{"report_id":"75a5bb9c-eede-49e2-9e80-c3876635ebbc","version":6,"status":"done","tags":[],"date":"2026-03-27T13:21:07Z","url":{"schema":"http","addr":"gemini.min0326.mom","fqdn":"gemini.min0326.mom","domain":"min0326.mom","tld":"mom"},"ip":{"addr":"104.21.49.201","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gemini.min0326.mom/","fqdn":"gemini.min0326.mom","domain":"min0326.mom","tld":"mom"},"title":"登录","dom":{"size":8529,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7557)","md5":"64dbc209fafd2367fc789ebe38d371d3","sha1":"33cce61e7a61b7c6ca45946e755185924b481649","sha256":"3480054df585188c40f79fa2e7662d9d28b7404e9c284efab3afc02befa8a5e3","sha512":"7b1e7ac12f2e2ef9cad931d952dccf0fa877e7bec0d7f0a17052200b3b20ff89fd2f183c3c63bd27178c510c66df4382e11d9db456bf46251f39d3f8cc9087f5","ssdeep":"96:MyhTD7J+Oe/AT37J+Oe/ATg9SOt8sYferBebdtuy9efI6++i0t/iSimFUioEt8lG:MyhTD7JXeS7JXex/27xyiK3sKjZ","tlshash":"1402a66a7220046eae63c4dbedd1b655711e71c3da3ecaf6b88e5400bbdb5b604d7304","dom_hash":"domhash2e7b49c057eca66f8e42b631c015eb95","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gemini.min0326.mom","fqdn":"gemini.min0326.mom","domain":"min0326.mom","tld":"mom"},"ip":{"addr":"104.21.49.201","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-01T13:21:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gemini.min0326.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-03-23T05:38:41.369782Z","alert_count":0,"request_count":2,"received_data":815984,"sent_data":828,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"gemini.min0326.mom","ip":{"addr":"104.21.49.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-19","domain_rank":0,"first_seen":"2026-03-27T13:21:08.343834Z","last_seen":"2026-03-27T13:21:08.343834Z","alert_count":2,"request_count":2,"received_data":2997,"sent_data":930,"comment":"","tags":null,"fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gemini.min0326.mom/","fqdn":"gemini.min0326.mom","domain":"min0326.mom","tld":"mom"},"ip":{"addr":"104.21.49.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"02dc1a67960c827fc96fdc20fa85edc3","sha1":"2a35d10ea54186cce45c5735b8928ccbadb99522","sha256":"7fa29481bde1c9637e4c9c0a9d21ad507822c2b7a518d42d8d36ec76914cd118","sha512":"51e1367b303a6af5e63f7dd3c09a6a8b61845588fc76f38b35d6fa2421905f61602a85cf2beae7a0f7a49e968b486729ab5554510ca9c3d473e194e29668e078","ssdeep":"","tlshash":"d511279b60b369b14bebf13e166b65053027409b7c02dc013e4c19442f2874e453aac9","size":941,"data":"","first_seen":"2026-03-27T13:21:11.214523Z","last_seen":"2026-04-10T19:35:44.208989Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-23T03:22:42.564859Z","times_seen":31102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"gemini.min0326.mom/","fqdn":"gemini.min0326.mom","domain":"min0326.mom","tld":"mom"},"ip":{"addr":"104.21.49.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-27T13:20:46.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"min0326.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 13:26:22 GMT","end":"Wed, 17 Jun 2026 14:26:15 GMT"},"fingerprint":{"sha1":"4E:5A:EE:E5:BE:8C:42:C7:0A:62:10:FE:E7:97:8B:D9:83:B5:E0:D1","sha256":"DC:E4:75:28:2D:E9:66:79:D2:11:C9:AC:4F:C9:5D:CF:23:9B:8D:CA:32:C0:93:06:2D:A6:E5:28:03:68:3C:F2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gemini.min0326.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 27 Mar 2026 13:20:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OjmNiKFPWDWhyM8uN8av6FX0vPpEoIS8m2CZ7RHDo5a9A3r80mbeBcBa0kpc9d6TurhVSDSHS3MXUdbSEGKqRxX8LxW1ewrVvYUhaZIuKoX4KVJoKdgo%2FA5pR%2FhYfYX4wRxAE1I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e2eb1c29932b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1868,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (896)","md5":"88730d35a490a6ebc6b22037b57723ff","sha1":"1f414acc3e113cd67c449fd33c0d2d91ed93c195","sha256":"5ed8466c6b60f6c58fe3473fd59d8eb12b65daf9832e4f26e9d1c067adb3ba8c","sha512":"7259cf85de5a8f9b310e0df68e43649f393fbd5c0205e79cad7230a915e14a4faf48a9d7b0a4202a3419e0e9aa134e8510dc2d59083226b17ed0cc0124cbc9e2","ssdeep":"","tlshash":"6e3144e630b25cab4697ed3836d3ba4a209f811fd953c80578dc31182fdde4644516ca","first_seen":"2026-03-27T13:21:11.211944Z","last_seen":"2026-04-10T19:35:44.208122Z","times_seen":5,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":67,"dns":44,"connect":1,"send":0,"wait":92,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gemini.min0326.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gemini.min0326.mom/","date":"2026-03-27T13:20:46.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 09:41:26 GMT","end":"Fri, 19 Jun 2026 10:41:19 GMT"},"fingerprint":{"sha1":"1C:D9:C0:8C:4D:FA:FF:5A:2C:CC:48:EB:7B:35:CF:FA:AB:7F:C0:61","sha256":"1E:81:97:52:8B:47:37:54:3B:62:1E:0B:E5:1D:D6:F7:F2:6D:CD:F7:D3:1F:8C:0E:78:14:26:9F:B9:87:EA:5C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.min0326.mom/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Fri, 27 Mar 2026 13:20:46 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::dmb7p-1774617558342-50ec4a5b51e0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 88\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kBr9Qm8Yv0zszK63l5oEj7GcsQqtJ5YcIIpQ5GFhRalGGyeRNtXfj0xmYFKzclzh9lfdv2AG0md6xeGhJOzvKFmrOoxb%2FxSEZcrQV9oABKhN%2BxwuO3K4wipz3GqtIEIW3ylQQQo%3D\"}]}\r\ncf-ray: 9e2eb1c48dbe8be6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T03:09:27.615538Z","times_seen":14085251,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":26,"dns":1,"connect":4,"send":0,"wait":7,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gemini.min0326.mom/","date":"2026-03-27T13:20:46.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 09:41:26 GMT","end":"Fri, 19 Jun 2026 10:41:19 GMT"},"fingerprint":{"sha1":"1C:D9:C0:8C:4D:FA:FF:5A:2C:CC:48:EB:7B:35:CF:FA:AB:7F:C0:61","sha256":"1E:81:97:52:8B:47:37:54:3B:62:1E:0B:E5:1D:D6:F7:F2:6D:CD:F7:D3:1F:8C:0E:78:14:26:9F:B9:87:EA:5C"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini.min0326.mom/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 27 Mar 2026 13:20:46 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::rhz55-1772419043268-7fdcc195e7a4\r\nlast-modified: Mon, 02 Mar 2026 02:37:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 2198602\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NFXzWEqUQH6C5mbBejj8nkqrQ29jewv%2FcmboUPw5QB7W0gDlKVssI%2Fp02Js6FH2OnvgQxYG0bMgu1yiO992E1LpJfnZPxn4ra7L8e4AtSRXbhozC678sN3keK%2FNuBEVXuPbvBTM%3D\"}]}\r\ncf-ray: 9e2eb1c4be548be6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-23T03:22:42.564859Z","times_seen":31102,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini.min0326.mom/favicon.ico","fqdn":"gemini.min0326.mom","domain":"min0326.mom","tld":"mom"},"ip":{"addr":"104.21.49.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini.min0326.mom/","date":"2026-03-27T13:20:47.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"min0326.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 13:26:22 GMT","end":"Wed, 17 Jun 2026 14:26:15 GMT"},"fingerprint":{"sha1":"4E:5A:EE:E5:BE:8C:42:C7:0A:62:10:FE:E7:97:8B:D9:83:B5:E0:D1","sha256":"DC:E4:75:28:2D:E9:66:79:D2:11:C9:AC:4F:C9:5D:CF:23:9B:8D:CA:32:C0:93:06:2D:A6:E5:28:03:68:3C:F2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gemini.min0326.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.min0326.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Fri, 27 Mar 2026 13:20:47 GMT\r\ncontent-length: 9\r\ncontent-type: text/plain; charset=UTF-8\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XFE%2BCCoSkE0w9q966WbPsGNRHCF813w41Vs4SyGwOxe5e1fDR2lD2pNv47tih%2BTNnpwcAUSC2jWAq0YkXGmcuk35PSb0LSmlu4%2FJm%2BFF%2BbgVxeEZdBPTyJE7hs6fMGVajK%2FZGGg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9e2eb1c86868568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9e076f5885f5cc16a4b5aeb8de4adff5","sha1":"475c848673a3f79fa778f01c2bd5a721d4c41707","sha256":"e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31","sha512":"4d384838c78c74f56de20de3fe125b9fe4d40b7c9fb5d767b647f05aede6bf63431f4f08ac464e188e77b227becc3ab4ba86272f30b53d91b15003d814e06d2e","ssdeep":"","tlshash":"4a50000c3000030c0000003000c00030000c03000c0000300000c00c000000000000cc","first_seen":"2023-04-05T14:05:15Z","last_seen":"2026-04-23T02:54:08.332342Z","times_seen":7453,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gemini.min0326.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}