{"report_id":"46aee043-9ef2-4acd-a7e4-31207583e560","version":6,"status":"done","tags":[],"date":"2025-12-30T09:24:52Z","url":{"schema":"http","addr":"api-hitab-com.test690.com/api/api-host/get-free?type=INFO_URL","fqdn":"api-hitab-com.test690.com","domain":"test690.com","tld":"com"},"ip":{"addr":"8.136.83.167","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"api-hitab-com.test690.com/api/api-host/get-free?type=INFO_URL","fqdn":"api-hitab-com.test690.com","domain":"test690.com","tld":"com"},"title":"api-hitab-com.test690.com/api/api-host/get-free?type=INFO_URL","dom":{"size":19467,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (19467), with no line terminators","md5":"e201fe55dbac3435f93f81ffa584b2ce","sha1":"03286ebb3a59185275c55e2b5da3435a7f3ef25e","sha256":"ddd0813b968e119602ab158a332219da463da189836cb2bb56f90ac7b79254f3","sha512":"90c77fa16e90ed1e229469a1c94b8fc1f641ed34312ab549f24c3117a8ce671e40cc13c5dc68099af0bff185ea89b70eca6a4fc2edd118d76b35317c4440f7ee","ssdeep":"96:H5rZrLDbV+CZXUgpk5POtQw07/4P4lHFjSyWST2G3STfx5STDdNSTCOu:3Db9X04P4lHFjLQ+WO","tlshash":"af929ee17dd28c35f58516c8f0b0da29a1d3f69fdcd3d884ead402f827caa94750d1a9","dom_hash":"domhashbb0273a191ca3722c03ac3b6ba454511","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"api-hitab-com.test690.com/api/api-host/get-free?type=INFO_URL","fqdn":"api-hitab-com.test690.com","domain":"test690.com","tld":"com"},"ip":{"addr":"8.136.83.167","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-03T09:24:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"api-hitab-com.test690.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"api-hitab-com.test690.com","ip":{"addr":"8.136.83.167","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2021-09-22","domain_rank":0,"first_seen":"2025-10-18T16:17:06.826504Z","last_seen":"2025-10-18T16:17:06.826504Z","alert_count":1,"request_count":1,"received_data":556,"sent_data":529,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"api-hitab-com.test690.com/api/api-host/get-free?type=INFO_URL","fqdn":"api-hitab-com.test690.com","domain":"test690.com","tld":"com"},"ip":{"addr":"8.136.83.167","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T09:24:30.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api-hitab-com.test690.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 02 Nov 2025 17:57:38 GMT","end":"Sat, 31 Jan 2026 17:57:37 GMT"},"fingerprint":{"sha1":"3C:D5:90:4E:FD:22:A7:42:7A:58:F7:22:02:EC:B5:DB:A1:89:EE:CA","sha256":"C8:46:7B:F6:9F:0A:BC:01:68:89:00:F7:13:8E:94:E0:92:82:E9:47:49:AB:FE:C7:F3:FB:2B:9D:D0:3E:19:20"}}},"request":{"raw":"GET /api/api-host/get-free?type=INFO_URL HTTP/1.1\r\nHost: api-hitab-com.test690.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 30 Dec 2025 09:24:31 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 68\r\nConnection: keep-alive\r\ni-success: true\r\nETag: W/\"44-t9MMzW1489tx0PTyqkLCzkLZMgg\"\r\nAccess-Control-Max-Age: 7200\r\nAccess-Control-Allow-Methods: *\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Headers: Content-Type,Accept,Authorization,i-lang,i-app,i-version,i-branch,i-platform\r\nAccess-Control-Expose-Headers: i-proxy,i-url,i-success\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68,"size_decoded":0,"mime_type":"application/vnd.mozilla.json.view; charset=utf-8","magic":"JSON text data","md5":"9f1ab93837603fcbbfbe393d4a93cb85","sha1":"b7d30ccd6d78f3db71d0f4f2aa42c2ce42d93208","sha256":"41d49bd67c3890fa8a9acfd3607bd3778892e603814071fab7ae09fdc9415062","sha512":"8b79bbbe9024d0dd30c6a05a207dfe88420441f7d220b7055af6044572b0ed873a51f689c298c3ad37636ec797e34bdd1c9374a8330a874ff2d5db46e1ea682a","ssdeep":"","tlshash":"b1a0222002000c003b033020300c088803cc0003cc80b03ae80c0f28cf20830f232032","first_seen":"2025-12-30T09:24:54.999107Z","last_seen":"2025-12-30T09:24:54.999107Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2567,"timings":{"blocked":1048,"dns":535,"connect":250,"send":0,"wait":469,"receive":0,"ssl":262},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"api-hitab-com.test690.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}