{"report_id":"545982ad-708d-47f1-8ee3-9a9398311c7e","version":6,"status":"done","tags":[],"date":"2025-11-01T09:24:11Z","url":{"schema":"http","addr":"www.travellershealthcenter.com/","fqdn":"www.travellershealthcenter.com","domain":"travellershealthcenter.com","tld":"com"},"ip":{"addr":"185.151.30.174","port":0,"asn":48254,"as":"20i Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"www.travellershealthcenter.com/","fqdn":"www.travellershealthcenter.com","domain":"travellershealthcenter.com","tld":"com"},"title":"Welcome to Travellers Health Center","dom":{"size":1589,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"0c267edbe96bc29573fb3ae514253d06","sha1":"b84e90a8c3c808857fbeef2be5021a9f539c7b5f","sha256":"61f96fd6beb29fb88c4ec382260329ed246f4f24e021748e57cdeb65833b1bc9","sha512":"d92c0bf1adbddeb367dac4a89c26b7214555735899c1a4381c7d46238ff58e31fb9b0d6861853919ae86ebe973dabb6e00f8af0e8b9f279c816194ab44d0fd05","ssdeep":"","tlshash":"b5310e52f3b13286e9654c80a2822f579dc2cd8aa65f4ce0750e943f5fcc069a123394","dom_hash":"domhasha69e3c46d28e69732c325ca4cbd000d5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":"PGh0bWwgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGh0bWwiPjxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD11dGYtOCI+Cjx0aXRsZT5XZWxjb21lIHRvIFRyYXZlbGxlcnMgSGVhbHRoIENlbnRlciA8L3RpdGxlPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgpib2R5IHsKCW1hcmdpbi1sZWZ0OiAwcHg7CgltYXJnaW4tdG9wOiAwcHg7CgltYXJnaW4tcmlnaHQ6IDBweDsKfQo8L3N0eWxlPgo8L2hlYWQ+Cgo8Ym9keT4KPHRhYmxlIHdpZHRoPSIxMDAlIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjUiIGJvcmRlcj0iMCI+CiAgPHRib2R5Pjx0cj4KICAgIDx0ZCBzdHlsZT0icGFkZGluZy1yaWdodDoyNXB4IiBoZWlnaHQ9IjQ1IiBiZ2NvbG9yPSIjRjlGMkZGIiBhbGlnbj0icmlnaHQiPjxhIGhyZWY9Imh0dHBzOi8vc3RhY2ttYWlsLmNvbS8iIHRhcmdldD0iX2JsYW5rIj5XZWIgTWFpbDwvYT48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkPiZuYnNwOzwvdGQ+CiAgPC90cj4KICA8dHI+CiAgICA8dGQgc3R5bGU9ImZvbnQtc2l6ZToyNHB4IiBhbGlnbj0iY2VudGVyIj5XZWxjb21lIHRvPC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48c3BhbiBzdHlsZT0iY29sb3I6IzA5RjsgZm9udC13ZWlnaHQ6Ym9sZDsgZm9udC1zaXplOjQ2cHgiPlRyYXZlbGxlcnMgSGVhbHRoIENlbnRlcjwvc3Bhbj48YnI+CiAgICAgIDxzcGFuIHN0eWxlPSJjb2xvcjojMDlGOyBmb250LXNpemU6OHB4IGZvbnQtd2VpZ2h0OmJvbGQiPkdDQyBDb2RlOiAKICAgIDwvc3Bhbj48L3RkPgogIDwvdHI+CiAgPHRyPgogICAgPHRkIGFsaWduPSJjZW50ZXIiPjxzdHJvbmc+QWRkcmVzczo8L3N0cm9uZz48YnI+CiAgICAgIC4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uCiAgICAgIDxicj4KICAgICAgSG9sZGluZyBOby4gMjgwPGJyPgogICAgICBDdW1pbGxhIFJvYWQ8YnI+IAogICAgICBDaGFuZHB1ciBzYWRhcjxicj4gCiAgICAgIENoYW5kcHVyIDxicj4KICAgIEJhbmdsYWRlc2g8YnI+CiAgICA8c3Ryb25nPlBob25lOiA8L3N0cm9uZz4rODggMDIyMjIyMjU2Mzk8c3Ryb25nPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MjRweCI+fCZuYnNwOzwvc3Bhbj5Nb2JpbGU6IDwvc3Ryb25nPis4ODAgMTcyNzU2NjUwNjxicj4KICAgIDxzdHJvbmc+ZU1haWw6PC9zdHJvbmc+IGluZm9AdHJhdmVsbGVyc2hlYWx0aGNlbnRlci5jb20gPHN0cm9uZz48c3BhbiBzdHlsZT0iZm9udC1zaXplOjI0cHgiPnw8L3NwYW4+PC9zdHJvbmc+IHRyYXZlbGxlcnNoZWFsdGhjZW50ZXJAZ21haWwuY29tPC90ZD4KICA8L3RyPgogIDx0cj4KICAgIDx0ZCBhbGlnbj0iY2VudGVyIj48YnI+CiAgICAqKiBQbGVhc2Uga2VlcCB3YXRjaGluZy4gV2UgYXJlIGNvbWluZyBzb29uIHdpdGggZnVsbCBpbmZvcm1hdGlvbi4gKio8YnI+PC90ZD4KICA8L3RyPgo8L3Rib2R5PjwvdGFibGU+CgoKPC9ib2R5PjwvaHRtbD4="}},"submit":{"url":{"schema":"http","addr":"www.travellershealthcenter.com/","fqdn":"www.travellershealthcenter.com","domain":"travellershealthcenter.com","tld":"com"},"ip":{"addr":"185.151.30.174","port":0,"asn":48254,"as":"20i Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-06T09:24:11Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.travellershealthcenter.com","ip":{"addr":"185.151.30.174","port":443,"asn":48254,"as":"20i Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":12,"request_count":2,"received_data":2515,"sent_data":966,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"StackPath","description":"StackPath is a cloud computing and services provider.","website":"https://www.stackpath.com","common_platform_enumeration":"","icon":"StackPath.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.travellershealthcenter.com/","fqdn":"www.travellershealthcenter.com","domain":"travellershealthcenter.com","tld":"com"},"ip":{"addr":"185.151.30.174","port":443,"asn":48254,"as":"20i Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-01T09:23:49.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.travellershealthcenter.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 01 Nov 2025 00:09:33 GMT","end":"Fri, 30 Jan 2026 00:09:32 GMT"},"fingerprint":{"sha1":"DA:E4:53:F4:96:5B:2C:81:3A:1F:F0:15:94:6D:BE:ED:6E:75:77:A8","sha256":"5E:3A:87:3B:93:59:0C:02:CA:1C:8D:BC:C6:DE:64:F8:23:92:D3:85:1C:C8:4A:87:BA:AD:6F:28:BB:DC:97:4C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.travellershealthcenter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 01 Nov 2025 09:23:43 GMT\r\ncontent-type: text/html\r\nserver: Apache\r\nx-provided-by: StackCDN\r\nlast-modified: Tue, 09 Sep 2025 06:49:50 GMT\r\netag: W/\"6b3-63e58b5e9c896\"\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-origin-cache-status: MISS\r\ncontent-encoding: gzip\r\nx-cdn-cache-status: MISS\r\nx-via: FRA1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"StackPath","description":"StackPath is a cloud computing and services provider.","website":"https://www.stackpath.com","common_platform_enumeration":"","icon":"StackPath.svg","categories":["CDN"]}],"data":{"size":1715,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"31dcef92444c489a14a8144e9179e314","sha1":"7e479b5a22544d42d6271592c8c9f7589f8ebbfa","sha256":"9f6525c556f348e4bd64fdb0743e604868e62dacab341628c859aca70af1ca45","sha512":"32ea81e218ce9fd7ac32d472c3d1537dd91ea0f042c37c4a1dc307439f81e8457d7f768fc199d7651a0985b8509613fbb3878ddeba076a98fd99c967e6f4d9ae","ssdeep":"","tlshash":"3b311e16f3a07245e5524c909382af179dd18dcaa79f4ce8b50e943f8fcd16a61337d8","first_seen":"2025-11-01T09:24:15.93754Z","last_seen":"2025-11-01T09:24:15.93754Z","times_seen":1,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":89,"dns":28,"connect":25,"send":0,"wait":79,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.travellershealthcenter.com/favicon.ico","fqdn":"www.travellershealthcenter.com","domain":"travellershealthcenter.com","tld":"com"},"ip":{"addr":"185.151.30.174","port":443,"asn":48254,"as":"20i Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.travellershealthcenter.com/","date":"2025-11-01T09:23:49.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.travellershealthcenter.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 01 Nov 2025 00:09:33 GMT","end":"Fri, 30 Jan 2026 00:09:32 GMT"},"fingerprint":{"sha1":"DA:E4:53:F4:96:5B:2C:81:3A:1F:F0:15:94:6D:BE:ED:6E:75:77:A8","sha256":"5E:3A:87:3B:93:59:0C:02:CA:1C:8D:BC:C6:DE:64:F8:23:92:D3:85:1C:C8:4A:87:BA:AD:6F:28:BB:DC:97:4C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.travellershealthcenter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.travellershealthcenter.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 01 Nov 2025 09:23:43 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nvary: Accept-Encoding\r\nserver: Apache\r\nx-origin-cache-status: MISS\r\ncontent-encoding: gzip\r\nx-cdn-cache-status: MISS\r\nx-via: FRA1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":196,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"62962daa1b19bbcc2db10b7bfd531ea6","sha1":"d64bae91091eda6a7532ebec06aa70893b79e1f8","sha256":"80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880","sha512":"9002a0475fdb38541e78048709006926655c726e93e823b84e2dbf5b53fd539a5342e7266447d23db0e5528e27a19961b115b180c94f2272ff124c7e5c8304e7","ssdeep":"","tlshash":"c0d0129e9183638b442225907ac211d2654d13a6b87645e82d82a48a951857dc5ca69d","first_seen":"2023-03-07T12:06:54Z","last_seen":"2026-04-04T21:37:02.795767Z","times_seen":90091,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-01","alert":"Sinkholed","trigger":"www.travellershealthcenter.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}