{"report_id":"54535fdc-9a62-462a-900e-79c60da95103","version":6,"status":"done","tags":[],"date":"2026-05-08T08:43:38Z","url":{"schema":"http","addr":"global-tunnel-bridge-tech.cyou","fqdn":"global-tunnel-bridge-tech.cyou","domain":"global-tunnel-bridge-tech.cyou","tld":"cyou"},"ip":{"addr":"45.87.41.222","port":0,"asn":62068,"as":"SpectraIP B.V.","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"global-tunnel-bridge-tech.cyou/","fqdn":"global-tunnel-bridge-tech.cyou","domain":"global-tunnel-bridge-tech.cyou","tld":"cyou"},"title":"Hello World","dom":{"size":519,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"60f375af565c686ae56e47712c8ff913","sha1":"af3dfec5e857a9b730e252d0d6ae5c0640c6cf9d","sha256":"c845fa7b8fc12754ff02afd7a1885a496240250e930b9282044ce387da0a4d60","sha512":"aeb9787e1521c15eab406874b088beeec39ebd06d788c30342733cc1624b6cffcf13c233465e4d88d5fe5202160e8afe5f28b93bee2fec5c6d812acf140458b2","ssdeep":"","tlshash":"7ef0554680b3010a2823c4040eeab2404a95d85b839b8e103ece32889f8a24998eb7dc","dom_hash":"domhash2cb833fa389c8595ff47861795e5b41e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"global-tunnel-bridge-tech.cyou","fqdn":"global-tunnel-bridge-tech.cyou","domain":"global-tunnel-bridge-tech.cyou","tld":"cyou"},"ip":{"addr":"45.87.41.222","port":0,"asn":62068,"as":"SpectraIP B.V.","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-12T08:43:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-08T08:43:16Z","timestamp":1778229796,"ip_dst":{"addr":"Client IP","port":41264,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"45.87.41.219","port":443,"asn":62068,"as":"SpectraIP B.V.","country":"The Netherlands","country_code":"NL"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2026-05-08T08:43:16.572929+0000\",\"flow_id\":260200429047524,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"45.87.41.219\",\"src_port\":443,\"dest_ip\":\"172.18.0.10\",\"dest_port\":41264,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2020_11_23\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=global-tunnel-bridge-tech.cyou\",\"issuerdn\":\"C=AT, O=ZeroSSL GmbH, CN=ZeroSSL RSA DV SSL CA 2\",\"serial\":\"20:1E:93:22:B7:FD:58:D1:1A:C9:EC:52:02:1F:FB:EA\",\"fingerprint\":\"a9:2c:91:38:66:bf:09:ca:ed:16:50:ab:7f:6a:4f:27:41:fb:c1:c5\",\"sni\":\"global-tunnel-bridge-tech.cyou\",\"version\":\"TLS 1.2\",\"notbefore\":\"2026-05-06T00:00:00\",\"notafter\":\"2026-08-04T23:59:59\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"1d92b1ca39d82e415ee788b0324f6e25\",\"string\":\"771,49199,0-65281-11-5-16\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":8,\"bytes_toserver\":1245,\"bytes_toclient\":6393,\"start\":\"2026-05-08T08:43:16.511716+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"global-tunnel-bridge-tech.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"global-tunnel-bridge-tech.cyou","ip":{"addr":"45.87.41.219","port":443,"asn":62068,"as":"SpectraIP B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2026-05-06","domain_rank":0,"first_seen":"2026-05-08T08:43:38.500052Z","last_seen":"2026-05-08T08:43:38.500052Z","alert_count":2,"request_count":2,"received_data":1742,"sent_data":966,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"global-tunnel-bridge-tech.cyou/","fqdn":"global-tunnel-bridge-tech.cyou","domain":"global-tunnel-bridge-tech.cyou","tld":"cyou"},"ip":{"addr":"45.87.41.219","port":443,"asn":62068,"as":"SpectraIP B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-08T08:43:14.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"global-tunnel-bridge-tech.cyou","organization":""},"issuer":{"commonName":"ZeroSSL RSA DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Wed, 06 May 2026 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:2C:91:38:66:BF:09:CA:ED:16:50:AB:7F:6A:4F:27:41:FB:C1:C5","sha256":"21:96:C2:1A:D8:A3:D4:E3:55:AC:6F:DD:48:32:5B:CC:D8:8C:9C:8A:A3:1D:4B:2D:A9:BB:84:B1:22:8E:7A:1D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: global-tunnel-bridge-tech.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 08 May 2026 08:43:16 GMT\r\ncontent-type: text/html\r\ncontent-length: 560\r\nx-amz-id-2: yb4DfChUOVoOKSLdq60BuD51b7zfyEt3lIM8RTTd8OFkHy92/PRguJQ4wsJbQRQQRE7DgzIvL/GXvqLy+Te9VgYj0ZS/Xw8/\r\nx-amz-request-id: KH6T8QT6P0ECD1QH\r\nlast-modified: Sat, 15 Feb 2025 08:03:48 GMT\r\netag: \"adc9cff5fcc9bc85f7001da54035dbd2\"\r\nserver: superedge\r\nstrict-transport-security: max-age=31536000;\r\nx-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":560,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"adc9cff5fcc9bc85f7001da54035dbd2","sha1":"5e949ba5fea7bf64471634564a1a1659870e66f7","sha256":"98e80fb82e7800c560d62aaaa622e9199b9dd5c4dd2029b856a3e8fb217d529f","sha512":"4b936b3059c26ea9b25d5846336deafb1cbb847f6741377c2dd66b3e412d42b9471cd552273ee349bdf01ce034b297d533908fecb49a7bec98d07ed6a16bbf1c","ssdeep":"","tlshash":"eaf05c1a81810c0a147392781ee6f190ced798ab43870b1039ce355b2ffa60486d7bc8","first_seen":"2025-04-15T23:59:12.608576Z","last_seen":"2026-05-30T18:10:09.803141Z","times_seen":22,"resource_available":true,"data":null}},"time_used":3946,"timings":{"blocked":1793,"dns":1730,"connect":18,"send":0,"wait":361,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"global-tunnel-bridge-tech.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"global-tunnel-bridge-tech.cyou/favicon.ico","fqdn":"global-tunnel-bridge-tech.cyou","domain":"global-tunnel-bridge-tech.cyou","tld":"cyou"},"ip":{"addr":"45.87.41.219","port":443,"asn":62068,"as":"SpectraIP B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://global-tunnel-bridge-tech.cyou/","date":"2026-05-08T08:43:17.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"global-tunnel-bridge-tech.cyou","organization":""},"issuer":{"commonName":"ZeroSSL RSA DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Wed, 06 May 2026 00:00:00 GMT","end":"Tue, 04 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:2C:91:38:66:BF:09:CA:ED:16:50:AB:7F:6A:4F:27:41:FB:C1:C5","sha256":"21:96:C2:1A:D8:A3:D4:E3:55:AC:6F:DD:48:32:5B:CC:D8:8C:9C:8A:A3:1D:4B:2D:A9:BB:84:B1:22:8E:7A:1D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: global-tunnel-bridge-tech.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://global-tunnel-bridge-tech.cyou/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Fri, 08 May 2026 08:43:17 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 366\r\nx-amz-request-id: 9VP4ETWV4P2VM7TM\r\nx-amz-id-2: oCfesOzixRIYfogIQYJyppsPX0YJjHJwlWYoBcPLC2NHLA//vYr+x36iZI95H7jud5BylHq/WfeflN1x+/vBtvuGlJcrEAsC\r\nserver: superedge\r\nstrict-transport-security: max-age=31536000;\r\nx-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":366,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"ec32f2122dd49beeeda50000e8860402","sha1":"f87df6f7c19310f61f793fc8ca64aa39b007cb66","sha256":"139396dd6592d4e6ed3ad28e6e58e6a6d98c78ad7a6247d73f09b846c6f00bca","sha512":"652ea5eedad626cce8098b700c4dafa19d8176d93322898d03832a2651cb8df9a8dbe7a8a691a5deeac38753464b2a7200d72f9bb75dc7b1a26e01c20a8e95c3","ssdeep":"","tlshash":"78e0c02f8007c10cd10040aaede333419ac7037be0fa4732b552c8d9609f0f88c8b14e","first_seen":"2026-05-08T08:43:44.763676Z","last_seen":"2026-05-08T08:43:44.763676Z","times_seen":1,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"global-tunnel-bridge-tech.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}