{"report_id":"4f09df8b-426e-48b0-89f1-cb2af51187b0","version":6,"status":"done","tags":[],"date":"2026-03-04T13:29:01Z","url":{"schema":"http","addr":"aaa4.gotriphotel.com","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":0,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"final":{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/#/home","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"title":"Airbnb","dom":{"size":24331,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (23704)","md5":"635d12787373e503956b4571ce71229f","sha1":"7c087cd2310beae379e71762489d2469a391239e","sha256":"08bd25324a62a7ff09e7b59fd9d652be6f4a7e6afc406b2217885565117febc7","sha512":"84e592d2969b7cd55abfea28f4633e3c84e119ff32aa74373473ffb54afa38a561df018f9da9423095a751749698a390c37d6852d435e5923042d64fe63122ca","ssdeep":"384:mysUQXyLyByyeyJNNCCyjyiSU2QQi9tyethXPyCvwv6:rsUQXyLyByyeyJNNCCyjyiSU2QQi9tyc","tlshash":"10b20221a5151477027fc8e8f620af8ab9dbeb8ac25e84011ebc53805ff7e74785d6b1","dom_hash":"domhash56ddc7456a6ac1012419c49d368c99a0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"aaa4.gotriphotel.com","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":0,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T13:29:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":24,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:43Z","timestamp":1772630923,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49898,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:43.759648+0000\",\"flow_id\":1713533902084818,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49898,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.088786+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:43Z","timestamp":1772630923,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49924,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:43.762546+0000\",\"flow_id\":1616306579922035,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49924,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.089203+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:43Z","timestamp":1772630923,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49918,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:43.766356+0000\",\"flow_id\":89497245801453,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49918,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.089069+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:43Z","timestamp":1772630923,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49890,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:43.768166+0000\",\"flow_id\":573389736204864,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49890,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.088640+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:43Z","timestamp":1772630923,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49874,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:43.772070+0000\",\"flow_id\":2206370661882138,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49874,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":906,\"bytes_toclient\":1634,\"start\":\"2026-03-04T13:28:43.088346+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49942,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.012780+0000\",\"flow_id\":1438621635391625,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49942,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.340105+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.016203+0000\",\"flow_id\":566369612149250,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49968,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.340482+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49928,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.018429+0000\",\"flow_id\":687588621627252,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49928,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.339828+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49948,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.022609+0000\",\"flow_id\":1112390951973106,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49948,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.340210+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49936,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.027068+0000\",\"flow_id\":2023031392907292,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49936,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.339996+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49958,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.031974+0000\",\"flow_id\":604399400071574,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49958,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.340374+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41750,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.458643+0000\",\"flow_id\":188960098433526,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41750,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.801270+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41740,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.467688+0000\",\"flow_id\":840976936155416,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41740,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-03-04T13:28:43.801048+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41752,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.469978+0000\",\"flow_id\":1531141673400990,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41752,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.801438+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41772,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.475109+0000\",\"flow_id\":1989041021729741,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41772,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.801741+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41760,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.481306+0000\",\"flow_id\":1138779231042355,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41760,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.801587+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41728,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.481049+0000\",\"flow_id\":1183182750431307,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41728,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.800843+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":49910,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.618279+0000\",\"flow_id\":1386901639224166,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":49910,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":6,\"bytes_toserver\":1630,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:43.088934+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41812,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.713887+0000\",\"flow_id\":1811461304011533,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41812,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:44.051981+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41832,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.718475+0000\",\"flow_id\":1660914110352322,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41832,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:44.052162+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41826,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.718606+0000\",\"flow_id\":1060000941001588,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41826,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":905,\"bytes_toclient\":4662,\"start\":\"2026-03-04T13:28:44.052084+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41800,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.725984+0000\",\"flow_id\":2212598364555918,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41800,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:44.051854+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41786,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.728516+0000\",\"flow_id\":1549549903333900,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41786,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":905,\"bytes_toclient\":4662,\"start\":\"2026-03-04T13:28:44.051724+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-04T13:28:44Z","timestamp":1772630924,"ip_dst":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":41806,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-03-04T13:28:44.739540+0000\",\"flow_id\":1691489982532304,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.44\",\"src_port\":41806,\"dest_ip\":\"47.79.48.169\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-03-04T13:28:44.051920+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"aaa4.gotriphotel.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-11-02T12:34:44.616471Z","last_seen":"2026-03-04T07:23:57.96192Z","alert_count":0,"request_count":6,"received_data":22982,"sent_data":2851,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-11-02T12:34:44.617798Z","last_seen":"2026-03-04T07:23:57.869803Z","alert_count":0,"request_count":16,"received_data":3586248,"sent_data":7712,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"aaa4.gotriphotel.com","ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"domain_registered":"2025-10-26","domain_rank":0,"first_seen":"2026-02-15T02:51:03.27674Z","last_seen":"2026-03-04T07:23:58.117728Z","alert_count":36,"request_count":9,"received_data":692499,"sent_data":4090,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"hotelapi.fd1.cc","ip":{"addr":"47.238.95.131","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2023-01-05","domain_rank":0,"first_seen":"2025-12-14T01:44:57.209402Z","last_seen":"2026-03-04T07:23:57.875949Z","alert_count":0,"request_count":4,"received_data":13511,"sent_data":2212,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/registerSW.js","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"402b66900e731ca748771b6fc5e7a068","sha1":"4885b2351b933169986c36026a3750148595d78b","sha256":"e12c8db54e3cc247034427f2b661b305a78fea7e7cdec1eac179fecec3da0fc7","sha512":"0cdad95e40381cf3332f8e5bc1be8eee9e5564106fcd345c777584c155b29bb7b2f0426acc0a28d7d12e20d56d0e804c3b21eb69585ddf6f57ce4a29c3fd740a","ssdeep":"","tlshash":"69c02b5dca4dcc3e0830b1314d0bbb07231f434980c0004007f2030090c3814d0aa483","size":136,"data":"","first_seen":"2023-07-12T15:38:17Z","last_seen":"2026-06-08T10:55:42.553284Z","times_seen":235,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/assets/index-BOAazEWi.js","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"01f80e4b9777b037d19fdb5d2cee9aa0","sha1":"c363e6dc8130195dc3cfbcc841853a8435606c46","sha256":"38b84fc136c1ae9f4e69311cc6ab0914455f2dc4b9e643f72c8d26ef41c94328","sha512":"fb6f4de42203dc84e0b4991d6edd146e63c991870fc5d1a269eed5550b68da24dbc99978dced536d5241c31627ee4bbb713f04e506f9049c3fb88c301029b85e","ssdeep":"12288:c2EKQn48HuDRVVhZ3g+q0k2De11N28EPf9dMe2z/Bem:cbKQ48kpvq0kZnEPf52zJem","tlshash":"5f945b997186b43743f71ad650bb0502b3791a44740dc8e4f1bc9dab2ab694842bffbc","size":413289,"data":"","first_seen":"2026-01-16T01:25:31.515166Z","last_seen":"2026-03-05T08:08:56.430591Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/home1.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/home1.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 1191\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338D23FB0A3137D86D31\r\nAccept-Ranges: bytes\r\nETag: \"D80D8D4699306EB835E92CD085DFA366\"\r\nLast-Modified: Thu, 16 Oct 2025 08:24:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5206745154651921785\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 2A2NRpkwbrg16SzQhd+jZg==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1191,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 4-bit colormap, non-interlaced","md5":"d80d8d4699306eb835e92cd085dfa366","sha1":"22c9ce53c055b77414b50825d7589eb734446518","sha256":"4e145d96ec7f46267a39b6d1b6e69b68e07533b1ccf8d1c9296dfbadf8c02176","sha512":"c2fca5096e73511a59e7f790ec49734de68ccf29f4e492df1341e795a8bbfa24571aadd773c0299cfd9b049e8a1ecbc8d0c812335f77f228172920455728684e","ssdeep":"","tlshash":"ad21dddaa58b39c70fe55855a57a0cc7244baf5200626003d3f81f7d09665a707d0276","first_seen":"2025-12-14T01:45:04.044468Z","last_seen":"2026-04-12T13:08:58.80517Z","times_seen":64,"resource_available":false,"data":null}},"time_used":4125,"timings":{"blocked":1895,"dns":36,"connect":330,"send":0,"wait":333,"receive":0,"ssl":1529},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/my1.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/my1.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 3438\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338C23FB0A39321E6B31\r\nAccept-Ranges: bytes\r\nETag: \"76278A1DAFF8D479F23A01BF67658A69\"\r\nLast-Modified: Sun, 09 Nov 2025 14:23:12 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6422691796259067573\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: dieKHa/41HnyOgG/Z2WKaQ==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3438,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"76278a1daff8d479f23a01bf67658a69","sha1":"46e94002063aef14b6e3be5233bf36c476e8a563","sha256":"ed2f4bbf55f3696a569332c57f0ff46ba5f7b590ed2e83d2ae130ea48918c52f","sha512":"cab8007b2290b10058f13c80c01457e52e88f4ed9b49fcd5a8f5f92427ca93ea8d6bca54e354c5e60bd178014f06f3e59a2b0dbe6e0a783ba2f9641480a36ee1","ssdeep":"","tlshash":"4b61e9476e3189e79d08d3948cf680147d53db08b6a6bd0754d65098c4e652f0fef9f8","first_seen":"2025-12-14T01:45:04.052063Z","last_seen":"2026-04-12T13:08:58.807765Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2424,"timings":{"blocked":1041,"dns":19,"connect":336,"send":0,"wait":339,"receive":0,"ssl":678},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/576.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/576.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 54341\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338C7CC7753031399EF7\r\nAccept-Ranges: bytes\r\nETag: \"D54385245D5065CF9A341B9D6FE67015\"\r\nLast-Modified: Thu, 06 Nov 2025 19:55:57 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9501022568829765155\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 1UOFJF1QZc+aNBudb+ZwFQ==\r\nx-oss-server-time: 10\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":54341,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x576, components 3","md5":"d54385245d5065cf9a341b9d6fe67015","sha1":"bb2d7ab3ae81c06c8b16f6f361c58df99f390cc1","sha256":"5d08889d38c1cc66bb9a78c4c2e20535be78e23863a76a9d1452f963e2196d6f","sha512":"ca078dd3f25688ea310b43f9dad7f4e2d4bd2afb8b5e862bb34919b7c9508ba6c3f6f86ff0d8c2a6c3d9a44271d311c06041b0efb4a390523d7833dec4563ad8","ssdeep":"1536:YaBB9CdhxQYjtdUIRdlbs0iTQ3Va29ZyI3e/1L:BB9EhOYjxFbs5QtZpe9L","tlshash":"a1330255af1d2bd13f0f05093a7a7681f7edbcc9c129aa52004846a98f30b48b2a9d5f","first_seen":"2025-12-14T14:15:05.702001Z","last_seen":"2026-03-04T13:29:06.795433Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2413,"timings":{"blocked":1022,"dns":24,"connect":328,"send":0,"wait":343,"receive":38,"ssl":656},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/590.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/590.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 111464\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338C385D5B323384AC71\r\nAccept-Ranges: bytes\r\nETag: \"A516C9DC2A0CB99430C838D5F5B04688\"\r\nLast-Modified: Thu, 06 Nov 2025 19:55:56 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 7099472787180109245\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: pRbJ3CoMuZQwyDjV9bBGiA==\r\nx-oss-server-time: 16\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":111464,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1022x665, components 3","md5":"a516c9dc2a0cb99430c838d5f5b04688","sha1":"4dd607c01f909f46aec46ae5ceb07e8e7c56b139","sha256":"e3f91a79f0f6181edcc29dabda5f18e8b4b2151a3fdf62db82bc354b80dd68be","sha512":"ae51fe61c030e2cdb8a026f433adca9e3061b948ea0c27d5aaae76d358ed0004aba605d794dd80848538676f1cccc1e74e606d5af43143547ad8306194c7be33","ssdeep":"3072:k+A7GRUhzk2f+zE0jbcx7JP0fNRz5lYMkQkWXx:k+A7jC2Wzlb+7JP0NlYnn0","tlshash":"9eb312fb23da3336871a559a06add00e36530980b656bf4adb4e1723838cfbed372101","first_seen":"2026-03-04T13:29:06.798583Z","last_seen":"2026-03-04T13:29:06.798583Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2778,"timings":{"blocked":1029,"dns":28,"connect":332,"send":0,"wait":353,"receive":368,"ssl":665},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/56.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/56.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 71524\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338C23FB0A3436676D31\r\nAccept-Ranges: bytes\r\nETag: \"615B8260AA6407AB12B21AB7BACD686F\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:43 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5196033945936555691\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: YVuCYKpkB6sSshq3us1obw==\r\nx-oss-server-time: 20\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":71524,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 579x768, components 3","md5":"615b8260aa6407ab12b21ab7bacd686f","sha1":"023269b95f1c604eb6d3f8744c6239e1a7d29a95","sha256":"ccc1467c0b79c29eacf792f630725158ccdf57a3137d324516c3aa8563515981","sha512":"957694aad5d7098ec2de025828fc964bde123903d2f2eef220e3418d2874b511d0e60f1f624df8e3cc1439891b2c4c467fa19ffb4261c56ecef066d7a42a1cc9","ssdeep":"1536:lYC6PPujpWpzUX1Z9RYZVme8U7Kq5TYa4I+lQeQ9Sp5c38WB:yCQP4wilZ9yZg27Kq5TYa4IUQA5c38WB","tlshash":"d56302076d444a8368f097a0ff125c9e726a197e6e8039f642117fe67f04d78cdad0ae","first_seen":"2025-12-14T02:48:36.480717Z","last_seen":"2026-03-04T13:29:06.801452Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2747,"timings":{"blocked":1028,"dns":23,"connect":334,"send":0,"wait":357,"receive":337,"ssl":666},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/images/home/balloon.avif","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aaa1.gotriphotel.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 18:49:09 GMT","end":"Sun, 19 Apr 2026 18:49:08 GMT"},"fingerprint":{"sha1":"D5:66:EE:6B:2F:45:75:23:3C:38:43:16:7B:47:FC:46:3E:18:71:6B","sha256":"D6:74:E4:67:34:FB:76:F6:6C:3F:FF:2A:07:F4:E1:29:86:A1:3A:AB:42:B3:23:FA:52:60:09:D9:36:DD:3B:6F"}}},"request":{"raw":"GET /images/home/balloon.avif HTTP/1.1\r\nHost: aaa4.gotriphotel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:43 GMT\r\nContent-Type: image/avif\r\nContent-Length: 2019\r\nLast-Modified: Thu, 08 Jan 2026 18:42:46 GMT\r\nConnection: keep-alive\r\nETag: \"695ffaa6-7e3\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2019,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"86fbfa83bca571e8fe5e629f32680197","sha1":"4d41101cc375109edad0eb1efb91aecd899d3d8b","sha256":"4eb2ab91c9e81b3ea65355bc338246428a0146c4dff563d6ae3edb52cfa4cdc3","sha512":"831ef3647724d888ef43a0852283fd1337d16cafbacdea984be24b1e2bf7eed3d845677340f339b9555a8e2557c94d171e7c84ddce847464c148392cd17e40fa","ssdeep":"","tlshash":"cd413d5d23107c2fe00c07fccc5e12616fa097599293d923d051f4742b3ebb3d816a14","first_seen":"2025-06-22T04:09:28.250688Z","last_seen":"2026-06-06T18:12:39.845816Z","times_seen":285,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"aaa4.gotriphotel.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/18.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/18.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 379168\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338D23FB0A3436706F31\r\nAccept-Ranges: bytes\r\nETag: \"C9A4A5F0D128643F754C7AFBF0B81540\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:47 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13218860687330764556\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: yaSl8NEoZD91THr78LgVQA==\r\nx-oss-server-time: 23\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":379168,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGB, non-interlaced","md5":"c9a4a5f0d128643f754c7afbf0b81540","sha1":"933bee69aa94ac76f0f1c8a54de523855fc03c1d","sha256":"dfeece2d243f8eb149036944e8a3310a490a476d1ad46e525ff41e1bcc213e6c","sha512":"d61600f8cb3af623b59e0072dd186959a76607968ff418292c80d0ba46da70d9f707ab3b005375a0d51a893c333d61f55af6c343dbd53c04f870b7805d39de0a","ssdeep":"6144:Z7798H5kV5V0qK2YmvUMI5JJ+OE+9e6igzQIBA9boVe2WXDm17Xtn6qHCXzY8MQv:N798ZZ2HdIfJvZiAtBA9b1ilEvXjMQv","tlshash":"4f84237cd1da41244741f9d80d28bb111f7fff69aed5422181ea8fbb5903a8f23085da","first_seen":"2025-12-14T01:58:55.661875Z","last_seen":"2026-04-12T12:44:50.928898Z","times_seen":8,"resource_available":false,"data":null}},"time_used":2807,"timings":{"blocked":1693,"dns":0,"connect":0,"send":0,"wait":367,"receive":747,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/assets/135-CP4bxG8M.png","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:42.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aaa1.gotriphotel.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 18:49:09 GMT","end":"Sun, 19 Apr 2026 18:49:08 GMT"},"fingerprint":{"sha1":"D5:66:EE:6B:2F:45:75:23:3C:38:43:16:7B:47:FC:46:3E:18:71:6B","sha256":"D6:74:E4:67:34:FB:76:F6:6C:3F:FF:2A:07:F4:E1:29:86:A1:3A:AB:42:B3:23:FA:52:60:09:D9:36:DD:3B:6F"}}},"request":{"raw":"GET /assets/135-CP4bxG8M.png HTTP/1.1\r\nHost: aaa4.gotriphotel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 4444\r\nLast-Modified: Thu, 08 Jan 2026 18:42:48 GMT\r\nConnection: keep-alive\r\nETag: \"695ffaa8-115c\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4444,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"f6778c8472bbea9ec8806e34687b1ad8","sha1":"74cc3e958ae8da3acb1b42efbf85b3d20ba245a1","sha256":"76738987afbbbc063195879e79fac899b6074cf2d958b95410651b14585b52e5","sha512":"6c89f70dda3d59fc179782a47cfbdf39c32af1ff267ed061678354edd26dd69dccc508de91f7f2de1ded8f8f1cc98bbe7a419f5158cd1d10d736ba1096d61409","ssdeep":"96:xyB9tnsWny61I6v6NiOzdG13LACOvynqHaMhXsFQ:xyBsWy61I+yGVLivymaQ","tlshash":"02918dc6ac631e38f54b56b95d670021cdaac2ac9ccc053e23e31abb7f5860cb0894c3","first_seen":"2025-12-14T01:45:04.116655Z","last_seen":"2026-04-12T13:08:58.783291Z","times_seen":64,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":194,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"aaa4.gotriphotel.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/572.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/572.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 101625\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338E7CC7753031FEA2F7\r\nAccept-Ranges: bytes\r\nETag: \"5C9E3B31025043F0615EDE86F297DB4D\"\r\nLast-Modified: Thu, 06 Nov 2025 19:55:57 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5534495365229780847\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: XJ47MQJQQ/BhXt6G8pfbTQ==\r\nx-oss-server-time: 26\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":101625,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1248x574, components 3","md5":"5c9e3b31025043f0615ede86f297db4d","sha1":"6463f6e8685ded6f6506081b038dce1ce9f2948b","sha256":"ef5d11ff0852b6f9ade0453d98a3b6333d4c50dc66cd261cf6ed0bfc5587e851","sha512":"3021e0628c7989e2cdef6b95f2c15d6efab8249fe9863340a995666c164db0abda2a3a354eb9208a8fc5d54310265e69d8f3c2367a3c230041fe1f1fe0a8deed","ssdeep":"3072:DVCIw216qJBX1dSgNtHdpf7hI8hCRKPi8N6lTM:DURs6qJBFdZdthIMCKi8QVM","tlshash":"3aa31284f64ad67867e92be61727fe8c21f05144f4187a74a92abf2969c08f80137b53","first_seen":"2025-12-17T07:27:45.476221Z","last_seen":"2026-03-04T13:29:06.811437Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2842,"timings":{"blocked":2418,"dns":0,"connect":0,"send":0,"wait":362,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/420.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/420.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 50863\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338ED72D203533327B32\r\nAccept-Ranges: bytes\r\nETag: \"6B93A535F812C316BB4D32055821C41D\"\r\nLast-Modified: Thu, 06 Nov 2025 19:56:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5793538340443497962\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: a5OlNfgSwxa7TTIFWCHEHQ==\r\nx-oss-server-time: 13\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":50863,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x683, components 3","md5":"6b93a535f812c316bb4d32055821c41d","sha1":"e9f4bc8bc050b02148bdc98004533ac434a2c441","sha256":"dc12974893b015c78ee169d90b6e7ef03c0e2a6f8ba114ff3fea5179b1bca9c2","sha512":"853af4e73b88ed408b963f594ea30ee2b0b9c16703d9c165c35827108ee53c4073f74dc51989ede4e46ff58bb56ef001c81567f9ca802eba41f54327b67a924a","ssdeep":"1536:ggG5JP0Wu45zS9Zpod8pa41T8hX2BoHNPUxXea2bdnqYn7GIj:cy45zSSew4BK2BoHNcdkbsY7GIj","tlshash":"4533f1109d5da3201a4ee9f6180f5810f09a376bb1b19b7b471395f0e868fb751ca73e","first_seen":"2026-03-04T13:29:06.814765Z","last_seen":"2026-03-04T13:29:06.814765Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2499,"timings":{"blocked":2101,"dns":0,"connect":0,"send":0,"wait":362,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/registerSW.js","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:40.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aaa1.gotriphotel.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 18:49:09 GMT","end":"Sun, 19 Apr 2026 18:49:08 GMT"},"fingerprint":{"sha1":"D5:66:EE:6B:2F:45:75:23:3C:38:43:16:7B:47:FC:46:3E:18:71:6B","sha256":"D6:74:E4:67:34:FB:76:F6:6C:3F:FF:2A:07:F4:E1:29:86:A1:3A:AB:42:B3:23:FA:52:60:09:D9:36:DD:3B:6F"}}},"request":{"raw":"GET /registerSW.js HTTP/1.1\r\nHost: aaa4.gotriphotel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:40 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 136\r\nLast-Modified: Thu, 08 Jan 2026 18:42:48 GMT\r\nConnection: keep-alive\r\nETag: \"695ffaa8-88\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":136,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"402b66900e731ca748771b6fc5e7a068","sha1":"4885b2351b933169986c36026a3750148595d78b","sha256":"e12c8db54e3cc247034427f2b661b305a78fea7e7cdec1eac179fecec3da0fc7","sha512":"0cdad95e40381cf3332f8e5bc1be8eee9e5564106fcd345c777584c155b29bb7b2f0426acc0a28d7d12e20d56d0e804c3b21eb69585ddf6f57ce4a29c3fd740a","ssdeep":"","tlshash":"69c02b5dca4dcc3e0830b1314d0bbb07231f434980c0004007f2030090c3814d0aa483","first_seen":"2023-07-12T15:38:17Z","last_seen":"2026-06-08T10:55:42.553284Z","times_seen":235,"resource_available":true,"data":null}},"time_used":1011,"timings":{"blocked":405,"dns":1,"connect":194,"send":0,"wait":194,"receive":0,"ssl":210},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"aaa4.gotriphotel.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/customer1.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/customer1.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 3966\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338CD72D2036363C7632\r\nAccept-Ranges: bytes\r\nETag: \"003CE952E289E29352A64F584A38BD22\"\r\nLast-Modified: Thu, 16 Oct 2025 08:24:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12253149167868013777\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ADzpUuKJ4pNSpk9YSji9Ig==\r\nx-oss-server-time: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3966,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"003ce952e289e29352a64f584a38bd22","sha1":"2d934f92a69f5d3fde0fb024f1529f6e23a050da","sha256":"9f65b8b62d9e21d58e38b6bc86545d4896bdfe4bca5f16e3e9e3c73b5545c5cf","sha512":"5d3c9d8769ff5ed36ac407b3522aaa35e3514a1553adea4900dd82744c9ffbd45ddb63295d2de75ad903c95761dac32ec8bcb2ac923d6eaa9e43df107f72406b","ssdeep":"","tlshash":"b681290b1e715483cf4ac3300cf9b3b4694bc09852997ce75c41e58ad6e216b6a7f8a8","first_seen":"2025-12-14T01:45:04.050612Z","last_seen":"2026-04-12T13:08:58.791609Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2428,"timings":{"blocked":1046,"dns":28,"connect":336,"send":0,"wait":335,"receive":0,"ssl":676},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hotelapi.fd1.cc/api/hotel/list","fqdn":"hotelapi.fd1.cc","domain":"fd1.cc","tld":"cc"},"ip":{"addr":"47.238.95.131","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hotelapi.fd1.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 07:17:04 GMT","end":"Sat, 18 Apr 2026 07:17:03 GMT"},"fingerprint":{"sha1":"F4:4E:3A:4C:B6:9B:B9:FD:AB:D0:55:2A:F7:D4:54:94:57:6D:52:B5","sha256":"15:40:12:60:28:DD:B0:7A:84:51:80:F0:A9:2F:64:68:85:9C:9E:46:B7:89:07:E2:4A:9B:C7:1C:E5:C4:8E:AE"}}},"request":{"raw":"OPTIONS /api/hotel/list HTTP/1.1\r\nHost: hotelapi.fd1.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang\r\nReferer: https://aaa4.gotriphotel.com/\r\nOrigin: https://aaa4.gotriphotel.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:43 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://aaa4.gotriphotel.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: content-type, lang\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":283,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":282,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/1028.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/1028.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 91196\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338ED72D203533377C32\r\nAccept-Ranges: bytes\r\nETag: \"B51B8BC5B01E6473C5DFCBD0129FA535\"\r\nLast-Modified: Thu, 06 Nov 2025 19:56:35 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1684943507009707147\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: tRuLxbAeZHPF38vQEp+lNQ==\r\nx-oss-server-time: 11\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":91196,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1008x670, components 3","md5":"b51b8bc5b01e6473c5dfcbd0129fa535","sha1":"b1acae8bee6287a105331e1fd2e3ff3abe5321e3","sha256":"758f46850c30913288271832863adf3d6c5fcb1188ca948db07f3720b8ca411d","sha512":"8753d4208c5c63f6a5c51779308b5d78d4c5331e007a54e599eb232ebd3ee07ac261940b033568750996625d823c5230448ba0c63a0959ac7902394bd4669cce","ssdeep":"1536:oW/Q7CrP94HUM1OVi/cPilvz15rsCvDWzXccEsEThz/IqTFusqPdF4hANrS8eaks:iCj9EUMSi/KixvrsO6ccEsUhbI+csqP3","tlshash":"2d9312834fa3c5e96943d0feb84f3dfaa25292bc8edb94389f046541d1944fe0762187","first_seen":"2025-12-14T14:15:46.632382Z","last_seen":"2026-03-04T13:29:06.8211Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2956,"timings":{"blocked":2518,"dns":0,"connect":0,"send":0,"wait":360,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/283.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/283.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 55244\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338DD72D2035333E7A32\r\nAccept-Ranges: bytes\r\nETag: \"AA2107A6D24820FFC7190BC4CE60FD38\"\r\nLast-Modified: Thu, 06 Nov 2025 19:56:16 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3204602284802140408\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: qiEHptJIIP/HGQvEzmD9OA==\r\nx-oss-server-time: 17\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":55244,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x768, components 3","md5":"aa2107a6d24820ffc7190bc4ce60fd38","sha1":"5b5d8395fbd0f2adf52f06c8c6bf149aad5ab4d2","sha256":"1fe9bf46e8acc9b76d7030f5066f33ae52073d9be258d8615f8b076f3fae500c","sha512":"3e259580add1c6b2f35fd1396d1941d9e54453fe5dfe852b1964ba3c0c9ebc8b1069b5fc0d8893bdcad7d6f631a3d3d15bda3dd65219ea2c9cc8d52d54141689","ssdeep":"768:kE1aADwysiUy21r5t3FdXyG2IEZ4YU6sTXp9+GutsRgo/QboQOKX4HJF/bTY6wz+:kEp6x1rFdXiW1ys6roQObFfRwz8Qibr","tlshash":"75430249d8d60484cfcbc13e37cc06f6411adc77a0a9945dabcd49f8f949f6b4a94404","first_seen":"2025-12-17T18:43:07.797797Z","last_seen":"2026-03-04T13:29:06.823738Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2107,"timings":{"blocked":1700,"dns":0,"connect":0,"send":0,"wait":365,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/69.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/69.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 517207\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338E269DA834368F332E\r\nAccept-Ranges: bytes\r\nETag: \"2A88FED4A49AC9357D8978C60045B5F3\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:43 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8630912695859726247\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Koj+1KSayTV9iXjGAEW18w==\r\nx-oss-server-time: 30\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":517207,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 406, 8-bit/color RGB, non-interlaced","md5":"2a88fed4a49ac9357d8978c60045b5f3","sha1":"930fbc5263a4363be2cc4b070de3cc4fab359f23","sha256":"cd6ad168c48a4244a2b36920c21bad5c0ef4a8920aa80841800f66b6441e1f9b","sha512":"93530b81451177c1281aef6932933f3e7b880850eb6a44790ede796712eb75ef86e0704dffaa0d5febb5ad2086a0122e77d6cd75432ffc5482021ad165d53c13","ssdeep":"6144:iPD/CRnou3rPGryEqLvpBRzBXbsV7e4wwQOdhD//BwZbKOI+1mZ17/MD/PwoMrL:CDqHTIyEqLv3RzRq2wQmw5KDoMrL","tlshash":"09b42340f24988cc62e48459b32e325aff811d64dee6c4b7d6b863d1f7cca5c41acb65","first_seen":"2025-12-16T06:49:53.648173Z","last_seen":"2026-03-04T13:29:06.826648Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3210,"timings":{"blocked":2544,"dns":0,"connect":0,"send":0,"wait":374,"receive":292,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/images/home/house.avif","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aaa1.gotriphotel.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 18:49:09 GMT","end":"Sun, 19 Apr 2026 18:49:08 GMT"},"fingerprint":{"sha1":"D5:66:EE:6B:2F:45:75:23:3C:38:43:16:7B:47:FC:46:3E:18:71:6B","sha256":"D6:74:E4:67:34:FB:76:F6:6C:3F:FF:2A:07:F4:E1:29:86:A1:3A:AB:42:B3:23:FA:52:60:09:D9:36:DD:3B:6F"}}},"request":{"raw":"GET /images/home/house.avif HTTP/1.1\r\nHost: aaa4.gotriphotel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:43 GMT\r\nContent-Type: image/avif\r\nContent-Length: 3035\r\nLast-Modified: Thu, 08 Jan 2026 18:42:46 GMT\r\nConnection: keep-alive\r\nETag: \"695ffaa6-bdb\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3035,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"e3268508fae4ba979f054ccf9058124b","sha1":"57e593c7fc4c4ac0dd2c537416c53442e9c858d4","sha256":"486793b37452fb4f697b77bc24f12648bf1eae97fb3e59615564221efcebc3ec","sha512":"c666aae7142007147014d89bd86bdfc342bbe434d0b3dbc8cd27c052668f9492a23b0ec4840105e8973f16190c3cf14447cea3bdf832c921d4cf23a61e8cbd00","ssdeep":"","tlshash":"f9511c3cd2bdcf8bc05f023345cb5411197ce32d966396256e02739e86b8372c6b5d48","first_seen":"2025-06-22T04:09:28.167002Z","last_seen":"2026-06-06T18:12:39.772631Z","times_seen":302,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"aaa4.gotriphotel.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/914.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/914.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 41997\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338E385D5B3233B5AF71\r\nAccept-Ranges: bytes\r\nETag: \"65389896923DF1CA3E3D60A43EAF154B\"\r\nLast-Modified: Thu, 06 Nov 2025 19:55:34 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9095371714719118492\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZTiYlpI98co+PWCkPq8VSw==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":41997,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 576x768, components 3","md5":"65389896923df1ca3e3d60a43eaf154b","sha1":"eb443fc6aae5bb3e21d4fc2a5e2c426aad7d10f5","sha256":"ffcd43eb2ad3f7f982da7c4a4bba32f2cd3d772dd71dd4640903ba4b5a45e20d","sha512":"571070d999b13d5ce1ec32e9e2dfef02486e3d5d9778ae8482dc3f36d14988ebc55153320433b623f2cb1a6abaae9f99a23a5aaad64574bc02a8aefb3e0a65e2","ssdeep":"768:auRusvG+QQLY7i8RjfxTz/quOM3dUUDLH0SKS+f0ho9ISmar:a0uvG85fxnLUU30wS0uyXar","tlshash":"ad13f1951aeb68260f998d913309f2cfa11373516fdfdc35926b091c9ac6fb1049e70c","first_seen":"2025-12-17T18:43:07.782817Z","last_seen":"2026-03-04T13:29:06.832207Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2508,"timings":{"blocked":2133,"dns":0,"connect":0,"send":0,"wait":348,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/assets/index-4OpOKF6X.css","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:40.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aaa1.gotriphotel.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 18:49:09 GMT","end":"Sun, 19 Apr 2026 18:49:08 GMT"},"fingerprint":{"sha1":"D5:66:EE:6B:2F:45:75:23:3C:38:43:16:7B:47:FC:46:3E:18:71:6B","sha256":"D6:74:E4:67:34:FB:76:F6:6C:3F:FF:2A:07:F4:E1:29:86:A1:3A:AB:42:B3:23:FA:52:60:09:D9:36:DD:3B:6F"}}},"request":{"raw":"GET /assets/index-4OpOKF6X.css HTTP/1.1\r\nHost: aaa4.gotriphotel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:40 GMT\r\nContent-Type: text/css\r\nContent-Length: 258824\r\nLast-Modified: Thu, 08 Jan 2026 18:42:48 GMT\r\nConnection: keep-alive\r\nETag: \"695ffaa8-3f308\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":258824,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65200), with no line terminators","md5":"ffe7e2e052f27f8e96d9521aae7f24d2","sha1":"fd0c42d334e4cabe12ec208a31eda51d6f2402bb","sha256":"5cbd6663a342946a5ffb46bdc9ebcf22d3bf01187d085bda3fa3bccbdfb24509","sha512":"0aa2a10605c0328059df8053e7350243200f045e992e039b0524cb734a4ad624beb6e0567b65ee7ec98385175348acb62637e8a44cc81f1f87945cdf790f51f3","ssdeep":"1536:+CwsBlDOFIxuVoxoZpbjIyNBi3MFYaQj7FCwsBlDOFIxuVoxvPxkLwG1Al5aBzvW:+ClDsIxuVSoZpbNNIClDsIxuVS2Y4H2","tlshash":"46440759e69090bcbf27f175ab8b56dcf13cf960ed02caa4f10261590ec7bf5062361a","first_seen":"2025-12-14T01:45:04.048697Z","last_seen":"2026-04-28T02:13:31.383267Z","times_seen":66,"resource_available":false,"data":null}},"time_used":1757,"timings":{"blocked":398,"dns":1,"connect":191,"send":0,"wait":382,"receive":577,"ssl":205},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"aaa4.gotriphotel.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/favicon.ico","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:41.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aaa1.gotriphotel.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 18:49:09 GMT","end":"Sun, 19 Apr 2026 18:49:08 GMT"},"fingerprint":{"sha1":"D5:66:EE:6B:2F:45:75:23:3C:38:43:16:7B:47:FC:46:3E:18:71:6B","sha256":"D6:74:E4:67:34:FB:76:F6:6C:3F:FF:2A:07:F4:E1:29:86:A1:3A:AB:42:B3:23:FA:52:60:09:D9:36:DD:3B:6F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: aaa4.gotriphotel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:41 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 4286\r\nLast-Modified: Thu, 08 Jan 2026 18:42:46 GMT\r\nConnection: keep-alive\r\nETag: \"695ffaa6-10be\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"33517106fc325ce3c5507bbf8830ec0f","sha1":"334e86dd53ee26f65165a283358733f753b14d59","sha256":"9ba669d9ce07a2d4689edadaf5178a3296442567f4006e8e0e7de94b845c4a81","sha512":"fb94c7d46bda7f42f5d4786b6150aa0ba25bf7f2fd49f19353ad871e001ce72afcf309de99c8011f7a261fcb2764d3057278dc6e38fe4aef686f3d104a7d9a9f","ssdeep":"48:aQhWcl76JKXTqVTWWx1iWMMfIfc2j8LMm+x3Ij:aQ576IXGVHvP2pQ+x3+","tlshash":"0f91765239264f01cb1dcf36cdeac73b319d3e5e9f84153e7814b6018f25a8aac1a709","first_seen":"2023-04-18T21:08:20Z","last_seen":"2026-05-19T14:20:05.716405Z","times_seen":511,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"aaa4.gotriphotel.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hotelapi.fd1.cc/api/common/getSetting","fqdn":"hotelapi.fd1.cc","domain":"fd1.cc","tld":"cc"},"ip":{"addr":"47.238.95.131","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:42.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hotelapi.fd1.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 07:17:04 GMT","end":"Sat, 18 Apr 2026 07:17:03 GMT"},"fingerprint":{"sha1":"F4:4E:3A:4C:B6:9B:B9:FD:AB:D0:55:2A:F7:D4:54:94:57:6D:52:B5","sha256":"15:40:12:60:28:DD:B0:7A:84:51:80:F0:A9:2F:64:68:85:9C:9E:46:B7:89:07:E2:4A:9B:C7:1C:E5:C4:8E:AE"}}},"request":{"raw":"POST /api/common/getSetting HTTP/1.1\r\nHost: hotelapi.fd1.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nLang: en\r\nContent-Length: 13\r\nOrigin: https://aaa4.gotriphotel.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":13,"data":"{\"Lang\":\"en\"}"}},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:42 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://aaa4.gotriphotel.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4235,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"98d294b8e7b4ff5179c8ad08e100a299","sha1":"4c79a8d2eeeb3e81ee1162594edc8e46a28cc3ff","sha256":"2adf580e22fe23dc187b96563c36f836c51c50b4204dbb88207ab135ad373e21","sha512":"e457c26bb65503affdf8db6982ad4bf0c5670a20b71232bfa845ba5ba384ec0eba755426b8bb7d72b78f1d32e4af9269e751ee2a7b175bdc719017d3cbe34fb0","ssdeep":"96:GGEbsqTIppqssRpq4f9q55CPtRGTuRb/GRgWRdWRSERSGRfoRmnqx6kIPU4wWRGH:GVwe4pRWp5lqAdDAPG3pCmqxzIsAwpn","tlshash":"5f9141063bad8c7a07a719d20919ba55b74d37f7d89ce849e4c5fd4c80e9fb8680f004","first_seen":"2026-01-31T20:19:10.785247Z","last_seen":"2026-04-12T13:08:58.803673Z","times_seen":14,"resource_available":false,"data":null}},"time_used":1323,"timings":{"blocked":-1,"dns":178,"connect":281,"send":0,"wait":286,"receive":0,"ssl":303},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/my.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/my.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 3723\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338C269DA832377D2B2E\r\nAccept-Ranges: bytes\r\nETag: \"641DEA216B82F4245567563CD4A7894E\"\r\nLast-Modified: Thu, 16 Oct 2025 08:24:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17593974541650285707\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZB3qIWuC9CRVZ1Y81KeJTg==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3723,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"641dea216b82f4245567563cd4a7894e","sha1":"026529cbffea031034aa30b5557a761a1435fbe1","sha256":"4085d0dd4ef72cf23cb764323250587bfe5847d4e0bee0541fe94377064431c2","sha512":"4d0b1f07c4a9342c998f22516cc5a9c69f189c75b94ffd016459dfe452e12ccd6797ee07798f8257c4114aedd2666be08931255fe0e63fe4cc7426366591ef42","ssdeep":"","tlshash":"807182fa74926ab3a2d8107bc2491d6473a256eac350cf40e55269bc3b1b4f1fcc8d67","first_seen":"2025-12-14T01:45:04.056614Z","last_seen":"2026-04-12T13:08:58.831447Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2388,"timings":{"blocked":1026,"dns":18,"connect":335,"send":0,"wait":334,"receive":0,"ssl":673},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/images/home/consierge.avif","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aaa1.gotriphotel.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 18:49:09 GMT","end":"Sun, 19 Apr 2026 18:49:08 GMT"},"fingerprint":{"sha1":"D5:66:EE:6B:2F:45:75:23:3C:38:43:16:7B:47:FC:46:3E:18:71:6B","sha256":"D6:74:E4:67:34:FB:76:F6:6C:3F:FF:2A:07:F4:E1:29:86:A1:3A:AB:42:B3:23:FA:52:60:09:D9:36:DD:3B:6F"}}},"request":{"raw":"GET /images/home/consierge.avif HTTP/1.1\r\nHost: aaa4.gotriphotel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:43 GMT\r\nContent-Type: image/avif\r\nContent-Length: 1788\r\nLast-Modified: Thu, 08 Jan 2026 18:42:46 GMT\r\nConnection: keep-alive\r\nETag: \"695ffaa6-6fc\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1788,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"66cee10d0ed2a21573558b9b57d7d412","sha1":"215e00f2b9de5938ce2cd940859fcedfa2db9fe3","sha256":"863dd256dab3d695b96fc3cc58764bc22b277d7b1574d1b9a5073926517ca0d1","sha512":"7217b694d217619d3528556e4ec25d58be1fddfc708429b17f1c9c8033e6577a38e5dcccf19aa6ae7489c4cc0899286d48920b82281b68faa649851013275cbb","ssdeep":"","tlshash":"2e31d808d2a01e73cc7b43700d556b286b70642453eb7f57fc82b2ccaa95a7a4936e1a","first_seen":"2025-06-22T04:09:27.945048Z","last_seen":"2026-06-06T18:12:39.887836Z","times_seen":292,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":1,"connect":207,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"aaa4.gotriphotel.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/74.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/74.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 511214\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338C269DA834363A2E2E\r\nAccept-Ranges: bytes\r\nETag: \"788E5A3BD3ACD1A0F388F6C5260E2B6E\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:41 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11270671339178318329\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: eI5aO9Os0aDziPbFJg4rbg==\r\nx-oss-server-time: 14\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":511214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 521, 8-bit/color RGB, non-interlaced","md5":"788e5a3bd3acd1a0f388f6c5260e2b6e","sha1":"d10aa122ff4643cb97bdd88f45d91ff0fc57d6e7","sha256":"5402004a069c65342e3a7e1e8cc8b02ab1e7fd34e5d50de544333968cf167172","sha512":"4b656b3a1309dd223da241980769367da2f62f1d0947c89f1637f73d25394e69472ee485fabf93ebd2154fdef996784f1a1e3d48f46b08b3a79003f52eab3eca","ssdeep":"12288:3KJTSjLPSIA9LSuRmXFqiyPaXwLUpWv9CSY2EezcEc:axet1uRmXFpTXwIWvcSYXezdc","tlshash":"0bb42323f7d3c6360949da5a06ba4c0076f41b58c9cf5ca52f86f2f2e347fa09253698","first_seen":"2025-12-14T01:45:04.053589Z","last_seen":"2026-03-04T13:29:06.838573Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2583,"timings":{"blocked":-1,"dns":19,"connect":339,"send":0,"wait":357,"receive":1188,"ssl":677},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/99.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/99.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 563781\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338C6B4B1331383ABD76\r\nAccept-Ranges: bytes\r\nETag: \"0BCDDD04130909A55E43E39BA0B562C3\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:39 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5740464974011850829\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: C83dBBMJCaVeQ+OboLViww==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":563781,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGB, non-interlaced","md5":"0bcddd04130909a55e43e39ba0b562c3","sha1":"58c6c00b97c7ed31309c76096a6060eca575bf14","sha256":"54442a49abe41208a504b53fd69704d9ed45f3fe4dc1610ac33950e43742e00c","sha512":"39fe478e04b210a675928803a897faf4b2ca343a6d85c5f1ed032f882798760df612e654207e31b3ef9ca30a04d44d4b754ee57d6aff3650f7977e17014b7133","ssdeep":"12288:NQhcfaXZEIc7hZsVKMwHmXqawDhfprwRukVFv9xG1EEAcNWVCpXlar:ahPXZ3c7hZ6KMAm67TERdXPG1ElcUVCG","tlshash":"56c423a3c6cced1b570da9841491fbd0d2b3d7e29ae7ee15bc6d80ef101816a1611fb2","first_seen":"2025-12-14T14:13:56.737199Z","last_seen":"2026-03-04T13:29:06.840423Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2593,"timings":{"blocked":-1,"dns":12,"connect":336,"send":0,"wait":344,"receive":1228,"ssl":673},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/47.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/47.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 76729\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338CD72D2035339F7832\r\nAccept-Ranges: bytes\r\nETag: \"29B4C4EBC34B465A42F02FABEA758690\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:44 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15082676748465430752\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: KbTE68NLRlpC8C+r6nWGkA==\r\nx-oss-server-time: 11\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":76729,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 520x768, components 3","md5":"29b4c4ebc34b465a42f02fabea758690","sha1":"2f0b9fc73d486d8be9e13383ea12983968b96c29","sha256":"e462684d951955635c1748e4955a2f6e90f441c557e96aadb9e5e37380b8cc5e","sha512":"59db0d2f52013b0371db21c1607c27882756feb8f5875fb67f1f376cef17bda9f6de4fd8326057918b063543c59cafc3af0c9c4744fc87f9332bc07b6f1b9601","ssdeep":"1536:yqLYMNzgXXPFEqnLZq3YAZm1qNTE8CHQ7Rb7qtm4nY2TiF:DEX/ZqoALNTEJMetm46","tlshash":"fc73023353f79c53ee4e820f2d650a95b62698f33e820273da4ce19942855f7f9d2498","first_seen":"2025-12-14T02:48:36.472014Z","last_seen":"2026-04-12T12:44:50.932153Z","times_seen":8,"resource_available":false,"data":null}},"time_used":2392,"timings":{"blocked":1027,"dns":0,"connect":0,"send":0,"wait":353,"receive":337,"ssl":675},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/home.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/home.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 3082\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338C6B4B13323483BA76\r\nAccept-Ranges: bytes\r\nETag: \"E1EB99A24F304844964116EC9CB154FE\"\r\nLast-Modified: Thu, 16 Oct 2025 08:24:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4637394685576909661\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4euZok8wSESWQRbsnLFU/g==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3082,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"e1eb99a24f304844964116ec9cb154fe","sha1":"9aa75ca02ee519b33c7c0e2d8ca7911cd5729c63","sha256":"1233a1d7579c693125626297bf4ec6c2dc9349bf653f73f651e297c99b7965b8","sha512":"4b732c27d8f9b62a644a064361d539fb33550660f68aa7b8f9d9f37b6a615c3dfab9d41ed0f5a561d85a7bec83d3b458eace48ebd793e3574b3f025bd1d7134e","ssdeep":"","tlshash":"25515de4235c74fc5365c7f71572dae40b3a671213a6ca27137b192bea583332ba5a30","first_seen":"2025-12-14T01:45:04.068654Z","last_seen":"2026-04-12T13:08:58.798398Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2434,"timings":{"blocked":1047,"dns":34,"connect":335,"send":0,"wait":338,"receive":0,"ssl":674},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/customer.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/customer.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 4291\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338C6B4B1335397ABA76\r\nAccept-Ranges: bytes\r\nETag: \"E289B43F0B88D55B69CFF35A1507BC44\"\r\nLast-Modified: Thu, 16 Oct 2025 08:24:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11706460479237413874\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4om0PwuI1Vtpz/NaFQe8RA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4291,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"e289b43f0b88d55b69cff35a1507bc44","sha1":"3fd484284ffc2c0795dcce5f7dc13cb13f55c18d","sha256":"d369d0059f79653892ea78153e544d697d01a655a2ca26892d499382a41990b8","sha512":"2695752519d25f039442ab5da4e60e4f35385ceedcdb95ec2d30172a026dee285dda0d0e12ec177bfc7a9d8b9f92e4e983b3ff851161e6efa05d29e81571dce5","ssdeep":"96:VnSAN0G+9c06GKWSQSNsWeWqzMPtM9OvoB4z:VnSAN0G+9cxGyrKatUOvp","tlshash":"18917ff9b697627b15d9a623c0884d28b6310be2c644cf40f094c9bc731b9e0eecac57","first_seen":"2025-12-14T01:45:04.032093Z","last_seen":"2026-04-12T13:08:58.806475Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2392,"timings":{"blocked":1029,"dns":23,"connect":333,"send":0,"wait":333,"receive":0,"ssl":672},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hotelapi.fd1.cc/api/hotel/list","fqdn":"hotelapi.fd1.cc","domain":"fd1.cc","tld":"cc"},"ip":{"addr":"47.238.95.131","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hotelapi.fd1.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 07:17:04 GMT","end":"Sat, 18 Apr 2026 07:17:03 GMT"},"fingerprint":{"sha1":"F4:4E:3A:4C:B6:9B:B9:FD:AB:D0:55:2A:F7:D4:54:94:57:6D:52:B5","sha256":"15:40:12:60:28:DD:B0:7A:84:51:80:F0:A9:2F:64:68:85:9C:9E:46:B7:89:07:E2:4A:9B:C7:1C:E5:C4:8E:AE"}}},"request":{"raw":"POST /api/hotel/list HTTP/1.1\r\nHost: hotelapi.fd1.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nLang: en\r\nContent-Length: 13\r\nOrigin: https://aaa4.gotriphotel.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":13,"data":"{\"Lang\":\"en\"}"}},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:43 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://aaa4.gotriphotel.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7354,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"b7029d04e9120230ba1c8bdf1d6defe7","sha1":"625bab961ffbc13bb66f7bc28427cd6b7b0a43ce","sha256":"820d89e937f5c796a65a7d1227d69fc302429b4053ecb5d5a2504ebf53393828","sha512":"0a22e466def32a75999481cf23a9d44ad3ee7c1750f46b7694edf07e90c8064950809576c54514d92b52122347eb57469d840687f577b4f9d67a9cadcf7d8b3d","ssdeep":"96:rP0wBsZk6IqUTLzPGVbuZbfrfiA1Gi/nUNv3F81xNhZHk+po5VMBxOlsbnYxN3Bf:Tp6teGVbQfP1F/i3gnwGDCN3iwVtoy/","tlshash":"c3e1ca9b9ba40c7993081aa11d8b6b44fbc8275bf4e4dfcd9ca0ce0492d07de412ac69","first_seen":"2026-03-04T13:29:06.845205Z","last_seen":"2026-03-04T13:29:06.845205Z","times_seen":1,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/upload/18/4317cfd922f7215ff2e2c0f09913d3.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/upload/18/4317cfd922f7215ff2e2c0f09913d3.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 267416\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338D7CC7753031859FF7\r\nAccept-Ranges: bytes\r\nETag: \"184317CFD922F7215FF2E2C0F09913D3\"\r\nLast-Modified: Thu, 06 Nov 2025 19:54:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3783888220470887007\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: GEMXz9ki9yFf8uLA8JkT0w==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":267416,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 768, 8-bit/color RGBA, non-interlaced","md5":"184317cfd922f7215ff2e2c0f09913d3","sha1":"39f9c24b7d60233a95e3b2172a690deec0b6862c","sha256":"61b96907a0886071a1efbb4e11e3e8ffec1812399a6906cc6adfcb9c4f6e72f0","sha512":"67a1f1df5dc8c2f8524d8dd12e76df9b8acca7443980dbf1367bbf2c041e668fe89f7df0e0acfedda62b86c772950f13781e19962e6d719a518a24cd68f7ac14","ssdeep":"6144:s/TcUCVzEwKNlNq+bgK+ftap0g8T8693h5WnyKOBLluIdp:kXIugGA393HWcV0k","tlshash":"5f442301eb09a099ae5405e1986eb1c2b12d81e7d29e97f84d414cd799f34ef79c3b0f","first_seen":"2025-12-17T07:20:31.912136Z","last_seen":"2026-03-04T13:29:06.846931Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2392,"timings":{"blocked":1364,"dns":0,"connect":0,"send":0,"wait":344,"receive":684,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/28.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/28.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 604557\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338E385D5B3233F8B071\r\nAccept-Ranges: bytes\r\nETag: \"490FD072F86622A3D8271F013BC49AD5\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:46 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17019440177940011918\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SQ/QcvhmIqPYJx8BO8Sa1Q==\r\nx-oss-server-time: 25\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":604557,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced","md5":"490fd072f86622a3d8271f013bc49ad5","sha1":"a329d6d3161a7e258dd349cb77a365eb1b00574f","sha256":"e361bc697dec9148b2893270e11d5d3d7d9dc68b91ac1acc07245843da56d4cd","sha512":"a7e83017cb2c52629cb5e1f6277c6b3f18b097ebf0559bfc9cc41041b137a536fc0b1cb3d8aec5b3e1c08dceeac3441aac4f9191412198f6ef8bb92a8efd7a37","ssdeep":"12288:WoSH+9Vrhw8wc/S85lBFRhZtwZarLwe/rwK6eGjxboUAuaS:8+9VVUc/S+zX9uaPwezwK6Pb9US","tlshash":"70d423c25b63968ef23654b1709c223e220f1cc26ae91708b51ed2a94775dbf458f2ed","first_seen":"2025-12-14T15:08:59.0749Z","last_seen":"2026-03-04T13:29:06.848563Z","times_seen":6,"resource_available":false,"data":null}},"time_used":3594,"timings":{"blocked":2515,"dns":0,"connect":0,"send":0,"wait":369,"receive":710,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/862.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.169","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:43.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/862.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 04 Mar 2026 13:28:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 79112\r\nConnection: keep-alive\r\nx-oss-request-id: 69A8338D385D5B3233AFAE71\r\nAccept-Ranges: bytes\r\nETag: \"F711660A50F57D64A1177A6264624287\"\r\nLast-Modified: Thu, 06 Nov 2025 19:55:38 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10503861653476309004\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 9xFmClD1fWShF3piZGJChw==\r\nx-oss-server-time: 22\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":79112,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1007x669, components 3","md5":"f711660a50f57d64a1177a6264624287","sha1":"6f275585575dfd5657a2e4e0cc2956426ef026db","sha256":"210c6e4de96bceedb3002a126350e64013b78e8ef043cf53ecb95f2d084ac88a","sha512":"a77779bc9a763e1796016a3db9a86d6d70c8d42b22435ea023e81b153c654a91b8760c24560766194ec01c669533ef9d075afaa8a42c2eb0135d858666f3f6ee","ssdeep":"1536:wxdqoa1zjtqq/CkSfhgOjPO/Ao8BJG1GRGO5fhG9u0CtRM5FpjB0u:Foadjwq6rpbjPho8/G45ZGCtSp3","tlshash":"c5730260b783248f4e87cdd69c35158ef19ce6008c8990f9cb8684c356c9f6bf8b926d","first_seen":"2025-12-16T11:05:35.980333Z","last_seen":"2026-03-04T13:29:06.850401Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2137,"timings":{"blocked":1707,"dns":0,"connect":0,"send":0,"wait":365,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T13:28:39.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aaa1.gotriphotel.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 18:49:09 GMT","end":"Sun, 19 Apr 2026 18:49:08 GMT"},"fingerprint":{"sha1":"D5:66:EE:6B:2F:45:75:23:3C:38:43:16:7B:47:FC:46:3E:18:71:6B","sha256":"D6:74:E4:67:34:FB:76:F6:6C:3F:FF:2A:07:F4:E1:29:86:A1:3A:AB:42:B3:23:FA:52:60:09:D9:36:DD:3B:6F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aaa4.gotriphotel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:39 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 08 Jan 2026 18:42:48 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"695ffaa8-255\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":597,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"fba0a7e9eff2fda8fd0c6030dbb333ed","sha1":"29e46cd8abb238a67fb563d35b3dd3bd872c9307","sha256":"4ca5a06df85e24bbb69b2611b4f6816f5759587f8a5cce91b46fcd076eb11511","sha512":"31383d0b049b76b6cc6909c40a56b44f99c0101893d2933e907c262efcd7aa9be95443769ed965269bf4445015c4568472d071e55b93cbe6b5f99385f2a8ba0b","ssdeep":"","tlshash":"8bf0acc6cca4c98a424042085ce0f0095e8a974b8b0a8d546dfb20b9cec4b85cdeb478","first_seen":"2026-01-16T01:25:31.54059Z","last_seen":"2026-03-05T08:08:56.417641Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1223,"timings":{"blocked":514,"dns":110,"connect":196,"send":0,"wait":194,"receive":0,"ssl":204},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"aaa4.gotriphotel.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aaa4.gotriphotel.com/assets/index-BOAazEWi.js","fqdn":"aaa4.gotriphotel.com","domain":"gotriphotel.com","tld":"com"},"ip":{"addr":"102.223.72.56","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:40.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aaa1.gotriphotel.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 18:49:09 GMT","end":"Sun, 19 Apr 2026 18:49:08 GMT"},"fingerprint":{"sha1":"D5:66:EE:6B:2F:45:75:23:3C:38:43:16:7B:47:FC:46:3E:18:71:6B","sha256":"D6:74:E4:67:34:FB:76:F6:6C:3F:FF:2A:07:F4:E1:29:86:A1:3A:AB:42:B3:23:FA:52:60:09:D9:36:DD:3B:6F"}}},"request":{"raw":"GET /assets/index-BOAazEWi.js HTTP/1.1\r\nHost: aaa4.gotriphotel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aaa4.gotriphotel.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:40 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 413289\r\nLast-Modified: Thu, 08 Jan 2026 18:42:48 GMT\r\nConnection: keep-alive\r\nETag: \"695ffaa8-64e69\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":413289,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (43647)","md5":"01f80e4b9777b037d19fdb5d2cee9aa0","sha1":"c363e6dc8130195dc3cfbcc841853a8435606c46","sha256":"38b84fc136c1ae9f4e69311cc6ab0914455f2dc4b9e643f72c8d26ef41c94328","sha512":"fb6f4de42203dc84e0b4991d6edd146e63c991870fc5d1a269eed5550b68da24dbc99978dced536d5241c31627ee4bbb713f04e506f9049c3fb88c301029b85e","ssdeep":"12288:c2EKQn48HuDRVVhZ3g+q0k2De11N28EPf9dMe2z/Bem:cbKQ48kpvq0kZnEPf52zJem","tlshash":"5f945b997186b43743f71ad650bb0502b3791a44740dc8e4f1bc9dab2ab694842bffbc","first_seen":"2026-01-16T01:25:31.515166Z","last_seen":"2026-03-05T08:08:56.430591Z","times_seen":16,"resource_available":true,"data":null}},"time_used":1176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":388,"receive":788,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"aaa4.gotriphotel.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"aaa4.gotriphotel.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hotelapi.fd1.cc/api/common/getSetting","fqdn":"hotelapi.fd1.cc","domain":"fd1.cc","tld":"cc"},"ip":{"addr":"47.238.95.131","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://aaa4.gotriphotel.com/","date":"2026-03-04T13:28:41.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hotelapi.fd1.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 07:17:04 GMT","end":"Sat, 18 Apr 2026 07:17:03 GMT"},"fingerprint":{"sha1":"F4:4E:3A:4C:B6:9B:B9:FD:AB:D0:55:2A:F7:D4:54:94:57:6D:52:B5","sha256":"15:40:12:60:28:DD:B0:7A:84:51:80:F0:A9:2F:64:68:85:9C:9E:46:B7:89:07:E2:4A:9B:C7:1C:E5:C4:8E:AE"}}},"request":{"raw":"OPTIONS /api/common/getSetting HTTP/1.1\r\nHost: hotelapi.fd1.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang\r\nReferer: https://aaa4.gotriphotel.com/\r\nOrigin: https://aaa4.gotriphotel.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 13:28:42 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://aaa4.gotriphotel.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: content-type, lang\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":1787,"timings":{"blocked":754,"dns":176,"connect":276,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}