{"report_id":"72ad9fa9-21e1-40a7-9270-7306f021b4e1","version":6,"status":"done","tags":[],"date":"2026-01-31T13:52:50Z","url":{"schema":"http","addr":"babitevip.com","fqdn":"babitevip.com","domain":"babitevip.com","tld":"com"},"ip":{"addr":"23.225.83.186","port":0,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"babitevip.com/","fqdn":"babitevip.com","domain":"babitevip.com","tld":"com"},"title":"ERROR 404 - Not Found!","dom":{"size":3550,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"4bcdbb6987701efea965ef6fa622a26c","sha1":"b1d659e9e03ff06e1c4cb8e6ca734e4997055b8b","sha256":"dfd51fccc1d4a004cda27db435974b054913186db35708eae430e44af89d0cf5","sha512":"2054a36a9a883729b978ab1b59a76403b99beb890237cbb7a84f9bfa427440bc2efd9d009cfdd98abf1ffb1e9a87564c5870de0ee89722f0a3210a56957485cc","ssdeep":"","tlshash":"1f71105b5de311527d6bb0b02fe5e70925205443d109de1abacc66e8dfc08948de378c","dom_hash":"domhashfc8a48b52f6220a777b363bc822836a5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"babitevip.com","fqdn":"babitevip.com","domain":"babitevip.com","tld":"com"},"ip":{"addr":"23.225.83.186","port":0,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-07T13:52:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-31T13:52:29Z","timestamp":1769867549,"ip_dst":{"addr":"47.254.186.255","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":52612,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-31T13:52:29.670618+0000\",\"flow_id\":1133461349695773,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.37\",\"src_port\":52612,\"dest_ip\":\"47.254.186.255\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"qbhk.oss-accelerate.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6176,\"start\":\"2026-01-31T13:52:29.622877+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"babitevip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"babitevip.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2018-04-24","domain_rank":0,"first_seen":"2026-01-31T13:30:05.637724Z","last_seen":"2026-01-31T13:30:05.637724Z","alert_count":6,"request_count":6,"received_data":8484,"sent_data":2494,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"qbhk.oss-accelerate.aliyuncs.com","ip":{"addr":"47.254.186.255","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2026-01-30T02:36:59.687551Z","last_seen":"2026-01-30T02:37:00.23285Z","alert_count":0,"request_count":2,"received_data":31561,"sent_data":910,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"babitevip.com/","fqdn":"babitevip.com","domain":"babitevip.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1de5eb4d72e7570b73bc04a9c8edc80d","sha1":"ecae99bc5c52d991518b881c64197be67896cba2","sha256":"6a280ca95c2da80dc24ce564821dc7a8c00dd8e4108b89433de9a6c523a18ca1","sha512":"18d96cbcfc35e61e9db8c71f49217f618e960aab66107d8de31314e5ab7a622e549010660bf4083fd6ad672745aba0ce15893b8f4fefef814447e44bff4afc9d","ssdeep":"","tlshash":"e601f21d97e291b1ae2271f51b4fe406ba3a14430008ba0bb80d0b94ffc583887b6e81","size":837,"data":"","first_seen":"2025-03-11T06:39:38.12548Z","last_seen":"2026-06-07T07:17:40.010647Z","times_seen":913,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"babitevip.com/","fqdn":"babitevip.com","domain":"babitevip.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-31T13:52:28.289Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: babitevip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T16:33:36.180633Z","times_seen":16390792,"resource_available":true,"data":null}},"time_used":324,"timings":{"blocked":0,"dns":12,"connect":153,"send":0,"wait":0,"receive":0,"ssl":156},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"babitevip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"babitevip.com/","fqdn":"babitevip.com","domain":"babitevip.com","tld":"com"},"ip":{"addr":"23.225.83.186","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-31T13:52:28.627Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: babitevip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 31 Jan 2026 13:52:28 GMT\r\nContent-Type: text/html\r\nLast-Modified: Sat, 10 May 2025 19:51:42 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"681fae4e-e63\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3683,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"4a0facd488adc5f7ad67d5b9e86c55b8","sha1":"07084475ef13468222b15b24e07bc95d9d405b5f","sha256":"9b36a57cd95d4637ee414699ceba47f1fc8ad688b6d8243783d922ae1a91acf7","sha512":"e17227f89129b438fa621ef5f1229545fe92bc97d883d3281fdc61295dbc354da91297f109440274c0978a68ff9cb264b573e07b7073b86a2d5bd66c81465da9","ssdeep":"","tlshash":"2b71424b5de31152796bb0b02fe5e30925205443d109de1afacc66e8dfc0994cee3b8c","first_seen":"2026-01-30T02:37:08.997031Z","last_seen":"2026-04-30T16:03:02.06271Z","times_seen":4,"resource_available":true,"data":null}},"time_used":469,"timings":{"blocked":156,"dns":1,"connect":156,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"babitevip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qbhk.oss-accelerate.aliyuncs.com/im4/error404.png","fqdn":"qbhk.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.186.255","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://babitevip.com/","date":"2026-01-31T13:52:40.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 06 Jan 2026 03:11:40 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"31:BA:2E:55:27:E4:ED:15:09:5D:6D:19:6C:AD:8E:8F:27:A5:53:98","sha256":"BE:44:F1:5A:3A:EA:BF:CF:34:B1:8B:1B:2A:74:E5:A1:6F:F7:C7:DE:CC:58:A6:FF:8E:6C:B5:DF:11:FB:0A:E2"}}},"request":{"raw":"GET /im4/error404.png HTTP/1.1\r\nHost: qbhk.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://babitevip.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sat, 31 Jan 2026 13:52:40 GMT\r\nContent-Type: image/png\r\nContent-Length: 15193\r\nConnection: keep-alive\r\nx-oss-request-id: 697E0928B7D61AEC8EB2BC74\r\nAccept-Ranges: bytes\r\nETag: \"FF1064DA991460962459859D8126F93B\"\r\nLast-Modified: Sat, 10 May 2025 19:49:15 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5731997307687769328\r\nx-oss-storage-class: Standard\r\nx-oss-meta-mtime: 1744311193.8142539\r\nx-oss-ec: 0048-00000111\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: /xBk2pkUYJYkWYWdgSb5Ow==\r\nx-oss-server-time: 44\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":15193,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 349 x 183, 8-bit/color RGBA, non-interlaced","md5":"ff1064da991460962459859d8126f93b","sha1":"f25f0ee0865dcac43e4ad4329ba4552807711b84","sha256":"42c49df827f61d88b9dcefec635af22de22dd10cbf49c5ebd8ccddb28459077c","sha512":"c2c802c12e5a10f92165134a0abe5421c471df7c8d17501be3749b83c543c300fac9f06bf829492e99d410f4a22d7181be50766249a2f7a2830cf39014125306","ssdeep":"384:aiUt/h0GPSbbd5IhgdFaZQMsMvC+t1LMtVVUyDZf/H:Dm/h1PSb7I4FYQM5qq9MtXUy9n","tlshash":"0562e1bc2ca45c529d18d7ef1dde2047b00b4942a98c47b7f4a8e812f5a5af2a40fcc5","first_seen":"2023-05-15T07:40:50Z","last_seen":"2026-06-08T13:03:35.652465Z","times_seen":64,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":222,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qbhk.oss-accelerate.aliyuncs.com/im4/error404.png","fqdn":"qbhk.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.186.255","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://babitevip.com/","date":"2026-01-31T13:52:29.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 06 Jan 2026 03:11:40 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"31:BA:2E:55:27:E4:ED:15:09:5D:6D:19:6C:AD:8E:8F:27:A5:53:98","sha256":"BE:44:F1:5A:3A:EA:BF:CF:34:B1:8B:1B:2A:74:E5:A1:6F:F7:C7:DE:CC:58:A6:FF:8E:6C:B5:DF:11:FB:0A:E2"}}},"request":{"raw":"GET /im4/error404.png HTTP/1.1\r\nHost: qbhk.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://babitevip.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sat, 31 Jan 2026 13:52:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 15193\r\nConnection: keep-alive\r\nx-oss-request-id: 697E091D34FAB602916F8C94\r\nAccept-Ranges: bytes\r\nETag: \"FF1064DA991460962459859D8126F93B\"\r\nLast-Modified: Sat, 10 May 2025 19:49:15 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5731997307687769328\r\nx-oss-storage-class: Standard\r\nx-oss-meta-mtime: 1744311193.8142539\r\nx-oss-ec: 0048-00000111\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: /xBk2pkUYJYkWYWdgSb5Ow==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":15193,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 349 x 183, 8-bit/color RGBA, non-interlaced","md5":"ff1064da991460962459859d8126f93b","sha1":"f25f0ee0865dcac43e4ad4329ba4552807711b84","sha256":"42c49df827f61d88b9dcefec635af22de22dd10cbf49c5ebd8ccddb28459077c","sha512":"c2c802c12e5a10f92165134a0abe5421c471df7c8d17501be3749b83c543c300fac9f06bf829492e99d410f4a22d7181be50766249a2f7a2830cf39014125306","ssdeep":"384:aiUt/h0GPSbbd5IhgdFaZQMsMvC+t1LMtVVUyDZf/H:Dm/h1PSb7I4FYQM5qq9MtXUy9n","tlshash":"0562e1bc2ca45c529d18d7ef1dde2047b00b4942a98c47b7f4a8e812f5a5af2a40fcc5","first_seen":"2023-05-15T07:40:50Z","last_seen":"2026-06-08T13:03:35.652465Z","times_seen":64,"resource_available":false,"data":null}},"time_used":1434,"timings":{"blocked":626,"dns":554,"connect":22,"send":0,"wait":181,"receive":1,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"babitevip.com/favicon.ico","fqdn":"babitevip.com","domain":"babitevip.com","tld":"com"},"ip":{"addr":"23.225.83.186","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://babitevip.com/","date":"2026-01-31T13:52:29.167Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: babitevip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://babitevip.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Sat, 31 Jan 2026 13:52:29 GMT\r\nContent-Type: text/html\r\nContent-Length: 146\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-13T16:31:11.042296Z","times_seen":526301,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"babitevip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"babitevip.com/","fqdn":"babitevip.com","domain":"babitevip.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-31T13:52:39.996Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: babitevip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T16:33:36.180633Z","times_seen":16390792,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":0,"dns":1,"connect":159,"send":0,"wait":0,"receive":0,"ssl":161},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"babitevip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"babitevip.com/","fqdn":"babitevip.com","domain":"babitevip.com","tld":"com"},"ip":{"addr":"23.225.83.186","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-31T13:52:40.334Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: babitevip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://babitevip.com/\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 31 Jan 2026 13:52:40 GMT\r\nContent-Type: text/html\r\nLast-Modified: Sat, 10 May 2025 19:51:42 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"681fae4e-e63\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3683,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"4a0facd488adc5f7ad67d5b9e86c55b8","sha1":"07084475ef13468222b15b24e07bc95d9d405b5f","sha256":"9b36a57cd95d4637ee414699ceba47f1fc8ad688b6d8243783d922ae1a91acf7","sha512":"e17227f89129b438fa621ef5f1229545fe92bc97d883d3281fdc61295dbc354da91297f109440274c0978a68ff9cb264b573e07b7073b86a2d5bd66c81465da9","ssdeep":"","tlshash":"2b71424b5de31152796bb0b02fe5e30925205443d109de1afacc66e8dfc0994cee3b8c","first_seen":"2026-01-30T02:37:08.997031Z","last_seen":"2026-04-30T16:03:02.06271Z","times_seen":4,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"babitevip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"babitevip.com/favicon.ico","fqdn":"babitevip.com","domain":"babitevip.com","tld":"com"},"ip":{"addr":"23.225.83.186","port":80,"asn":40065,"as":"CNSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://babitevip.com/","date":"2026-01-31T13:52:40.619Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: babitevip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://babitevip.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Sat, 31 Jan 2026 13:52:40 GMT\r\nContent-Type: text/html\r\nContent-Length: 146\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-13T16:31:11.042296Z","times_seen":526301,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"babitevip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}