{"report_id":"9d1546ad-8932-4779-8025-a221b1deccc9","version":6,"status":"done","tags":[],"date":"2026-06-01T12:27:16Z","url":{"schema":"http","addr":"test.chohantextile.com/.well-known/pki-validation/-/rf.htm","fqdn":"test.chohantextile.com","domain":"chohantextile.com","tld":"com"},"ip":{"addr":"198.177.120.88","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"xioamigpscar.cheetahcar.shop/.well-known/jufjjf/","fqdn":"xioamigpscar.cheetahcar.shop","domain":"cheetahcar.shop","tld":"shop"},"title":"Raiffeisen BANK - Belépés","dom":{"size":5949,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"c3ea92b437ff8c7ea6661d2bbe215195","sha1":"3216d1a4c7cfb43ad9e386bef46d7b969e204b36","sha256":"44979dd84b6f6dcb18256209b544f5db966a670edbfcfa1acca491c53e32e3e7","sha512":"657694e62052aaa1eec19a7b663a9fa0a2ee3d4c82480ffbad7f0b249688c346577463f36e83e0ea52308da5fbad4a488969754e5fc599fbb4e6abdbacdbbe9f","ssdeep":"96:fStrqwb22aSx3XxSh6ZhSMN5J+Ip44qwzKsoUqlO5GYf:fStrqwytux8eBzqJwZ5bf","tlshash":"24c1be3055f4042b42d7c685ba652e1baf91e9178a1b4a04b6fc0fda1fe3e83cd5325e","dom_hash":"domhash3979450214a48cfb0eb1af4c3ce952ed","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"test.chohantextile.com/.well-known/pki-validation/-/rf.htm","fqdn":"test.chohantextile.com","domain":"chohantextile.com","tld":"com"},"ip":{"addr":"198.177.120.88","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-06T12:27:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":8}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"xioamigpscar.cheetahcar.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"test.chohantextile.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"test.chohantextile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"test.chohantextile.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"test.chohantextile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"test.chohantextile.com","ip":{"addr":"198.177.120.88","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"The Netherlands","country_code":"NL"},"domain_registered":"2020-04-11","domain_rank":0,"first_seen":"2026-05-30T04:11:25.983849Z","last_seen":"2026-05-30T04:11:25.983849Z","alert_count":8,"request_count":2,"received_data":854,"sent_data":1012,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}]},{"fqdn":"xioamigpscar.cheetahcar.shop","ip":{"addr":"5.144.130.187","port":443,"asn":59441,"as":"NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)","country":"Iran","country_code":"IR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-26T07:15:42.78498Z","last_seen":"2026-05-26T07:15:42.78498Z","alert_count":32,"request_count":8,"received_data":246394,"sent_data":4139,"comment":"","tags":null,"fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"test.chohantextile.com/.well-known/pki-validation/-/rf.htm","fqdn":"test.chohantextile.com","domain":"chohantextile.com","tld":"com"},"ip":{"addr":"198.177.120.88","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"00e7cc4eaba9eadfc46a542a3bd5801d","sha1":"e8d60daa1132f36a9e0196ca51e1e96012b6aee1","sha256":"c0a2bdcc8e734866c9f50f3cba1c1023a550aa63c00b2aa4bc7406cf61668608","sha512":"4037f74942c5e3a9bf3c2a4e4e177b092f6525136059679b5cb65aa311967354473eedcecb4cc2bd0b6f4c899630c99df06a09d51d4de337932fac3668925235","ssdeep":"","tlshash":"23e07d8e29423710351210748faf3944101770572e0895403e4dc3068f76e5f8a039dd","size":360,"data":"","first_seen":"2026-05-30T04:11:31.270694Z","last_seen":"2026-06-01T17:00:39.366356Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xioamigpscar.cheetahcar.shop/.well-known/jufjjf/","fqdn":"xioamigpscar.cheetahcar.shop","domain":"cheetahcar.shop","tld":"shop"},"ip":{"addr":"5.144.130.187","port":443,"asn":59441,"as":"NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"8c2d25a82da61e1391d6d6e5299d6440","sha1":"333f2367524e0735ad7e3b5f97f1ebc05f4d53b4","sha256":"7f1baa2fb684ff8849dc8cfcbe4b61a3ea3eb4e0f508bb67f67c5f6ea6f9121c","sha512":"3d807ddfb6d49573607f9ce27fea4fd8ebeb02a1539abf46643f3e104c10e6028312a354900ff1afd490beff3af432d17a2b012d7f0483d6fa210750e7bdc5f0","ssdeep":"","tlshash":"39d02bb336b2153095aba5e351ff4284f530904339438a00be3cc6640f7ad015a53eaf","size":277,"data":"","first_seen":"2026-05-08T08:58:17.257837Z","last_seen":"2026-06-04T07:33:03.425969Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"xioamigpscar.cheetahcar.shop/.well-known/jufjjf/css/structure.css","fqdn":"xioamigpscar.cheetahcar.shop","domain":"cheetahcar.shop","tld":"shop"},"ip":{"addr":"5.144.130.187","port":443,"asn":59441,"as":"NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/","date":"2026-06-01T12:26:55.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xioamigpscar.cheetahcar.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:51:59 GMT","end":"Fri, 07 Aug 2026 07:51:58 GMT"},"fingerprint":{"sha1":"FC:8B:F6:71:C8:9C:D6:9A:37:AD:CC:50:52:70:94:EE:77:EF:1D:22","sha256":"E2:6E:81:FB:3F:32:57:D8:BA:BF:A1:4A:DE:17:82:B4:E6:1F:04:B1:DA:0E:EB:18:D3:38:49:AD:96:0C:C0:D0"}}},"request":{"raw":"GET /.well-known/jufjjf/css/structure.css HTTP/1.1\r\nHost: xioamigpscar.cheetahcar.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 08 Jun 2026 12:26:55 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 18 May 2026 19:20:18 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 15055\r\ndate: Mon, 01 Jun 2026 12:26:55 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89175,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58780)","md5":"d1025149f591db2d1a342486646d922b","sha1":"8b0c33886591ea62afcab7867e0dc9606adf591a","sha256":"d1bfefae8013a12c42cead9d1da250a76ebf14bcd06eb3c30c52a6417797471a","sha512":"39151823cc6a7f0edf45de3b073b1688f7b979689a14a1da865fb6e9e71033aa7e0a153fcf38f5eedd5f00fd9965181943c49dccf6a01251f3a8cfd0a4806184","ssdeep":"768:fyr+KZK3I9cfx1Uz6l+yQ/6U+elOfGvppS6x66Bw8rYxPwNc6ldzSCJj3:fyrt9yUz6l1IpzYZDIj","tlshash":"889354a1d90d10d46337c1abbfc0b7a9a0b6f339d1021d6af5de291c89c51d621a3fad","first_seen":"2023-11-03T15:34:47Z","last_seen":"2026-06-04T07:33:03.412488Z","times_seen":13,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"xioamigpscar.cheetahcar.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xioamigpscar.cheetahcar.shop/.well-known/jufjjf/images/logo.jpg","fqdn":"xioamigpscar.cheetahcar.shop","domain":"cheetahcar.shop","tld":"shop"},"ip":{"addr":"5.144.130.187","port":443,"asn":59441,"as":"NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/","date":"2026-06-01T12:26:55.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xioamigpscar.cheetahcar.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:51:59 GMT","end":"Fri, 07 Aug 2026 07:51:58 GMT"},"fingerprint":{"sha1":"FC:8B:F6:71:C8:9C:D6:9A:37:AD:CC:50:52:70:94:EE:77:EF:1D:22","sha256":"E2:6E:81:FB:3F:32:57:D8:BA:BF:A1:4A:DE:17:82:B4:E6:1F:04:B1:DA:0E:EB:18:D3:38:49:AD:96:0C:C0:D0"}}},"request":{"raw":"GET /.well-known/jufjjf/images/logo.jpg HTTP/1.1\r\nHost: xioamigpscar.cheetahcar.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 08 Jun 2026 12:26:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 18 May 2026 19:20:18 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3837\r\ndate: Mon, 01 Jun 2026 12:26:55 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3837,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 300 x 90, 8-bit/color RGB, non-interlaced","md5":"e08d5cba3d3023021b656326895e6850","sha1":"4dcea00edcb011b9d3725e118cae9a23c2f70577","sha256":"a5a935fa780fa290efbd34e1580876462619ccd71bb664c45b41dc53329e8767","sha512":"6a1dd0756e71fe8f8c4c86b2bf97b2f657e533cbf25d6c20fea4209dce1eff2334cb1919d45b730475c3ca5312f405d9d34e3750e08887609d37550152e798a0","ssdeep":"","tlshash":"96816c9bffbd69deb11e234d703500a637898645a8a40a5ce8b0ce5910d5cb3da94684","first_seen":"2023-11-03T15:34:48Z","last_seen":"2026-06-04T07:33:03.418704Z","times_seen":10,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"xioamigpscar.cheetahcar.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xioamigpscar.cheetahcar.shop/.well-known/jufjjf/fonts/Roboto-Regular.ttf","fqdn":"xioamigpscar.cheetahcar.shop","domain":"cheetahcar.shop","tld":"shop"},"ip":{"addr":"5.144.130.187","port":443,"asn":59441,"as":"NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/","date":"2026-06-01T12:26:56.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xioamigpscar.cheetahcar.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:51:59 GMT","end":"Fri, 07 Aug 2026 07:51:58 GMT"},"fingerprint":{"sha1":"FC:8B:F6:71:C8:9C:D6:9A:37:AD:CC:50:52:70:94:EE:77:EF:1D:22","sha256":"E2:6E:81:FB:3F:32:57:D8:BA:BF:A1:4A:DE:17:82:B4:E6:1F:04:B1:DA:0E:EB:18:D3:38:49:AD:96:0C:C0:D0"}}},"request":{"raw":"GET /.well-known/jufjjf/fonts/Roboto-Regular.ttf HTTP/1.1\r\nHost: xioamigpscar.cheetahcar.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/css/rbsso.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 796\r\ndate: Mon, 01 Jun 2026 12:26:55 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":796,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"265e51037981a14ed99a5fc8c5ec1b51","sha1":"d12ac588953298fdaf46dd5b4af8eb4cf6b06f0a","sha256":"c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400","sha512":"b18aa610811c5f9bc1dd829ad90a95568e81a41e1fd1472983dc00147f65045fd91fbc498b5263ce4f4c88b041be21f186ed2ce357d3bcf86c0429ca18991151","ssdeep":"","tlshash":"1101f12ac182a80fe0231070fa91e37451594212629b4f647b9ff676f6ce1ab56b22cc","first_seen":"2024-02-05T05:35:22Z","last_seen":"2026-06-06T19:43:17.035976Z","times_seen":46536,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"xioamigpscar.cheetahcar.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xioamigpscar.cheetahcar.shop/.well-known/jufjjf/images/icon.png","fqdn":"xioamigpscar.cheetahcar.shop","domain":"cheetahcar.shop","tld":"shop"},"ip":{"addr":"5.144.130.187","port":443,"asn":59441,"as":"NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/","date":"2026-06-01T12:26:56.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xioamigpscar.cheetahcar.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:51:59 GMT","end":"Fri, 07 Aug 2026 07:51:58 GMT"},"fingerprint":{"sha1":"FC:8B:F6:71:C8:9C:D6:9A:37:AD:CC:50:52:70:94:EE:77:EF:1D:22","sha256":"E2:6E:81:FB:3F:32:57:D8:BA:BF:A1:4A:DE:17:82:B4:E6:1F:04:B1:DA:0E:EB:18:D3:38:49:AD:96:0C:C0:D0"}}},"request":{"raw":"GET /.well-known/jufjjf/images/icon.png HTTP/1.1\r\nHost: xioamigpscar.cheetahcar.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 08 Jun 2026 12:26:55 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 18 May 2026 19:20:18 GMT\r\naccept-ranges: bytes\r\ncontent-length: 6572\r\ndate: Mon, 01 Jun 2026 12:26:55 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6572,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 271 x 300, 8-bit colormap, non-interlaced","md5":"90bcf240caa4d4e4455c9b8ac3809a26","sha1":"9272842eb278f9876c759c342fd952cc7654cccc","sha256":"ebf5d909b5e0c38dd7edba84ea4ccdeed40d4bec9f2bd1ee46798bd2d4f6e27a","sha512":"32470d00eb89e13249fedfa3175e1f70570fbc30cbb5d334b94270b13bfbd3be9c7947a9e6c9fbe4caa5dafc315ee874f5178d57a9c996caf7300644f0edfb2e","ssdeep":"96:rfk1dqwVli9xZ668dGbLwcbgW5cRUB6eJqKyrtjz2IBEXaF4oXNlXj9:SYMliL8dGblbgW5g8M5jjwaOulXp","tlshash":"25d19e53763c6634a89d59b55e17821a0320af588e3057478d09bf70273f9aac3dfa2b","first_seen":"2025-07-02T16:21:27.443612Z","last_seen":"2026-06-04T07:33:03.415102Z","times_seen":7,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":134,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"xioamigpscar.cheetahcar.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"test.chohantextile.com/.well-known/pki-validation/-/rf.htm","fqdn":"test.chohantextile.com","domain":"chohantextile.com","tld":"com"},"ip":{"addr":"198.177.120.88","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-01T12:26:55.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"test.chohantextile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 01 Dec 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9D:0E:7B:BB:73:C1:10:FC:F0:7C:2C:F7:A6:62:F7:24:84:C3:82:ED","sha256":"57:65:84:F2:42:6C:4E:86:FD:FB:5D:89:93:52:29:BF:86:5E:65:9D:8F:DE:62:94:6B:B2:78:A1:B9:09:2A:57"}}},"request":{"raw":"GET /.well-known/pki-validation/-/rf.htm HTTP/1.1\r\nHost: test.chohantextile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Fri, 29 May 2026 06:56:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 276\r\ndate: Mon, 01 Jun 2026 12:26:55 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":571,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"91101ef074e9b2844cbf2bce73de9721","sha1":"40b9015db0202025948651783c97b64778d295e0","sha256":"738abb188fffb68e79a58427dc0bf2cc72524767b5d3349a59d84e967bf1838a","sha512":"e6c6a3351badb2d74492f78c32ab5cf0ff508d35834b9cdcef256161d5db27fcf5958ffc373849a2845c8be2da9e986642fe115e56e449dd3b8ef321fe0d5659","ssdeep":"","tlshash":"1df0c0da18435d14257162708ea7b18cc317a4932b0655003dcde3072f72b5bce43acd","first_seen":"2026-05-30T04:11:31.269749Z","last_seen":"2026-06-01T17:00:39.360504Z","times_seen":3,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":78,"dns":1,"connect":20,"send":0,"wait":22,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"test.chohantextile.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"test.chohantextile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"test.chohantextile.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"test.chohantextile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xioamigpscar.cheetahcar.shop/.well-known/jufjjf/css/rbsso.css","fqdn":"xioamigpscar.cheetahcar.shop","domain":"cheetahcar.shop","tld":"shop"},"ip":{"addr":"5.144.130.187","port":443,"asn":59441,"as":"NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/","date":"2026-06-01T12:26:55.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xioamigpscar.cheetahcar.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:51:59 GMT","end":"Fri, 07 Aug 2026 07:51:58 GMT"},"fingerprint":{"sha1":"FC:8B:F6:71:C8:9C:D6:9A:37:AD:CC:50:52:70:94:EE:77:EF:1D:22","sha256":"E2:6E:81:FB:3F:32:57:D8:BA:BF:A1:4A:DE:17:82:B4:E6:1F:04:B1:DA:0E:EB:18:D3:38:49:AD:96:0C:C0:D0"}}},"request":{"raw":"GET /.well-known/jufjjf/css/rbsso.css HTTP/1.1\r\nHost: xioamigpscar.cheetahcar.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 08 Jun 2026 12:26:55 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 18 May 2026 19:20:18 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3628\r\ndate: Mon, 01 Jun 2026 12:26:55 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24759,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"60bb4cc44251f42946a7a3eb8a28cd3f","sha1":"77440fb9c7223acb9631b78e64c1f397a3e94c00","sha256":"8b68e7af169263394a63b671e9a067dcb3fb4bd3ab4c0eb9dc5185a03ea247b1","sha512":"e75923f703275970e5d2426d5c8d894ed3bfc33b12dd949821b3bce26521e9821a2510083aa64eee2834a6f0b5081c3fdefd77293665940e55159aed71267188","ssdeep":"192:2U2SIIsjXTQwkR59XXIYlMjb96gqRMCLqtqnj2SC22n2I2l12L2V2v2uMa2ug2fB:QktoqaV/xapVQXzRAmFtStimRA","tlshash":"c6b2f016ea060607523a4b6c97b217a4ff5a60b7da43cebd39ec21184ff00655a25fcf","first_seen":"2025-06-29T10:22:20.621821Z","last_seen":"2026-06-04T07:33:03.413835Z","times_seen":9,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"xioamigpscar.cheetahcar.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xioamigpscar.cheetahcar.shop/.well-known/jufjjf/images/letter.jpg","fqdn":"xioamigpscar.cheetahcar.shop","domain":"cheetahcar.shop","tld":"shop"},"ip":{"addr":"5.144.130.187","port":443,"asn":59441,"as":"NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/","date":"2026-06-01T12:26:55.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xioamigpscar.cheetahcar.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:51:59 GMT","end":"Fri, 07 Aug 2026 07:51:58 GMT"},"fingerprint":{"sha1":"FC:8B:F6:71:C8:9C:D6:9A:37:AD:CC:50:52:70:94:EE:77:EF:1D:22","sha256":"E2:6E:81:FB:3F:32:57:D8:BA:BF:A1:4A:DE:17:82:B4:E6:1F:04:B1:DA:0E:EB:18:D3:38:49:AD:96:0C:C0:D0"}}},"request":{"raw":"GET /.well-known/jufjjf/images/letter.jpg HTTP/1.1\r\nHost: xioamigpscar.cheetahcar.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 08 Jun 2026 12:26:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 18 May 2026 19:20:18 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1350\r\ndate: Mon, 01 Jun 2026 12:26:55 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1350,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 40x32, components 3","md5":"9c7b739e4b2167f1f0b552a4cad2fc1e","sha1":"9ed7c9eeec6cf51894cb736f6054635b6b7a7980","sha256":"b1f6129a9cfdf5d953553d6a0f2ece97abab9b2c8fd7240faef98c4aeaa85979","sha512":"14584992e366b49c092d5fe03f000b6eebe268108403d255f678cebb975fd2369699245c563054463a10aef49fcf6e89d382673c61c45a57136cea13e60d167b","ssdeep":"","tlshash":"0921d50dfb076e20dee3966f4980d2a2e1cc52cd716713831ab3d1a1f9c0dd8454491c","first_seen":"2023-11-03T15:34:48Z","last_seen":"2026-06-04T07:33:03.417433Z","times_seen":14,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"xioamigpscar.cheetahcar.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"test.chohantextile.com/favicon.ico","fqdn":"test.chohantextile.com","domain":"chohantextile.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://test.chohantextile.com/.well-known/pki-validation/-/rf.htm","date":"2026-06-01T12:26:55.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"test.chohantextile.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 01 Dec 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9D:0E:7B:BB:73:C1:10:FC:F0:7C:2C:F7:A6:62:F7:24:84:C3:82:ED","sha256":"57:65:84:F2:42:6C:4E:86:FD:FB:5D:89:93:52:29:BF:86:5E:65:9D:8F:DE:62:94:6B:B2:78:A1:B9:09:2A:57"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: test.chohantextile.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://test.chohantextile.com/.well-known/pki-validation/-/rf.htm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T20:09:47.269697Z","times_seen":16189918,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"test.chohantextile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"test.chohantextile.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"test.chohantextile.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"test.chohantextile.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xioamigpscar.cheetahcar.shop/.well-known/jufjjf/","fqdn":"xioamigpscar.cheetahcar.shop","domain":"cheetahcar.shop","tld":"shop"},"ip":{"addr":"5.144.130.187","port":443,"asn":59441,"as":"NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)","country":"Iran","country_code":"IR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-01T12:26:55.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xioamigpscar.cheetahcar.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:51:59 GMT","end":"Fri, 07 Aug 2026 07:51:58 GMT"},"fingerprint":{"sha1":"FC:8B:F6:71:C8:9C:D6:9A:37:AD:CC:50:52:70:94:EE:77:EF:1D:22","sha256":"E2:6E:81:FB:3F:32:57:D8:BA:BF:A1:4A:DE:17:82:B4:E6:1F:04:B1:DA:0E:EB:18:D3:38:49:AD:96:0C:C0:D0"}}},"request":{"raw":"GET /.well-known/jufjjf/ HTTP/1.1\r\nHost: xioamigpscar.cheetahcar.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://test.chohantextile.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 1774\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 01 Jun 2026 12:26:55 GMT\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":5963,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"acfcfed3d097105f9b7d049e4d453c08","sha1":"528033bad45a042adbb2875a61bd42afbb0a9f92","sha256":"b1e11e39de88d35aa71a531c5e862fe655f1da748711831058df70c0236ca82c","sha512":"b647d53a56e1481a0f5175c95d42faa5fa9c567106bfc4998d96d1626baa396f548aeed08f242036f8f78903f706fab9fb89dbecf0db6a22b1e7683be8be951d","ssdeep":"96:nS0qwbe2aSx3Xxxh3ZhSMN5J+Ip44qwzKsoUqlO5GYxAu:nS0qwatuxzrBzqJwZ5bxAu","tlshash":"67c1be3015f4042742d7c695ba652e1baf91e6178a1b4a04b6fc0fda1fe3e83cd6325e","first_seen":"2026-05-08T08:58:17.234027Z","last_seen":"2026-06-04T07:33:03.416399Z","times_seen":6,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":284,"dns":33,"connect":120,"send":0,"wait":142,"receive":0,"ssl":129},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"xioamigpscar.cheetahcar.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xioamigpscar.cheetahcar.shop/.well-known/jufjjf/css/bootstrap.min.css","fqdn":"xioamigpscar.cheetahcar.shop","domain":"cheetahcar.shop","tld":"shop"},"ip":{"addr":"5.144.130.187","port":443,"asn":59441,"as":"NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/","date":"2026-06-01T12:26:55.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.xioamigpscar.cheetahcar.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:51:59 GMT","end":"Fri, 07 Aug 2026 07:51:58 GMT"},"fingerprint":{"sha1":"FC:8B:F6:71:C8:9C:D6:9A:37:AD:CC:50:52:70:94:EE:77:EF:1D:22","sha256":"E2:6E:81:FB:3F:32:57:D8:BA:BF:A1:4A:DE:17:82:B4:E6:1F:04:B1:DA:0E:EB:18:D3:38:49:AD:96:0C:C0:D0"}}},"request":{"raw":"GET /.well-known/jufjjf/css/bootstrap.min.css HTTP/1.1\r\nHost: xioamigpscar.cheetahcar.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xioamigpscar.cheetahcar.shop/.well-known/jufjjf/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Mon, 08 Jun 2026 12:26:55 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 18 May 2026 19:20:18 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 16575\r\ndate: Mon, 01 Jun 2026 12:26:55 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":111622,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (64996), with CRLF line terminators","md5":"aa53b07798cad16cf12d50ac2653897d","sha1":"ae0cfa0e98360d49f011785f76280b4756a8ab76","sha256":"53ca2d953a5d8c48b468ee55d9b64223ed1b37ee221a9dfe308e10c55ad3db90","sha512":"42776b23bec19143bb0ab95f779167ff67dc0a1d417cb7e69efe867ae395dcc0586554861e0e1e59a4accb1fbede58cb8f7ffd38d85a16d16400f2f24e551399","ssdeep":"768:0JvfAUVt7UY5I6iHNEs6l7mZqNULbZbn5MN/00+zTg0wd0nnK604DQYaT:gnjI6iHNEs6Sqed53Xpnno4k","tlshash":"71b3a560b61031aa7063c65d70e0ed872719a053e52b4fb7f66b3ae48b495ce1733f1a","first_seen":"2023-11-03T15:34:47Z","last_seen":"2026-06-04T07:33:03.410861Z","times_seen":14,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"xioamigpscar.cheetahcar.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"xioamigpscar.cheetahcar.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}