113509581\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19101,"size_decoded":7883,"mime_type":"text/css","magic":"ASCII text, with very long lines (19101), with no line terminators","md5":"102e3f71a7bb760662f281870b50903d","sha1":"25c8e4aa80bc7dff27704b921b87370276efd8c9","sha256":"734da0b97705d1f4487e3700701d31c977339bdd1785b721aa63ec01bc17f6e8","sha512":"d04287838e30c4816e0fc8553e46d897c871f953f2e85dfb009e4cb7447c46cda78d4832f7504a7b8a2ae8fa2d0888471418e512a872335cc27105d0617f94e9","ssdeep":"384:CKHc1gNGkhxHzniCKMYOAsaOxlnseFS9oF1/ID8cDfD+DWDfDWDdD5djThh+1:CKHc1gNhxHznizHO3/dF1Jdn+1","tlshash":"b082d5f2f135113eb43294bba9ca54ecbc89f009e7b6d29aff9c7526c4c5686053024e","first_seen":"2026-06-07T01:37:22.759058Z","last_seen":"2026-06-11T13:27:57.613377Z","times_seen":5,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/app-shared.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:03.994Z","timestamp":1781182083994,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/app-shared.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:04 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"70944-1781113509610\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70944,"size_decoded":19034,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65405), with no line terminators","md5":"d24af43b86193eb90ccde1feb177d6a3","sha1":"f9cf760750f5e1a8dd1aac33d855b1fb46a58757","sha256":"4b47eabbb1dca3fa9c9c7841056ab5b6e9e91150055d6476e9398b422f3c76f7","sha512":"b6bf5004fd284787209604b7bd60e45686e27ffa1d72edf03ca602d41f201eb0e818216ebc1e1f62554a8d8dbd8e9490658944cb95449fbeff22482fb7e0ba87","ssdeep":"768:oCTzHahMp02iB/DPDGMn5dNjRoz2n5+FiDtzXq08A1965h1r2sAy9jSYMrjc1XWj:JTKDaZxDsyQvdvO0","tlshash":"e863b98ef1e2b06d057a75b1707b6015b03929f478058542e77998fa3f6c858333bbae","first_seen":"2026-06-11T12:48:10.854235Z","last_seen":"2026-06-11T13:27:57.614115Z","times_seen":3,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T12:47:59.912Z","timestamp":1781182079912,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:00 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"2549-1781113510988\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:10 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"dc.js","description":"A multi-dimensional charting library built to work natively with crossfilter and rendered using d3.js","website":"https://dc-js.github.io/dc.js/","common_platform_enumeration":"","icon":"dc.js.png","categories":["JavaScript graphics","JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2549,"size_decoded":1274,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (630)","md5":"708c361494eafad0450c5a1b48f496fc","sha1":"a956e1359ca6bdd83aa1e799e54651ea86126816","sha256":"02dea2131530112e0a50f22a42325691bf54cacb67fbbff822eecd76ce832747","sha512":"1e9578bc7cb232ac5b62bec1aa2817b0d1dacbd7d326330f15af27f5c589517b56b14d433bd98a5e0a94d4a641326ce0980c007c4018731c0f752ca0e1010a57","ssdeep":"","tlshash":"27512f766c50511cb627829049ae2b0823ae94132609d899b7fd306cefc0fedd8a7358","first_seen":"2026-06-11T12:48:10.842563Z","last_seen":"2026-06-11T13:27:57.630292Z","times_seen":3,"resource_available":true,"data":null}},"time_used":928,"timings":{"blocked":-1,"dns":121,"connect":266,"send":0,"wait":267,"receive":0,"ssl":274},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/css/chunk-vendors.1f415fb6.css","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:01.098Z","timestamp":1781182081098,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /css/chunk-vendors.1f415fb6.css HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:01 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"38317-1781113509582\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38317,"size_decoded":8496,"mime_type":"text/css","magic":"ASCII text, with very long lines (38317), with no line terminators","md5":"17ef430fcfe69e2cdab0f207b591bfa3","sha1":"6034c5414d69180cbd510f2d2b87b94e1081f292","sha256":"2d6c075216266d0dd862bf4aba9d75ad03ece2932c77af602f9b4df42b676936","sha512":"e12821f9e664d045b12aa61cf2eb30c6a98b1e90c9104c384fa26e9f9ed519365c6f8e92b248b53688c2eb621e543661cef986945a1419a6de63e0688f3e1824","ssdeep":"768:nECmhishNnHBL98FmWb6CObhrb63if65WJ1mXAA0T3:nH6vASf65WCXkD","tlshash":"0b03de2407a2342ef637da2671b08e993b368003d4224fecd294bf5cd3965e55ad7de2","first_seen":"2025-10-09T03:51:47.874556Z","last_seen":"2026-06-11T13:27:57.525804Z","times_seen":8,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/chunk-vendors.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:01.100Z","timestamp":1781182081100,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/chunk-vendors.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:01 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"1944595-1781113509620\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1944595,"size_decoded":433229,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (26149)","md5":"1c2b3305fe9ac97d91de1c6ab08e1d29","sha1":"778202f7d872839a486b6432cb97b05f05fec173","sha256":"432e04259140d4b6d37b8ff839a5ae598b3d6563f104e11120eec2373444b8ae","sha512":"3d5fa33ffdf9ebfef3f7f65c1f2e319f0a6f41cab85d1469e856e2700961eb6058eeb596db8aeeb937cb50e9923f56cd14a413a485594d2f7faa75cf95ab2129","ssdeep":"6144:WEDus+G3e3Kup+AKIukYI1cIk3Xxoh23akU9W/b2DcYKV30Kq3+51Xq5Exvvvpx5:oNaUp+AKIukYNX+EaT0WvOPpxW2D","tlshash":"e2350c182a5ef3409909c0dbe93b3c8895ade285b40b14e15f7197b31bb2357fbadd12","first_seen":"2026-06-11T12:48:10.844029Z","last_seen":"2026-06-11T13:27:57.603252Z","times_seen":3,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/favicon.ico","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:03.038Z","timestamp":1781182083038,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:03 GMT\r\ncontent-type: text/html;charset=utf-8\r\ncontent-length: 762\r\ncontent-language: en\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":762,"size_decoded":931,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (758), with no line terminators","md5":"ed3690d8ecc67f369aa419222bb65faa","sha1":"f38eca71b5b0a9ec9fa1801e9e6bcb35792971cf","sha256":"9061d63b1bb7ebc668c9b1ef91e743a964691fc498208134a7d1a00a18e04f34","sha512":"d3ee7368ac49c1688bcbf4dee651e8d6faf58737da2a6b951909e4255ca16ccf06d12cdcfdc366ea21085ea30180b07a53312fd7b7eb154e3321ea0829a523f4","ssdeep":"","tlshash":"1401203ec10a1017bcb6087b35513ea83858c88396720734e85489f8d6854f8a76178c","first_seen":"2024-07-01T16:42:04Z","last_seen":"2026-06-11T13:27:57.618564Z","times_seen":192,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/app-root.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:05.164Z","timestamp":1781182085164,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/app-root.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:05 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"22637-1781113509610\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22637,"size_decoded":10498,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21822)","md5":"ce85666382b2541f91630ec19a39107e","sha1":"b0c7cf853194eaeafa1c3b507fa0f2fc15b9a394","sha256":"b8abbbb99d95141e3581ac4123cec26f54f0f298adcfbb9ca585c37eccf52aa9","sha512":"3d63bddec8a1a80edeaa6410778137e98d952f324075beaee5c4ce1c4b2f2827b4854932298b7abad588a1822efd1334ccc1e8c424292b17715881b843da7534","ssdeep":"384:2S+LylmQ5HuvY7D4SEmgt4t6EP+z6+yXWvzpH73VnHh+O6fl7OBM6hkl1w//:2ymQBDh7P+z64Hh+Pfl7O6m","tlshash":"f4a2f8e8f695b47a1b6730b4a03f220aba77b859240a8085f644e4cb7c7d50e6567f3c","first_seen":"2026-06-11T12:48:10.855187Z","last_seen":"2026-06-11T13:27:57.604604Z","times_seen":3,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/layout-ui.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:05.452Z","timestamp":1781182085452,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/layout-ui.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:05 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"743252-1781113509621\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T02:31:18.345974Z","times_seen":16499189,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/chunk-element.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:03.494Z","timestamp":1781182083494,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/chunk-element.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:03 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"807599-1781113509611\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":807599,"size_decoded":211583,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64709), with no line terminators","md5":"08d1982af6ee67fcb706319a76fd4e32","sha1":"839c4aec3de1e0bbf0a421f2fda2130abdef715d","sha256":"9543b352cc086d018afd9c9fbd89eb3c600644e46cfe004bf3d63269f0fcda07","sha512":"38706f08f22a3f995c9362e72acc20a7f2b49dd563dd5ba1a57ba2b53ea818312768709ceb6b6aec431e0013ea77933c6c74b4256b154cedc7bd802654ebb22f","ssdeep":"6144:klMa5rLwLTUVe2as9+mCtleDOUFcFeiIW8CsjIU+QTBdFelE4E:kvwXUVe2axDmOUGtI8QTJelE4E","tlshash":"0b051a8d72c5f57147a360b0106f240bb33b2eac6809809cb675e8d96dbd909626ff7d","first_seen":"2026-06-07T01:37:22.762377Z","last_seen":"2026-06-11T13:27:57.541688Z","times_seen":5,"resource_available":true,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/ui-element.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:03.498Z","timestamp":1781182083498,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/ui-element.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:03 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"79444-1781113509631\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79444,"size_decoded":28483,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (62792)","md5":"dd24d7c24c5f5b45f802824f54c77586","sha1":"1774023c8bee973bff8714fd2473aed5d9a5995f","sha256":"d98e659feec6b738fc9f9561ab6b39763afd2a8a0aed0d1bea56fec1c1eac60d","sha512":"98f0cb1b8961ca3161c691b5e15f0d7c4943925ca5300b6aa270ab42acdf5551d648d1e3aaf8ee51f79954626ecbea2237b1f469507225bd316ce3b53ad159d2","ssdeep":"768:tgh/+aULDeX424Nw+f9+fq/46/zlgbrsRLOaFcSsTfTyHW1kDENe4U7QuJmZZzE9:OWaUuXH4i+FmWzmMLAZU4U7QH7zUp","tlshash":"e373d6dcb385b07113ab20b540bf150bf33a7955a80ac1a0f252e4da7d7885da16bf7e","first_seen":"2026-06-07T01:37:22.73038Z","last_seen":"2026-06-11T13:27:57.558082Z","times_seen":5,"resource_available":true,"data":null}},"time_used":287,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/app-core.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:03.995Z","timestamp":1781182083995,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/app-core.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:04 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"617766-1781113509609\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":617766,"size_decoded":154098,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (58645)","md5":"63cad17c693da064ca84dcdbfe2b53a5","sha1":"33e66bab1901d5419a9ca76282f7cf9f2953ea9f","sha256":"783cf4f3f236606ba679efd353a23df329846dcca0282876f8cf64ccd6040a76","sha512":"5560241c8dc8c620b03be1b854f9b075d872623201cc21301c8760371cd1855c8691451d22ea7b87854ee7823dc97637e7883f5f600616370e098226f69b8f8b","ssdeep":"12288:KJexQ/Btdz29evPU+BOpkYEK3xLZYHiT6r49XD7B9FQcT/LYCk5Fyrx3rqahQ5F0:Etdz29evPU+BOpfhxLZYHiT6r49XD7B1","tlshash":"81d47cdd27d7b7b8059402c2802f747632b95d7aff9da0e054e9f99a20e8684c113f7a","first_seen":"2026-06-11T12:48:10.863085Z","last_seen":"2026-06-11T13:27:57.633826Z","times_seen":3,"resource_available":true,"data":null}},"time_used":283,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/css/layout-ui.5030268c.css","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:05.451Z","timestamp":1781182085451,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /css/layout-ui.5030268c.css HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"12231-1781113509582\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12231,"size_decoded":3150,"mime_type":"text/css","magic":"ASCII text, with very long lines (12231), with no line terminators","md5":"0a4a3e08a3e5e006819ecac8f42e5df4","sha1":"cada57b5c60b6e53e644faf0a64a11eeaff2e385","sha256":"dcb5d9be2a10c0b506b18e0d2c46d564308621ced440d28ebe06b9a137563b18","sha512":"c06ee8b58bd01cdb1872e90f6d88fe036d12dcd35fbbc7571c3b86a8dd6bb4e66674fe5c9597fff438f7e9ded03299f4e8f84598168993da5e0e2fb9a0cd975a","ssdeep":"192:VZA1Zxj5g4SeE5drsCqQ6jZISE5qYc2IQQtXQPpOliGxMT0GMWntnZ2InF1DwG3:q5guE5drsC6wTIQagR5n/3","tlshash":"c3429331f56635386573e22de291a98c305cc502eab383eafe99721e84d77f30561a1c","first_seen":"2026-06-11T12:48:10.856189Z","last_seen":"2026-06-11T13:27:57.597403Z","times_seen":3,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/css/pages-core.a850ad1a.css","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:05.457Z","timestamp":1781182085457,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /css/pages-core.a850ad1a.css HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T02:31:18.345974Z","times_seen":16499189,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/pages-core.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:05.459Z","timestamp":1781182085459,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/pages-core.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T02:31:18.345974Z","times_seen":16499189,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/entry.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:01.102Z","timestamp":1781182081102,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/entry.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:01 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"18022-1781113509620\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18022,"size_decoded":7146,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (18022), with no line terminators","md5":"36083fc94a36797ea24d33f8d77a7002","sha1":"edb9054b6d42f02c1ffbe4e6ea9de5a375210e00","sha256":"dd20d2e3672fc637a657cd336bae5b1c1a4afe7798325be6698967eef0564328","sha512":"5d065a80a4628689651bde1acf3139ffd63c33c1d9f400153e377e82a1c6570c9bb6d53f06df4ce52e5b3fd83297765ae05ca48b61cfe9c4d5942a3567978b71","ssdeep":"384:K3L+GIdkbHzWRksCh2ZUJe8NFUG5IsVCogsgy1+fw79tj+gCdNLvXds2dXgjh1D6:QL+GIdkbHRsCZe8N6mIsVCRsN7WgCdN7","tlshash":"8b822bd73091743d539a11be70bf6205b3b91860f84db4d0e72ca8993e96e6203abf5d","first_seen":"2026-06-11T12:48:10.844879Z","last_seen":"2026-06-11T13:27:57.580126Z","times_seen":3,"resource_available":true,"data":null}},"time_used":532,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":532,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/pc-init.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:02.919Z","timestamp":1781182082919,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/pc-init.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:03 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"1139-1781113509631\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1139,"size_decoded":710,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1139), with no line terminators","md5":"badc93f17c574b7b8be37fb009727061","sha1":"d4cd1bf0a6d836279845213aa047af619bcfa0a8","sha256":"2ad41e7684687b9c89b3d46c9c76b879135002cf9fa2c53913466a81332acc47","sha512":"b35ce2010f9bca47c868d905eab766f574b89fd891ccabdd2e32073780364dc34e77da1eb209c649f2029b95427ab335d001af9d84b921ea77fa93f23dacde33","ssdeep":"","tlshash":"63218bb53026ac140e481ceef20bff44181aac7aa873afa14259de60697bc72b714a00","first_seen":"2026-06-11T12:48:10.845828Z","last_seen":"2026-06-11T13:27:57.622319Z","times_seen":3,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/chunk-vue.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:03.195Z","timestamp":1781182083195,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/chunk-vue.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:03 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"79287-1781113509620\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79287,"size_decoded":28388,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (62805)","md5":"fa1d201554544649e71aacd39fa2d917","sha1":"fef3f95e1852cee2457f229510be970063c0d1bd","sha256":"4922f9bb8b656a8666ec2640ac24059bfb2b20fcf44b384e64c403fcdcfec2e8","sha512":"8db6c4bbfd60ddf4afdcf9b5c4c2241f26b0e77e38c2e669848626e6cb18bacf396f313c163826ceac546ce9e9e298b5c97169a4332b38db75094c44fe3e0070","ssdeep":"768:Agh/+aULDeX424Nw+f9+fq/46/zlgbrsRLOaFcSsTfTyHW1kDENe4U7QuJmZZzEQ:PWaUuXH4i+FmWzmMLAZU4U7QH7zUM","tlshash":"8e73d6dcb385b07113ab20b540bf150bf33a7955a80ac1a0f252e4da7d7845ea16bf7e","first_seen":"2026-06-07T01:37:22.870456Z","last_seen":"2026-06-11T13:27:57.587223Z","times_seen":5,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/css/ui-element.2bf1d5df.css","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:03.496Z","timestamp":1781182083496,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /css/ui-element.2bf1d5df.css HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:03 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"212411-1781113509582\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":212411,"size_decoded":35312,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ba88695f302d81526451e967065879d7","sha1":"9da38d8d69ec6b6f506d697f684e44bc6419582c","sha256":"6cf4b6cfb9c9f13493bdc24061040582ce68df8596b033834d8dffdcebefb981","sha512":"95166b8a3196c0cf52c558e0fe4d8ec3abd33fa52dfff5485bcd8ab54edd3f0fd99cc8f60fdd814d9a25e113c761723f8057c9a3529a03d6b5fb3a86d89b534e","ssdeep":"1536:w28Y7SrW3YeWXA1u9w4HCe/l4RdgW9cMEcWAp7KO6iZkJgYu8e0r8kvXOxIco4Q5:JFJWTPL4Q+05q2f","tlshash":"3124a510db17217b222be6ad75c0ba896f18c323d8725b7bfd95741ccae64891163e0f","first_seen":"2025-04-02T12:27:11.328801Z","last_seen":"2026-06-11T13:27:57.581486Z","times_seen":7,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/css/app-globals.d5110eb6.css","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:04.385Z","timestamp":1781182084385,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /css/app-globals.d5110eb6.css HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"4896-1781113509581\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4896,"size_decoded":1991,"mime_type":"text/css","magic":"ASCII text, with very long lines (4896), with no line terminators","md5":"2786187532ab7a9912094da94298df8f","sha1":"8f6e4ebc3a63004285d26303f032439fbde7722e","sha256":"46f580faeacc341627719fc2f9ba38e8f44bde5a14ac5b08bc800a14d1108a11","sha512":"29297f8f19c6a16fc50e0d56886fdf682c3713fea10ea918362baf25ae0c6e97bf5866ba886f183eb3911755669bbf5e9e2842e8cb87f7197d736622a78c9b11","ssdeep":"96:PZBZ5ZBZkZBZVZBZmZ3EqZBZqvZBZCZBZPoV+U2ZqfMcVkXqHjjBZfBZfBZFBZmD:PXPDKDvDEJEqDODIDs+U2ZmMcC6HZTzk","tlshash":"35a14561f22e16dd7373c4699740aa89de60e112c4e18fa6fc1e723c4ed624363e0b6c","first_seen":"2026-06-07T01:37:22.715248Z","last_seen":"2026-06-11T13:27:57.59977Z","times_seen":5,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/app-globals.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:04.387Z","timestamp":1781182084387,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/app-globals.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:04 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"646133-1781113509610\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":646133,"size_decoded":169356,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (53659)","md5":"49b3e91ba13f930de65c76dc465a34f6","sha1":"a405f7cf60a697ece162e661c9576325e9f421b2","sha256":"5cf0a2a507edeb082ec24b817026751a22048a27f8a19a9df394b3068d9dbc1c","sha512":"f0da0440f54fc529dcec13deee68de96d7025002a046531a497b582118010ede2e99ecacd3248ac6f3f422629b4691fc2ee1942a9c8b99b8c3a229d7208c887b","ssdeep":"12288:CpEMdFXMtdz29evPU+BOpkYEK3xLZYHiT6r49XD7B9FQcT/LYCk5Fyrx3rqahQ53:dtdz29evPU+BOpfhxLZYHiT6r49XD7B8","tlshash":"19d47ced27d6b7f8059402c2902f747632bd1c7aff9da4e05499f99a20e8684c113f7a","first_seen":"2026-06-11T12:48:10.850477Z","last_seen":"2026-06-11T13:27:57.600558Z","times_seen":3,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/i18n-locales.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:04.789Z","timestamp":1781182084789,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/i18n-locales.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:04 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\netag: W/\"724872-1781113509621\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":724872,"size_decoded":225631,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62364), with no line terminators","md5":"0ca3d5d5639e3eabc1dcd4d1a677cda9","sha1":"e4452a36889ac7eed6750d0fceb16e5b3629d1e5","sha256":"977afa51b58ce4dac69d692c9db5722489c737fa2761aa4ec086573c8d0a1efd","sha512":"7215c31a3763acc24e6067f5c69699b33ea741235b43f91180dced0f06c071630e2c395137f8c0968879c5e03994b697ade5921974273651f8fa8adf03e0c031","ssdeep":"12288:czDLTbhAWREDM9aGD3A0XNMU9EV3elQ8Y1bCZsyqx+qM18Wq3Wn4hHlbDCvIKfcq:ghSyMU9M8Ob/WR","tlshash":"8df48eefabd932fc0c58694ab08e3e7561dc1cb6f792e5e00cec962512f5d419212f29","first_seen":"2026-06-11T12:48:10.851333Z","last_seen":"2026-06-11T13:27:57.547872Z","times_seen":3,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/css/app-root.e5aa1e0b.css","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:05.162Z","timestamp":1781182085162,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /css/app-root.e5aa1e0b.css HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:05 GMT\r\ncontent-type: text/css\r\ncontent-length: 104\r\netag: W/\"104-1781113509581\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104,"size_decoded":378,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"6903fb1337139d76be5da8d0c2f0b7d4","sha1":"0bcc6110feb4120aac33d435b2b83eaf96ece12a","sha256":"b3045433c9f4db2ed73d19a3dc26b1a3eb2c843d9165c27fa6ff45f755d52c18","sha512":"787fe5a17b7a4b2cd3e1ec405744633c74cee650de11e98b968b44b97903756d2eaf329a3a73529b3222094dff78648a802489a29abf5447742e96f905c3641b","ssdeep":"","tlshash":"1cb012760541a122a8fa4735c8d34618bb0704359f830e1d72038f4c8359f1982141a0","first_seen":"2026-06-07T01:37:22.735457Z","last_seen":"2026-06-11T13:27:57.596478Z","times_seen":5,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/css/chunk-element.6b92dc4c.css","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:03.491Z","timestamp":1781182083491,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /css/chunk-element.6b92dc4c.css HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:03 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"211155-1781113509582\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":211155,"size_decoded":35314,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e1ec7b3d258707dfa59963f29e6f8e75","sha1":"4f5bc4f0fe61f591e28ee36aeb7225face58fdcd","sha256":"dd1f9346550174f9e13cf5bde56e170cf73b9b703a46f0335435471104a3aba0","sha512":"2c4dc449a988f588060850b8d9cdd6eb28c00c26e0b17d938f9904f7331979d66f74b806a5f457dc13d5a3593ca04bdac41699603e3c412e241b82ea715aed14","ssdeep":"1536:w28Y7SrW3YeWXA1u9w4HCe/l4JrgW9cMERw4B78O6iZkJgYu8e210kSDDvIc/ehB:JtKw/27eDLL6of","tlshash":"0824a710db17247b622bd66db4c0ba896f24c363d8725b3bfd95741cc6e64891223e1f","first_seen":"2023-10-20T10:33:29Z","last_seen":"2026-06-11T23:31:05.34636Z","times_seen":98,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/js/chunk-2d0c4283.214d29dc.js","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"161.248.15.131","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:04.781Z","timestamp":1781182084781,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /js/chunk-2d0c4283.214d29dc.js HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 12:48:04 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 747\r\netag: W/\"747-1781113509610\"\r\nlast-modified: Wed, 10 Jun 2026 17:45:09 GMT\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":747,"size_decoded":1028,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (747), with no line terminators","md5":"54168cad936bc5f8728acedfea5930bd","sha1":"cb301659bfdd7ca0128f060533c49fa9a09ee9e3","sha256":"55f8c4b7ccad3c610086f71c685d980a5dc7fce3a03646b46507e1ccb028d360","sha512":"e0d1403f5fa9d54903374fe569a261450b4a5855050ccd0c5bdece036865187476452e6af7c9d899c6aa409900b700d096c299989393c93c44dd362a5d96026a","ssdeep":"","tlshash":"04019c4c78993c5a597bf4b080af5b8e227950672c1d457547a0f1d03f7497d2217f4e","first_seen":"2026-06-07T01:37:22.702634Z","last_seen":"2026-06-11T13:27:57.603911Z","times_seen":5,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gobamalltk.org/img/TikToklogo.8798ec77.png","fqdn":"gobamalltk.org","domain":"gobamalltk.org","tld":"org"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gobamalltk.org/","date":"2026-06-11T12:48:06.021Z","timestamp":1781182086021,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gobamalltk.org","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 09 Jun 2026 09:00:00 GMT","end":"Mon, 07 Sep 2026 08:59:59 GMT"},"fingerprint":{"sha1":"EF:7C:81:8C:7C:CE:6B:07:4D:F0:DB:71:A0:ED:EE:F6:42:48:47:D6","sha256":"63:FD:7E:B0:76:EC:C5:61:7C:AF:D0:EC:48:01:D1:8B:16:F6:16:51:B4:60:E3:C8:51:C1:C0:84:A1:9B:7A:F6"}}},"request":{"raw":"GET /img/TikToklogo.8798ec77.png HTTP/1.1\r\nHost: gobamalltk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T02:31:18.345974Z","times_seen":16499189,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"gobamalltk.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"gobamalltk.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}