{"report_id":"2d5eaf21-fbcd-4e31-8c8c-8121b9dab161","version":6,"status":"done","tags":[],"date":"2026-05-01T12:44:57Z","url":{"schema":"http","addr":"imtokan.com.cn","fqdn":"imtokan.com.cn","domain":"imtokan.com.cn","tld":"com.cn"},"ip":{"addr":"216.118.243.92","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"imtokan.com.cn/","fqdn":"imtokan.com.cn","domain":"imtokan.com.cn","tld":"com.cn"},"title":"imToken 官网 - 全球领先Web3数字资产钱包 | 安全管理加密货币","dom":{"size":1474,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"42919961d97d918a7cf4f2825d3292cf","sha1":"225c16a145043a1f88c071e202ec7d2dd637e3c1","sha256":"cec1dd4fa2b28d51d45af816ff0e99eebb3bb4899b7f1b4a15f7b93e3b6e4bd3","sha512":"01378c050b2e5778cae4d9e579478e7155125c75e11416d2e8c12a34a4f556f63fa65588a55451c9bda5313236d231dde7001485be0498bb6814e0a6c616484e","ssdeep":"","tlshash":"6a31dc4792a305097527d86017f3b75426a88803810bde687a9d72d5cfc155998e329c","dom_hash":"domhash7561051d5d4bf214c0b6e7af8fa2e229","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"imtokan.com.cn","fqdn":"imtokan.com.cn","domain":"imtokan.com.cn","tld":"com.cn"},"ip":{"addr":"216.118.243.92","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-05T12:44:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-01","alert":"Sinkholed","trigger":"imtokan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"imtokan.com.cn","ip":{"addr":"216.118.243.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-03-26","domain_rank":0,"first_seen":"2026-05-01T12:43:03.228012Z","last_seen":"2026-05-01T12:43:03.228012Z","alert_count":2,"request_count":2,"received_data":35044,"sent_data":1009,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"imtokan.com.cn/","fqdn":"imtokan.com.cn","domain":"imtokan.com.cn","tld":"com.cn"},"ip":{"addr":"216.118.243.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"3779f66dc82566b65eb67a9606faade8","sha1":"52c2a3af283233dc7e1daef5ec53cec74ba49e25","sha256":"8010af792b084fd1474c3d10e37658cc1de83ff3b1840a3c6ad7ff81b2f97084","sha512":"33d14f4a3b4747b2dbc4b64652550ead371abca7f772f11459e28b508f6b48959c9c97c0868fa96e76284c3abe2d86dd11e739837937679e41ae6b4a78acba80","ssdeep":"","tlshash":"6f216d2b15b6253500b7a2afa74fa7d0252a30cb6403e44d3f9ccd4d1f8199355b16da","size":1231,"data":"","first_seen":"2026-02-03T21:50:39.480769Z","last_seen":"2026-06-04T10:45:58.517677Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"imtokan.com.cn/","fqdn":"imtokan.com.cn","domain":"imtokan.com.cn","tld":"com.cn"},"ip":{"addr":"216.118.243.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-01T12:44:36.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.imtokan.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:24:48 GMT","end":"Wed, 22 Jul 2026 01:24:47 GMT"},"fingerprint":{"sha1":"C6:AE:AC:40:B3:8D:A5:45:CE:75:C9:6A:35:E8:0E:99:27:0C:0E:8D","sha256":"E7:31:50:14:1D:CB:9A:20:D1:2E:AB:97:67:70:0F:4A:F0:A5:C2:1B:AD:0C:F4:46:69:AB:C5:02:29:9F:5D:EF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: imtokan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 27 Mar 2026 15:00:14 GMT\r\netag: \"80d9-64e02c21f5b80-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 8822\r\ncontent-type: text/html\r\ndate: Fri, 01 May 2026 12:44:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":32985,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (379)","md5":"b3a5c21e7a1331960b978388b1f4edac","sha1":"839b3fe31cc254b37ef9081f62be11c5243ffeb7","sha256":"1ebd07af48587214febeeff4fe7aa77310d83ca38e269102b7c861eaf8927b9d","sha512":"e47fda2931f1e5c2b5d4510133dcc2489310f6b646760d42d89b94f717354328611d526aafadfcf6266dfe6705cd6e0561c197f0c70164246659d9850d94443b","ssdeep":"384:LYO6HHvrgvk+aCicS/WF8cvvNUfCW+uhgJu6N//vRA7UmTsa:t6H6icS/y8qvNUfrpkDN//+UmTsa","tlshash":"32e2943a25f470260493c1a66aa5536f2e24f943c90b874176be4bdc5fd7ecacc8361e","first_seen":"2026-05-01T12:43:07.735485Z","last_seen":"2026-05-03T22:31:30.586979Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1774,"timings":{"blocked":711,"dns":349,"connect":176,"send":0,"wait":351,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-01","alert":"Sinkholed","trigger":"imtokan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokan.com.cn/weihu.html","fqdn":"imtokan.com.cn","domain":"imtokan.com.cn","tld":"com.cn"},"ip":{"addr":"216.118.243.92","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://imtokan.com.cn/","date":"2026-05-01T12:44:37.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.imtokan.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:24:48 GMT","end":"Wed, 22 Jul 2026 01:24:47 GMT"},"fingerprint":{"sha1":"C6:AE:AC:40:B3:8D:A5:45:CE:75:C9:6A:35:E8:0E:99:27:0C:0E:8D","sha256":"E7:31:50:14:1D:CB:9A:20:D1:2E:AB:97:67:70:0F:4A:F0:A5:C2:1B:AD:0C:F4:46:69:AB:C5:02:29:9F:5D:EF"}}},"request":{"raw":"GET /weihu.html HTTP/1.1\r\nHost: imtokan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokan.com.cn/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 27 Mar 2026 09:34:50 GMT\r\netag: \"5d3-64dfe3666c280-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 716\r\ncontent-type: text/html\r\ndate: Fri, 01 May 2026 12:44:29 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1491,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"62f07fd6529f60a99e5a6a0878210a46","sha1":"a0611ce40365a64afc1ed10242d2fc8915b59522","sha256":"ea0f0659d8dac3d7408454a9718134853e48aee654b2976b1ca488a8515ac9dc","sha512":"c3782539942989b84a57dfc393b38b50b80d193d374028183999c5a4645ec975821587fb3011ecd9a34bd59c67b6c90f3c80abef99aeb7584282b88a5fd65d87","ssdeep":"","tlshash":"4b31dc4ba2a305097127d8701bf3b75426a89803810bde687a9eb2d5cfc565958e329c","first_seen":"2026-05-01T12:43:07.73924Z","last_seen":"2026-05-03T22:31:30.587671Z","times_seen":3,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-01","alert":"Sinkholed","trigger":"imtokan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}