{"report_id":"bc3d140b-891c-4315-b714-526f93660bd1","version":6,"status":"done","tags":[],"date":"2026-04-12T12:44:45Z","url":{"schema":"http","addr":"a.gobookroom.com","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":0,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"final":{"url":{"schema":"https","addr":"a.gobookroom.com/#/home","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"title":"Airbnb","dom":{"size":24296,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (23669)","md5":"ddf2793ad0de38fe616aeb7983d27982","sha1":"6df524beedbe6ab3e04bc06a46ea71d8070f4c4c","sha256":"0e9b122699edccac999a51496676968e5fc821d6e356610b9407a65e5aaf071e","sha512":"c65fb1eeb3fd3a0b671c3c7525ebb4779225f709b5359c982e2d40a589e15b7c80e3c98fc7fd13d98ffa13740eff9bfa710aad5b39b253f9d6e50c17e42fc874","ssdeep":"384:m9sUJZNYyIBypyfXT3R+sBhyt2yfy/eUv8XmyCXtlovwv6:IsUJZmyIBypyfXT3R+sBhyYyfy/eUv8p","tlshash":"b3b20321a5151477027bc8e8f620af8eb9dbeb8ac25e84011ebc53805ff7e74785d6b1","dom_hash":"domhash56ddc7456a6ac1012419c49d368c99a0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"a.gobookroom.com","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":0,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-17T12:44:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":24,"urlquery":0,"analyzer":6}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:22Z","timestamp":1775997862,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44326,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:22.755582+0000\",\"flow_id\":1339310719023948,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44326,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.113484+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:22Z","timestamp":1775997862,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44302,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:22.763095+0000\",\"flow_id\":283551923092140,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44302,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.113324+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:22Z","timestamp":1775997862,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44340,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:22.773975+0000\",\"flow_id\":2174381210385300,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44340,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.113556+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:22Z","timestamp":1775997862,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44342,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:22.777597+0000\",\"flow_id\":1883173837781985,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44342,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.113633+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:22Z","timestamp":1775997862,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44294,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:22.782345+0000\",\"flow_id\":429374652725750,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44294,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.113142+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:22Z","timestamp":1775997862,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44312,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:22.788250+0000\",\"flow_id\":1530801835916034,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44312,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.113410+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44366,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.002583+0000\",\"flow_id\":1998622558687485,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44366,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.364797+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44358,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.015079+0000\",\"flow_id\":2228703956734061,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44358,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.364653+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44354,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.017644+0000\",\"flow_id\":2129670600822824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44354,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.364584+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44380,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.021302+0000\",\"flow_id\":1981532883816766,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44380,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":4662,\"start\":\"2026-04-12T12:44:22.364862+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44362,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.025222+0000\",\"flow_id\":857402503499971,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44362,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-04-12T12:44:22.364739+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":44350,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.039467+0000\",\"flow_id\":2166568664862617,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":44350,\"dest_ip\":\"47.79.48.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"xjpdata1.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.364441+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58668,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.211906+0000\",\"flow_id\":294731722952336,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58668,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.560784+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58636,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.215737+0000\",\"flow_id\":2066203869089085,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58636,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":905,\"bytes_toclient\":4662,\"start\":\"2026-04-12T12:44:22.560445+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58630,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.221034+0000\",\"flow_id\":2123472963013763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58630,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-04-12T12:44:22.560259+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58654,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.226321+0000\",\"flow_id\":1399259872529947,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58654,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.560667+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58642,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.230832+0000\",\"flow_id\":1367885136432556,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58642,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.560556+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58682,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.234140+0000\",\"flow_id\":651059389697792,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58682,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.560896+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58706,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.461721+0000\",\"flow_id\":740218615783996,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58706,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.811580+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58736,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.468393+0000\",\"flow_id\":281413029356392,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58736,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.811880+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58722,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.468524+0000\",\"flow_id\":2052855110722330,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58722,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.811802+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58694,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.479980+0000\",\"flow_id\":613611569832330,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58694,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.811402+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58714,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.480502+0000\",\"flow_id\":179025303986831,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58714,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.811663+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-12T12:44:23Z","timestamp":1775997863,"ip_dst":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":58740,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-12T12:44:23.486779+0000\",\"flow_id\":933384769921961,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58740,\"dest_ip\":\"47.79.48.250\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echoali.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-12T12:44:22.811945+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"a.gobookroom.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"a.gobookroom.com","ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"domain_registered":"2025-10-26","domain_rank":0,"first_seen":"2026-01-14T14:00:41.705401Z","last_seen":"2026-01-14T14:00:41.705401Z","alert_count":54,"request_count":9,"received_data":691192,"sent_data":4022,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-11-02T12:34:44.617798Z","last_seen":"2026-04-06T13:09:24.738101Z","alert_count":0,"request_count":15,"received_data":5020761,"sent_data":7150,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"hotelapi.1688so.com","ip":{"addr":"47.77.180.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-12T02:14:13.339538Z","last_seen":"2026-04-12T02:14:40.608753Z","alert_count":0,"request_count":4,"received_data":13422,"sent_data":2196,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]},{"fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-11-02T12:34:44.616471Z","last_seen":"2026-04-06T13:12:47.614624Z","alert_count":0,"request_count":6,"received_data":22982,"sent_data":2827,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"a.gobookroom.com/registerSW.js","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"402b66900e731ca748771b6fc5e7a068","sha1":"4885b2351b933169986c36026a3750148595d78b","sha256":"e12c8db54e3cc247034427f2b661b305a78fea7e7cdec1eac179fecec3da0fc7","sha512":"0cdad95e40381cf3332f8e5bc1be8eee9e5564106fcd345c777584c155b29bb7b2f0426acc0a28d7d12e20d56d0e804c3b21eb69585ddf6f57ce4a29c3fd740a","ssdeep":"","tlshash":"69c02b5dca4dcc3e0830b1314d0bbb07231f434980c0004007f2030090c3814d0aa483","size":136,"data":"","first_seen":"2023-07-12T15:38:17Z","last_seen":"2026-04-12T15:11:01.751836Z","times_seen":160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.gobookroom.com/assets/index-DcsbyhMn.js","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":false,"md5":"91e085786a1caa892286f6d6518eab71","sha1":"07de6fa85ea24296ace4372aab5640626009abc7","sha256":"9d0d54e2461333607f1a5464fc17a697f579dd20eebae2fb83ec93417e4f66ae","sha512":"f9330138f6bea5dc292536fdb5381f33bc8d922d5d55f0279731b87535e6b238f70128162c738cd41f9f0ec2fe44aec5b71dd161fe22d1aefbaeeba39eaf9530","ssdeep":"12288:F2EKQn48HuDRVVhZ3g+q0kHDe11N28EPf9dMe2z/BeD:FbKQ48kpvq0k+nEPf52zJeD","tlshash":"34945b997186b43743f71ad650bb0502b3791a44740dc8e4f1bc9dab3ab694842bbfbc","size":413293,"data":"","first_seen":"2026-04-11T14:05:23.772309Z","last_seen":"2026-04-12T13:08:58.796119Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"a.gobookroom.com/favicon.ico","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:21.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.gobookroom.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 27 Mar 2026 11:00:00 GMT","end":"Thu, 25 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"14:4D:87:A6:EC:8D:4F:E0:88:D6:A0:66:C1:56:1D:2D:5C:09:92:E9","sha256":"BF:4A:6C:E8:75:BD:4E:79:41:C8:8A:DC:E1:1A:3B:D0:7B:BA:34:99:1A:04:B7:62:5C:06:40:7A:7D:51:06:D2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: a.gobookroom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Apr 2026 12:44:21 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Wed, 18 Mar 2026 07:04:16 GMT\r\netag: \"69ba4e70-10be\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"33517106fc325ce3c5507bbf8830ec0f","sha1":"334e86dd53ee26f65165a283358733f753b14d59","sha256":"9ba669d9ce07a2d4689edadaf5178a3296442567f4006e8e0e7de94b845c4a81","sha512":"fb94c7d46bda7f42f5d4786b6150aa0ba25bf7f2fd49f19353ad871e001ce72afcf309de99c8011f7a261fcb2764d3057278dc6e38fe4aef686f3d104a7d9a9f","ssdeep":"48:aQhWcl76JKXTqVTWWx1iWMMfIfc2j8LMm+x3Ij:aQ576IXGVHvP2pQ+x3+","tlshash":"0f91765239264f01cb1dcf36cdeac73b319d3e5e9f84153e7814b6018f25a8aac1a709","first_seen":"2023-04-18T21:08:20Z","last_seen":"2026-04-12T13:08:58.78218Z","times_seen":495,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"a.gobookroom.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/37.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/37.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 486145\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A7AA029835356CCA78\r\nAccept-Ranges: bytes\r\nETag: \"D507AA276CD59778EB683A5DB459BC3A\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:45 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17247940849221048675\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 1QeqJ2zVl3jraDpdtFm8Og==\r\nx-oss-server-time: 11\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":486145,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGB, non-interlaced","md5":"d507aa276cd59778eb683a5db459bc3a","sha1":"d1a92ebe5d106d7514ad8eb30b147fedff470fe4","sha256":"cd0d72d7a445d0ab11550c4abb49715a9ea3a5da7c917c21f25f458d178e780e","sha512":"b9f86b933299105b61fe56614675ef2d0a8734acb085f86c04a93e37f0358ec214b9d72a83e5934fac050f27c4d710dd82bb318073384646c00d8330b0456c06","ssdeep":"12288:LgfH847k6RzZkpBPL0M4AyddzFHuCuhs8mtWUXpt:+9k6RWpd4Ayf2SWU5t","tlshash":"3fa423963fc3dce47d3fb156b59aad2b3296389e48db284490598a04b3dfed0cd209d1","first_seen":"2025-12-14T14:15:46.617074Z","last_seen":"2026-04-12T12:44:50.902199Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2545,"timings":{"blocked":-1,"dns":22,"connect":335,"send":0,"wait":346,"receive":1168,"ssl":675},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/93.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/93.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 580299\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A86B4B1335360C1B69\r\nAccept-Ranges: bytes\r\nETag: \"B424168EC56F2CCA0A3E71AAAEBD6C69\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:39 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4748700528057404800\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: tCQWjsVvLMoKPnGqrr1saQ==\r\nx-oss-server-time: 16\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":580299,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 449, 8-bit/color RGB, non-interlaced","md5":"b424168ec56f2cca0a3e71aaaebd6c69","sha1":"b4d9d55d344407ba381e07e7b67f78b6442440bb","sha256":"7580418539035c002d5c29f071166b01abe809f175a10ebbd16b67531bcebf1c","sha512":"1f932e98750592ca1a39d76b4d32fd0381f7274e706624bccfac8c5f6636aba145035d56b70300222d2373fa8b44786b1cda5a70feb8723f0bfa433ab9044c76","ssdeep":"12288:O52D8Jl/4Ltf+lkYNMH6gH8RWOmDDOJOzx0FB6hUkkTDmcE:Ku2lQ+lpNk6g0HmDDOJKxC6+kUe","tlshash":"79c42387e8d58ae2b43acf969cc4343f8f0e5130d13a55c5ad63c4251adde9b612d22f","first_seen":"2025-12-14T01:58:55.667946Z","last_seen":"2026-04-12T13:08:58.784406Z","times_seen":9,"resource_available":false,"data":null}},"time_used":2898,"timings":{"blocked":1679,"dns":0,"connect":0,"send":0,"wait":355,"receive":864,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/89.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/89.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 600568\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A8AA029838399CCD78\r\nAccept-Ranges: bytes\r\nETag: \"E860F8FDFC60CC901C6DA6AEA07B2102\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:40 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9341440063851319837\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 6GD4/fxgzJAcbaauoHshAg==\r\nx-oss-server-time: 21\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":600568,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced","md5":"e860f8fdfc60cc901c6da6aea07b2102","sha1":"8161449ae254e9e286d741ff137efc4b1d7b4136","sha256":"b7990e14f0296ac32560e96c3e12687f2eb3b8b85461c26fecba64e623529cd9","sha512":"c9dc03c0a6c9f6452413604a4e9911221ac240fefb753d9486bca71f2fa50ec386063f934920595ae7f8f052064d459aaf2e03a3a954e1ab4df00feca510abf4","ssdeep":"12288:SJ01EllRRAYZDh7NafRc0V7BMLCU03APmU221jMZmC:SSkR5Dh7IfRnV72CU03+5BMYC","tlshash":"ded4239aa1d71c5c623406febdf60bc488230ffb2f9ad7492e7542a1a7a50010c59fb7","first_seen":"2025-12-14T01:56:37.296586Z","last_seen":"2026-04-12T12:44:50.909149Z","times_seen":11,"resource_available":false,"data":null}},"time_used":3193,"timings":{"blocked":2125,"dns":0,"connect":0,"send":0,"wait":367,"receive":701,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.gobookroom.com/assets/index-4OpOKF6X.css","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:20.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.gobookroom.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 27 Mar 2026 11:00:00 GMT","end":"Thu, 25 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"14:4D:87:A6:EC:8D:4F:E0:88:D6:A0:66:C1:56:1D:2D:5C:09:92:E9","sha256":"BF:4A:6C:E8:75:BD:4E:79:41:C8:8A:DC:E1:1A:3B:D0:7B:BA:34:99:1A:04:B7:62:5C:06:40:7A:7D:51:06:D2"}}},"request":{"raw":"GET /assets/index-4OpOKF6X.css HTTP/1.1\r\nHost: a.gobookroom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Apr 2026 12:44:20 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 18 Mar 2026 07:04:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ba4e72-3f308\"\r\nexpires: Mon, 13 Apr 2026 00:44:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":258824,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65200), with no line terminators","md5":"ffe7e2e052f27f8e96d9521aae7f24d2","sha1":"fd0c42d334e4cabe12ec208a31eda51d6f2402bb","sha256":"5cbd6663a342946a5ffb46bdc9ebcf22d3bf01187d085bda3fa3bccbdfb24509","sha512":"0aa2a10605c0328059df8053e7350243200f045e992e039b0524cb734a4ad624beb6e0567b65ee7ec98385175348acb62637e8a44cc81f1f87945cdf790f51f3","ssdeep":"1536:+CwsBlDOFIxuVoxoZpbjIyNBi3MFYaQj7FCwsBlDOFIxuVoxvPxkLwG1Al5aBzvW:+ClDsIxuVSoZpbNNIClDsIxuVS2Y4H2","tlshash":"46440759e69090bcbf27f175ab8b56dcf13cf960ed02caa4f10261590ec7bf5062361a","first_seen":"2025-12-14T01:45:04.048697Z","last_seen":"2026-04-12T13:08:58.816445Z","times_seen":64,"resource_available":false,"data":null}},"time_used":841,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":841,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"a.gobookroom.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hotelapi.1688so.com/api/common/getSetting","fqdn":"hotelapi.1688so.com","domain":"1688so.com","tld":"com"},"ip":{"addr":"47.77.180.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:21.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hotelapi.1688so.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 08:25:24 GMT","end":"Mon, 15 Jun 2026 08:25:23 GMT"},"fingerprint":{"sha1":"E5:54:47:B4:5F:43:D0:3B:7C:06:85:3D:DC:BB:EB:88:2E:81:FC:2B","sha256":"54:06:DA:B3:08:23:B7:B0:F2:B9:DE:43:EB:51:DD:9E:00:9F:12:36:87:2F:AC:56:47:9B:9E:3F:9C:7D:3B:24"}}},"request":{"raw":"OPTIONS /api/common/getSetting HTTP/1.1\r\nHost: hotelapi.1688so.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang\r\nReferer: https://a.gobookroom.com/\r\nOrigin: https://a.gobookroom.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 12:44:21 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://a.gobookroom.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: content-type, lang\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T18:55:58.746745Z","times_seen":13673560,"resource_available":true,"data":null}},"time_used":913,"timings":{"blocked":373,"dns":42,"connect":162,"send":0,"wait":163,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hotelapi.1688so.com/api/common/getSetting","fqdn":"hotelapi.1688so.com","domain":"1688so.com","tld":"com"},"ip":{"addr":"47.77.180.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:21.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hotelapi.1688so.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 08:25:24 GMT","end":"Mon, 15 Jun 2026 08:25:23 GMT"},"fingerprint":{"sha1":"E5:54:47:B4:5F:43:D0:3B:7C:06:85:3D:DC:BB:EB:88:2E:81:FC:2B","sha256":"54:06:DA:B3:08:23:B7:B0:F2:B9:DE:43:EB:51:DD:9E:00:9F:12:36:87:2F:AC:56:47:9B:9E:3F:9C:7D:3B:24"}}},"request":{"raw":"POST /api/common/getSetting HTTP/1.1\r\nHost: hotelapi.1688so.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nLang: en\r\nContent-Length: 13\r\nOrigin: https://a.gobookroom.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":13,"data":"{\"Lang\":\"en\"}"}},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 12:44:21 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://a.gobookroom.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4235,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"98d294b8e7b4ff5179c8ad08e100a299","sha1":"4c79a8d2eeeb3e81ee1162594edc8e46a28cc3ff","sha256":"2adf580e22fe23dc187b96563c36f836c51c50b4204dbb88207ab135ad373e21","sha512":"e457c26bb65503affdf8db6982ad4bf0c5670a20b71232bfa845ba5ba384ec0eba755426b8bb7d72b78f1d32e4af9269e751ee2a7b175bdc719017d3cbe34fb0","ssdeep":"96:GGEbsqTIppqssRpq4f9q55CPtRGTuRb/GRgWRdWRSERSGRfoRmnqx6kIPU4wWRGH:GVwe4pRWp5lqAdDAPG3pCmqxzIsAwpn","tlshash":"5f9141063bad8c7a07a719d20919ba55b74d37f7d89ce849e4c5fd4c80e9fb8680f004","first_seen":"2026-01-31T20:19:10.785247Z","last_seen":"2026-04-12T13:08:58.803673Z","times_seen":14,"resource_available":false,"data":null}},"time_used":713,"timings":{"blocked":-1,"dns":44,"connect":165,"send":0,"wait":169,"receive":0,"ssl":170},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/home.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/home.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 3082\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A7385D5B34347CFB62\r\nAccept-Ranges: bytes\r\nETag: \"E1EB99A24F304844964116EC9CB154FE\"\r\nLast-Modified: Thu, 16 Oct 2025 08:24:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4637394685576909661\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4euZok8wSESWQRbsnLFU/g==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3082,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"e1eb99a24f304844964116ec9cb154fe","sha1":"9aa75ca02ee519b33c7c0e2d8ca7911cd5729c63","sha256":"1233a1d7579c693125626297bf4ec6c2dc9349bf653f73f651e297c99b7965b8","sha512":"4b732c27d8f9b62a644a064361d539fb33550660f68aa7b8f9d9f37b6a615c3dfab9d41ed0f5a561d85a7bec83d3b458eace48ebd793e3574b3f025bd1d7134e","ssdeep":"","tlshash":"25515de4235c74fc5365c7f71572dae40b3a671213a6ca27137b192bea583332ba5a30","first_seen":"2025-12-14T01:45:04.068654Z","last_seen":"2026-04-12T13:08:58.798398Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2389,"timings":{"blocked":1028,"dns":33,"connect":331,"send":0,"wait":333,"receive":0,"ssl":662},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/customer.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/customer.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 4291\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A7D72D20343179F02A\r\nAccept-Ranges: bytes\r\nETag: \"E289B43F0B88D55B69CFF35A1507BC44\"\r\nLast-Modified: Thu, 16 Oct 2025 08:24:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11706460479237413874\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4om0PwuI1Vtpz/NaFQe8RA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4291,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"e289b43f0b88d55b69cff35a1507bc44","sha1":"3fd484284ffc2c0795dcce5f7dc13cb13f55c18d","sha256":"d369d0059f79653892ea78153e544d697d01a655a2ca26892d499382a41990b8","sha512":"2695752519d25f039442ab5da4e60e4f35385ceedcdb95ec2d30172a026dee285dda0d0e12ec177bfc7a9d8b9f92e4e983b3ff851161e6efa05d29e81571dce5","ssdeep":"96:VnSAN0G+9c06GKWSQSNsWeWqzMPtM9OvoB4z:VnSAN0G+9cxGyrKatUOvp","tlshash":"18917ff9b697627b15d9a623c0884d28b6310be2c644cf40f094c9bc731b9e0eecac57","first_seen":"2025-12-14T01:45:04.032093Z","last_seen":"2026-04-12T13:08:58.806475Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2329,"timings":{"blocked":1001,"dns":27,"connect":323,"send":0,"wait":326,"receive":0,"ssl":649},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.gobookroom.com/registerSW.js","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:20.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.gobookroom.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 27 Mar 2026 11:00:00 GMT","end":"Thu, 25 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"14:4D:87:A6:EC:8D:4F:E0:88:D6:A0:66:C1:56:1D:2D:5C:09:92:E9","sha256":"BF:4A:6C:E8:75:BD:4E:79:41:C8:8A:DC:E1:1A:3B:D0:7B:BA:34:99:1A:04:B7:62:5C:06:40:7A:7D:51:06:D2"}}},"request":{"raw":"GET /registerSW.js HTTP/1.1\r\nHost: a.gobookroom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Apr 2026 12:44:20 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 136\r\nlast-modified: Wed, 18 Mar 2026 07:04:18 GMT\r\netag: \"69ba4e72-88\"\r\nexpires: Mon, 13 Apr 2026 00:44:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"402b66900e731ca748771b6fc5e7a068","sha1":"4885b2351b933169986c36026a3750148595d78b","sha256":"e12c8db54e3cc247034427f2b661b305a78fea7e7cdec1eac179fecec3da0fc7","sha512":"0cdad95e40381cf3332f8e5bc1be8eee9e5564106fcd345c777584c155b29bb7b2f0426acc0a28d7d12e20d56d0e804c3b21eb69585ddf6f57ce4a29c3fd740a","ssdeep":"","tlshash":"69c02b5dca4dcc3e0830b1314d0bbb07231f434980c0004007f2030090c3814d0aa483","first_seen":"2023-07-12T15:38:17Z","last_seen":"2026-04-12T15:11:01.751836Z","times_seen":160,"resource_available":true,"data":null}},"time_used":841,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":840,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"a.gobookroom.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/my.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/my.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 3723\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A7AA02983732DBC878\r\nAccept-Ranges: bytes\r\nETag: \"641DEA216B82F4245567563CD4A7894E\"\r\nLast-Modified: Thu, 16 Oct 2025 08:24:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17593974541650285707\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZB3qIWuC9CRVZ1Y81KeJTg==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3723,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"641dea216b82f4245567563cd4a7894e","sha1":"026529cbffea031034aa30b5557a761a1435fbe1","sha256":"4085d0dd4ef72cf23cb764323250587bfe5847d4e0bee0541fe94377064431c2","sha512":"4d0b1f07c4a9342c998f22516cc5a9c69f189c75b94ffd016459dfe452e12ccd6797ee07798f8257c4114aedd2666be08931255fe0e63fe4cc7426366591ef42","ssdeep":"","tlshash":"807182fa74926ab3a2d8107bc2491d6473a256eac350cf40e55269bc3b1b4f1fcc8d67","first_seen":"2025-12-14T01:45:04.056614Z","last_seen":"2026-04-12T13:08:58.831447Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2364,"timings":{"blocked":1015,"dns":26,"connect":328,"send":0,"wait":332,"receive":0,"ssl":659},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.gobookroom.com/images/home/house.avif","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.gobookroom.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 27 Mar 2026 11:00:00 GMT","end":"Thu, 25 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"14:4D:87:A6:EC:8D:4F:E0:88:D6:A0:66:C1:56:1D:2D:5C:09:92:E9","sha256":"BF:4A:6C:E8:75:BD:4E:79:41:C8:8A:DC:E1:1A:3B:D0:7B:BA:34:99:1A:04:B7:62:5C:06:40:7A:7D:51:06:D2"}}},"request":{"raw":"GET /images/home/house.avif HTTP/1.1\r\nHost: a.gobookroom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Apr 2026 12:44:22 GMT\r\ncontent-type: image/avif\r\ncontent-length: 3035\r\nlast-modified: Wed, 18 Mar 2026 07:04:16 GMT\r\netag: \"69ba4e70-bdb\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3035,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"e3268508fae4ba979f054ccf9058124b","sha1":"57e593c7fc4c4ac0dd2c537416c53442e9c858d4","sha256":"486793b37452fb4f697b77bc24f12648bf1eae97fb3e59615564221efcebc3ec","sha512":"c666aae7142007147014d89bd86bdfc342bbe434d0b3dbc8cd27c052668f9492a23b0ec4840105e8973f16190c3cf14447cea3bdf832c921d4cf23a61e8cbd00","ssdeep":"","tlshash":"f9511c3cd2bdcf8bc05f023345cb5411197ce32d966396256e02739e86b8372c6b5d48","first_seen":"2025-06-22T04:09:28.167002Z","last_seen":"2026-04-12T13:08:58.792582Z","times_seen":144,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"a.gobookroom.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hotelapi.1688so.com/api/hotel/list","fqdn":"hotelapi.1688so.com","domain":"1688so.com","tld":"com"},"ip":{"addr":"47.77.180.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hotelapi.1688so.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 08:25:24 GMT","end":"Mon, 15 Jun 2026 08:25:23 GMT"},"fingerprint":{"sha1":"E5:54:47:B4:5F:43:D0:3B:7C:06:85:3D:DC:BB:EB:88:2E:81:FC:2B","sha256":"54:06:DA:B3:08:23:B7:B0:F2:B9:DE:43:EB:51:DD:9E:00:9F:12:36:87:2F:AC:56:47:9B:9E:3F:9C:7D:3B:24"}}},"request":{"raw":"OPTIONS /api/hotel/list HTTP/1.1\r\nHost: hotelapi.1688so.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang\r\nReferer: https://a.gobookroom.com/\r\nOrigin: https://a.gobookroom.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 12:44:22 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://a.gobookroom.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: content-type, lang\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T18:55:58.746745Z","times_seen":13673560,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hotelapi.1688so.com/api/hotel/list","fqdn":"hotelapi.1688so.com","domain":"1688so.com","tld":"com"},"ip":{"addr":"47.77.180.151","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hotelapi.1688so.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 08:25:24 GMT","end":"Mon, 15 Jun 2026 08:25:23 GMT"},"fingerprint":{"sha1":"E5:54:47:B4:5F:43:D0:3B:7C:06:85:3D:DC:BB:EB:88:2E:81:FC:2B","sha256":"54:06:DA:B3:08:23:B7:B0:F2:B9:DE:43:EB:51:DD:9E:00:9F:12:36:87:2F:AC:56:47:9B:9E:3F:9C:7D:3B:24"}}},"request":{"raw":"POST /api/hotel/list HTTP/1.1\r\nHost: hotelapi.1688so.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nLang: en\r\nContent-Length: 13\r\nOrigin: https://a.gobookroom.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":13,"data":"{\"Lang\":\"en\"}"}},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 12:44:22 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://a.gobookroom.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7281,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"2c33efa35048c4ab4846c4848ed2ae83","sha1":"1e6296420aa0c5bc9fe216920403762c199273a0","sha256":"0364d0d1cf99d33f84022636f1e4099de2feab4ba312065acd693974b8baaac5","sha512":"68089d966c8402e156fc4adac6355e5b5f22ac93337c56354cd9f5cbc4410d02fc39df5186a7b816d13f08a4b7a60ac27e073fcba64e73f1d82cf375df30479b","ssdeep":"96:7C14wUCA1HpAt3fDsz9osoX/2ADktBQIqj5f+B3FEl0qxN8xg2xEJHctpHAGBqXp:V/AhDtI/i+34RaxjEJ8t5L4XiyN","tlshash":"b2e1ed9b9ba81c3993051ee21d8f6748fbc8261bf5e4dfc99ca5ce0482c47de412ec59","first_seen":"2026-04-12T12:44:50.917586Z","last_seen":"2026-04-12T12:44:50.917586Z","times_seen":1,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/home1.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/home1.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 1191\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A77049483132EE56A8\r\nAccept-Ranges: bytes\r\nETag: \"D80D8D4699306EB835E92CD085DFA366\"\r\nLast-Modified: Thu, 16 Oct 2025 08:24:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5206745154651921785\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 2A2NRpkwbrg16SzQhd+jZg==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1191,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 4-bit colormap, non-interlaced","md5":"d80d8d4699306eb835e92cd085dfa366","sha1":"22c9ce53c055b77414b50825d7589eb734446518","sha256":"4e145d96ec7f46267a39b6d1b6e69b68e07533b1ccf8d1c9296dfbadf8c02176","sha512":"c2fca5096e73511a59e7f790ec49734de68ccf29f4e492df1341e795a8bbfa24571aadd773c0299cfd9b049e8a1ecbc8d0c812335f77f228172920455728684e","ssdeep":"","tlshash":"ad21dddaa58b39c70fe55855a57a0cc7244baf5200626003d3f81f7d09665a707d0276","first_seen":"2025-12-14T01:45:04.044468Z","last_seen":"2026-04-12T13:08:58.80517Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2319,"timings":{"blocked":998,"dns":34,"connect":319,"send":0,"wait":323,"receive":0,"ssl":642},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/663.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/663.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 57949\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A9385D5B38333A0263\r\nAccept-Ranges: bytes\r\nETag: \"077C2F1897CC060969451BDF7B17475C\"\r\nLast-Modified: Thu, 06 Nov 2025 19:55:51 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18168358694154907091\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: B3wvGJfMBglpRRvfexdHXA==\r\nx-oss-server-time: 18\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":57949,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1000x662, components 3","md5":"077c2f1897cc060969451bdf7b17475c","sha1":"1b3ec135f6a7f066bc7086ad3a287f3069733d6b","sha256":"e61912c6cde479bd422846e1f019fd95d96ce99266163f1e5b517000d9073d06","sha512":"ad52e1f5640304804bf8e848db26c980bd488b451e8712e38ad23f292ccf6dbc4e603b8c2e70dc07a496094a69adbe07f34b5270cd9ad107eeb5c55b62eb0b41","ssdeep":"1536:I0T3HHJk2jTGtgb1q7nZ9fZSZ1orL/MWn6t:1XHJqeq7Zf81osWn6t","tlshash":"5b43f1130762a24d4e0ecfedba49acc236605bdc188001ba573d7874f7e567b8d68bd6","first_seen":"2026-04-12T12:44:50.920551Z","last_seen":"2026-04-12T12:44:50.920551Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2987,"timings":{"blocked":2590,"dns":0,"connect":0,"send":0,"wait":358,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/31.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/31.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 664863\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A96B4B133536BE1E69\r\nAccept-Ranges: bytes\r\nETag: \"3D9238140AB07C198A5574C6F522E636\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:46 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 302196864555797168\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: PZI4FAqwfBmKVXTG9SLmNg==\r\nx-oss-server-time: 43\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":664863,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGB, non-interlaced","md5":"3d9238140ab07c198a5574c6f522e636","sha1":"64c272a363b8237ad71b09333d479fe5b50473d0","sha256":"43d76726ad71c991259b19a9e31b09d0afe5ec14d2a6cebae94b10727cf39882","sha512":"8285a92f5d2b5daa13bdae629687ffb03a4cd4b785cb39fbf1dceea8e10bec00f0bbe935a0f7cfc0ec7338181380720dc44ca560c69f4c1fb6a5d789ea8e0fa2","ssdeep":"12288:e/t+VGFdzcYe5C9+IGRCx2Txc5jFE05BtRB3c9Sw9CPM9r1H8+w/A+MOVyblOY:ecVGFdzcYsCsIGK8a5Ft7tRBM9Sw91hZ","tlshash":"12e423bd96796e1b6bf1c69946de04a3e2f40c39e23071e13630de18198803767cdb6a","first_seen":"2025-12-17T18:43:07.808776Z","last_seen":"2026-04-12T12:44:50.922829Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3564,"timings":{"blocked":2880,"dns":0,"connect":0,"send":0,"wait":389,"receive":295,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.gobookroom.com/assets/135-CP4bxG8M.png","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.gobookroom.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 27 Mar 2026 11:00:00 GMT","end":"Thu, 25 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"14:4D:87:A6:EC:8D:4F:E0:88:D6:A0:66:C1:56:1D:2D:5C:09:92:E9","sha256":"BF:4A:6C:E8:75:BD:4E:79:41:C8:8A:DC:E1:1A:3B:D0:7B:BA:34:99:1A:04:B7:62:5C:06:40:7A:7D:51:06:D2"}}},"request":{"raw":"GET /assets/135-CP4bxG8M.png HTTP/1.1\r\nHost: a.gobookroom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Apr 2026 12:44:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 18 Mar 2026 07:04:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ba4e72-115c\"\r\nexpires: Tue, 12 May 2026 12:44:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4444,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"f6778c8472bbea9ec8806e34687b1ad8","sha1":"74cc3e958ae8da3acb1b42efbf85b3d20ba245a1","sha256":"76738987afbbbc063195879e79fac899b6074cf2d958b95410651b14585b52e5","sha512":"6c89f70dda3d59fc179782a47cfbdf39c32af1ff267ed061678354edd26dd69dccc508de91f7f2de1ded8f8f1cc98bbe7a419f5158cd1d10d736ba1096d61409","ssdeep":"96:xyB9tnsWny61I6v6NiOzdG13LACOvynqHaMhXsFQ:xyBsWy61I+yGVLivymaQ","tlshash":"02918dc6ac631e38f54b56b95d670021cdaac2ac9ccc053e23e31abb7f5860cb0894c3","first_seen":"2025-12-14T01:45:04.116655Z","last_seen":"2026-04-12T13:08:58.783291Z","times_seen":64,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"a.gobookroom.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/my1.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/my1.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 3438\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A75767583533246197\r\nAccept-Ranges: bytes\r\nETag: \"76278A1DAFF8D479F23A01BF67658A69\"\r\nLast-Modified: Sun, 09 Nov 2025 14:23:12 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6422691796259067573\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: dieKHa/41HnyOgG/Z2WKaQ==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3438,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"76278a1daff8d479f23a01bf67658a69","sha1":"46e94002063aef14b6e3be5233bf36c476e8a563","sha256":"ed2f4bbf55f3696a569332c57f0ff46ba5f7b590ed2e83d2ae130ea48918c52f","sha512":"cab8007b2290b10058f13c80c01457e52e88f4ed9b49fcd5a8f5f92427ca93ea8d6bca54e354c5e60bd178014f06f3e59a2b0dbe6e0a783ba2f9641480a36ee1","ssdeep":"","tlshash":"4b61e9476e3189e79d08d3948cf680147d53db08b6a6bd0754d65098c4e652f0fef9f8","first_seen":"2025-12-14T01:45:04.052063Z","last_seen":"2026-04-12T13:08:58.807765Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2414,"timings":{"blocked":1037,"dns":26,"connect":336,"send":0,"wait":339,"receive":0,"ssl":673},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/690.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/690.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 82569\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A8AA0298383940CC78\r\nAccept-Ranges: bytes\r\nETag: \"F9A7AC638F3784AE6AF65DB2675F684D\"\r\nLast-Modified: Thu, 06 Nov 2025 19:55:49 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3989676797265119197\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: +aesY483hK5q9l2yZ19oTQ==\r\nx-oss-server-time: 12\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":82569,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 899x667, components 3","md5":"f9a7ac638f3784ae6af65db2675f684d","sha1":"dbdf26986712279ea8f9d9ba3c3164295b41cf3b","sha256":"c4c2d4dad6584617b9533c26f31e6b02f9f66c1ab231ddf31368dcfeca104d2b","sha512":"c1baedd7bb5050aa28cc9a53dba97a8647b5a5beea8978f78c2e503dd90e027fdfb25ec49f5762ea3fbbc07c313643c8c4190c3b19c0bece0a358bcb81d349a2","ssdeep":"1536:uicBjX3yVp/P2iWzL93Fs64caoKC3dkMcKlED11uKEWYRq1gAtEd8VeQvv:0BjX3yVp2iWt3Fs64cKC37EB1PzgAttJ","tlshash":"8d8312ffe1a383098f5efa856adba73d40fac2e56d5511200ad26da191e4c3b4f03c58","first_seen":"2025-12-15T02:19:03.992503Z","last_seen":"2026-04-12T12:44:50.925261Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2128,"timings":{"blocked":1704,"dns":0,"connect":0,"send":0,"wait":359,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.gobookroom.com/assets/index-DcsbyhMn.js","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:20.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.gobookroom.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 27 Mar 2026 11:00:00 GMT","end":"Thu, 25 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"14:4D:87:A6:EC:8D:4F:E0:88:D6:A0:66:C1:56:1D:2D:5C:09:92:E9","sha256":"BF:4A:6C:E8:75:BD:4E:79:41:C8:8A:DC:E1:1A:3B:D0:7B:BA:34:99:1A:04:B7:62:5C:06:40:7A:7D:51:06:D2"}}},"request":{"raw":"GET /assets/index-DcsbyhMn.js HTTP/1.1\r\nHost: a.gobookroom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Apr 2026 12:44:20 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 18 Mar 2026 07:04:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ba4e72-64e6d\"\r\nexpires: Mon, 13 Apr 2026 00:44:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":413293,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (43647)","md5":"91e085786a1caa892286f6d6518eab71","sha1":"07de6fa85ea24296ace4372aab5640626009abc7","sha256":"9d0d54e2461333607f1a5464fc17a697f579dd20eebae2fb83ec93417e4f66ae","sha512":"f9330138f6bea5dc292536fdb5381f33bc8d922d5d55f0279731b87535e6b238f70128162c738cd41f9f0ec2fe44aec5b71dd161fe22d1aefbaeeba39eaf9530","ssdeep":"12288:F2EKQn48HuDRVVhZ3g+q0kHDe11N28EPf9dMe2z/BeD:FbKQ48kpvq0k+nEPf52zJeD","tlshash":"34945b997186b43743f71ad650bb0502b3791a44740dc8e4f1bc9dab3ab694842bbfbc","first_seen":"2026-04-11T14:05:23.772309Z","last_seen":"2026-04-12T13:08:58.796119Z","times_seen":4,"resource_available":true,"data":null}},"time_used":424,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":424,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"a.gobookroom.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.gobookroom.com/images/home/balloon.avif","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.gobookroom.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 27 Mar 2026 11:00:00 GMT","end":"Thu, 25 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"14:4D:87:A6:EC:8D:4F:E0:88:D6:A0:66:C1:56:1D:2D:5C:09:92:E9","sha256":"BF:4A:6C:E8:75:BD:4E:79:41:C8:8A:DC:E1:1A:3B:D0:7B:BA:34:99:1A:04:B7:62:5C:06:40:7A:7D:51:06:D2"}}},"request":{"raw":"GET /images/home/balloon.avif HTTP/1.1\r\nHost: a.gobookroom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Apr 2026 12:44:22 GMT\r\ncontent-type: image/avif\r\ncontent-length: 2019\r\nlast-modified: Wed, 18 Mar 2026 07:04:16 GMT\r\netag: \"69ba4e70-7e3\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2019,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"86fbfa83bca571e8fe5e629f32680197","sha1":"4d41101cc375109edad0eb1efb91aecd899d3d8b","sha256":"4eb2ab91c9e81b3ea65355bc338246428a0146c4dff563d6ae3edb52cfa4cdc3","sha512":"831ef3647724d888ef43a0852283fd1337d16cafbacdea984be24b1e2bf7eed3d845677340f339b9555a8e2557c94d171e7c84ddce847464c148392cd17e40fa","ssdeep":"","tlshash":"cd413d5d23107c2fe00c07fccc5e12616fa097599293d923d051f4742b3ebb3d816a14","first_seen":"2025-06-22T04:09:28.250688Z","last_seen":"2026-04-12T13:08:58.829922Z","times_seen":129,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"a.gobookroom.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/18.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/18.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 379168\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A75767583339376397\r\nAccept-Ranges: bytes\r\nETag: \"C9A4A5F0D128643F754C7AFBF0B81540\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:47 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13218860687330764556\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: yaSl8NEoZD91THr78LgVQA==\r\nx-oss-server-time: 26\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":379168,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGB, non-interlaced","md5":"c9a4a5f0d128643f754c7afbf0b81540","sha1":"933bee69aa94ac76f0f1c8a54de523855fc03c1d","sha256":"dfeece2d243f8eb149036944e8a3310a490a476d1ad46e525ff41e1bcc213e6c","sha512":"d61600f8cb3af623b59e0072dd186959a76607968ff418292c80d0ba46da70d9f707ab3b005375a0d51a893c333d61f55af6c343dbd53c04f870b7805d39de0a","ssdeep":"6144:Z7798H5kV5V0qK2YmvUMI5JJ+OE+9e6igzQIBA9boVe2WXDm17Xtn6qHCXzY8MQv:N798ZZ2HdIfJvZiAtBA9b1ilEvXjMQv","tlshash":"4f84237cd1da41244741f9d80d28bb111f7fff69aed5422181ea8fbb5903a8f23085da","first_seen":"2025-12-14T01:58:55.661875Z","last_seen":"2026-04-12T12:44:50.928898Z","times_seen":8,"resource_available":false,"data":null}},"time_used":2376,"timings":{"blocked":-1,"dns":23,"connect":324,"send":0,"wait":356,"receive":1020,"ssl":653},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/6.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/6.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 682255\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A95767583431D46797\r\nAccept-Ranges: bytes\r\nETag: \"55452264D52088A9E133C25041D56629\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:43 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1270088563261013547\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: VUUiZNUgiKnhM8JQQdVmKQ==\r\nx-oss-server-time: 29\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":682255,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 450, 8-bit/color RGB, non-interlaced","md5":"55452264d52088a9e133c25041d56629","sha1":"ab5b624c2db3cca2e16bd211b4fcc40bf0038e63","sha256":"80124d63b25b3d6a6bd8faa815c20c6d101ac6b6117a3dcde522d903fcc576ba","sha512":"6cadc2fc0342dab0b17f94d2a6112c6b7bdeb65dd474f1d83c182dae5496f07a7770c676cb21f21190a17bfac76ae0e3a916f0bf044ff40373217506ca43d5fb","ssdeep":"12288:JNW/JHDQEkUnivuGISgtZb1gGpJYjZ1VxOVg8HvcXNN2yl51f5gyslasEKD1K:ChgUndZmGOT20dN2WHREUsEKQ","tlshash":"82e423d309fea73777e119b1be0e5f2a22a9263445af013d14720d6b74836b10d6b78c","first_seen":"2025-12-16T12:08:23.397244Z","last_seen":"2026-04-12T12:44:50.930545Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3274,"timings":{"blocked":2388,"dns":0,"connect":0,"send":0,"wait":368,"receive":518,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/47.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/47.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 76729\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A9AA02983535B4CE78\r\nAccept-Ranges: bytes\r\nETag: \"29B4C4EBC34B465A42F02FABEA758690\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:44 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15082676748465430752\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: KbTE68NLRlpC8C+r6nWGkA==\r\nx-oss-server-time: 13\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":76729,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 520x768, components 3","md5":"29b4c4ebc34b465a42f02fabea758690","sha1":"2f0b9fc73d486d8be9e13383ea12983968b96c29","sha256":"e462684d951955635c1748e4955a2f6e90f441c557e96aadb9e5e37380b8cc5e","sha512":"59db0d2f52013b0371db21c1607c27882756feb8f5875fb67f1f376cef17bda9f6de4fd8326057918b063543c59cafc3af0c9c4744fc87f9332bc07b6f1b9601","ssdeep":"1536:yqLYMNzgXXPFEqnLZq3YAZm1qNTE8CHQ7Rb7qtm4nY2TiF:DEX/ZqoALNTEJMetm46","tlshash":"fc73023353f79c53ee4e820f2d650a95b62698f33e820273da4ce19942855f7f9d2498","first_seen":"2025-12-14T02:48:36.472014Z","last_seen":"2026-04-12T12:44:50.932153Z","times_seen":8,"resource_available":false,"data":null}},"time_used":2920,"timings":{"blocked":2526,"dns":0,"connect":0,"send":0,"wait":356,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.gobookroom.com/","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-12T12:44:19.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.gobookroom.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 27 Mar 2026 11:00:00 GMT","end":"Thu, 25 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"14:4D:87:A6:EC:8D:4F:E0:88:D6:A0:66:C1:56:1D:2D:5C:09:92:E9","sha256":"BF:4A:6C:E8:75:BD:4E:79:41:C8:8A:DC:E1:1A:3B:D0:7B:BA:34:99:1A:04:B7:62:5C:06:40:7A:7D:51:06:D2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: a.gobookroom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Apr 2026 12:44:19 GMT\r\ncontent-type: text/html\r\ncontent-length: 597\r\nlast-modified: Wed, 18 Mar 2026 07:04:18 GMT\r\netag: \"69ba4e72-255\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":597,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"159d4075caad2b712dfa22099a5976bd","sha1":"e88924d4493d0739d3bb28b2aed12cb846f26623","sha256":"c0e6a08950f71e9b27f370d433c89b5dc05453bbf67690e4b2787dd9afba0e9b","sha512":"acfbf61d3e1393caa04ce3799a3a93cca1f2e1309b3f865082047ea8b577c1adff1a46d8e727a8fdda6f924a17db702437cedc1467f9ad4ff8e1aa9bc5476ddc","ssdeep":"","tlshash":"18f0ac86cca4c88a424043085cd1f0095e8b974a9b4a8c54befb20b98ec5b85cdeb478","first_seen":"2026-04-11T14:05:23.811858Z","last_seen":"2026-04-12T13:08:58.7906Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1116,"timings":{"blocked":453,"dns":23,"connect":208,"send":0,"wait":209,"receive":1,"ssl":218},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"a.gobookroom.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.gobookroom.com/images/home/consierge.avif","fqdn":"a.gobookroom.com","domain":"gobookroom.com","tld":"com"},"ip":{"addr":"102.223.72.62","port":443,"asn":328543,"as":"sun-asn","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.gobookroom.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 27 Mar 2026 11:00:00 GMT","end":"Thu, 25 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"14:4D:87:A6:EC:8D:4F:E0:88:D6:A0:66:C1:56:1D:2D:5C:09:92:E9","sha256":"BF:4A:6C:E8:75:BD:4E:79:41:C8:8A:DC:E1:1A:3B:D0:7B:BA:34:99:1A:04:B7:62:5C:06:40:7A:7D:51:06:D2"}}},"request":{"raw":"GET /images/home/consierge.avif HTTP/1.1\r\nHost: a.gobookroom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 12 Apr 2026 12:44:22 GMT\r\ncontent-type: image/avif\r\ncontent-length: 1788\r\nlast-modified: Wed, 18 Mar 2026 07:04:16 GMT\r\netag: \"69ba4e70-6fc\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1788,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"66cee10d0ed2a21573558b9b57d7d412","sha1":"215e00f2b9de5938ce2cd940859fcedfa2db9fe3","sha256":"863dd256dab3d695b96fc3cc58764bc22b277d7b1574d1b9a5073926517ca0d1","sha512":"7217b694d217619d3528556e4ec25d58be1fddfc708429b17f1c9c8033e6577a38e5dcccf19aa6ae7489c4cc0899286d48920b82281b68faa649851013275cbb","ssdeep":"","tlshash":"2e31d808d2a01e73cc7b43700d556b286b70642453eb7f57fc82b2ccaa95a7a4936e1a","first_seen":"2025-06-22T04:09:27.945048Z","last_seen":"2026-04-12T13:08:58.808953Z","times_seen":130,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"a.gobookroom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"a.gobookroom.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/67.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/67.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 356023\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A75767583431616397\r\nAccept-Ranges: bytes\r\nETag: \"6E961B06DAB41566CBEF9A7EDF6266A7\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:42 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1245198370486861687\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: bpYbBtq0FWbL75p+32Jmpw==\r\nx-oss-server-time: 28\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":356023,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGB, non-interlaced","md5":"6e961b06dab41566cbef9a7edf6266a7","sha1":"4040071ca88f872e001fcbc2a638387f6b5ed352","sha256":"6720e021a720a60536e743e36e6096d755aa6face2ae5fe195fb2ab553aa60cd","sha512":"9113fb3d71b1cfca615e958e157356a0c2f3d479344ce3b0dd5e8d7ef48217b8941ff93699846389d757581aff93ba7cdf5cc0585f03b0b8e9ba985ff07d2971","ssdeep":"6144:0p3kJ69qqBsYgiO2QFQwvhSW3tI2b1r+dvloojnyagR2tPJwX:f6gYgiO5+wvr3tImwd9ooj6R2s","tlshash":"647423831570a0791db92fa15cbac8d1d32c2b3b27dd0e5c2743683d26a25ad1dcbbd9","first_seen":"2025-12-14T15:08:59.070668Z","last_seen":"2026-04-12T12:44:50.935717Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2409,"timings":{"blocked":0,"dns":27,"connect":331,"send":0,"wait":366,"receive":1017,"ssl":667},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/287.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/287.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 85550\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A8385D5B3833220163\r\nAccept-Ranges: bytes\r\nETag: \"3BE72EE026CA777FF024B99F2BC53292\"\r\nLast-Modified: Thu, 06 Nov 2025 19:56:15 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5465163767537866749\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: O+cu4CbKd3/wJLmfK8Uykg==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":85550,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x768, components 3","md5":"3be72ee026ca777ff024b99f2bc53292","sha1":"0dd9a068349ec1ad6732b5e400fdc4fa19f5d9c4","sha256":"87b71d87a1deca26ab4836f9d24014be88692bbe0e29d59d0b9dd82b92723988","sha512":"b87bc5bfe4759461279c76c61be3bca6e25e873c67d1c9e5a7b88e968d4e83325a22eb50c1be8be56131522ee31065a937b4d79a7e7cb6df75c0863676279a99","ssdeep":"1536:k4+/yAGXx9n350Hi6XzzFy+ISPsgU2kqrIH4Dzdu0BkGv6Gzrh3/q9ujY6NpjdIk:I1GXXn3eXY+FLD9IHqJJNxjY6NpjSy5","tlshash":"a3830280666322c4152d3a7f8a63daf9b48e4f5aa0596470fd046e8fb532f36f81dcd4","first_seen":"2025-12-16T12:08:23.416065Z","last_seen":"2026-04-12T12:44:50.937578Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2582,"timings":{"blocked":2170,"dns":0,"connect":0,"send":0,"wait":346,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/48.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/48.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 491773\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A95767583339B86797\r\nAccept-Ranges: bytes\r\nETag: \"E08D0647267EA015CA2372DFCE3D2E35\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:44 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14012832673182391272\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4I0GRyZ+oBXKI3Lfzj0uNQ==\r\nx-oss-server-time: 34\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":491773,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 399, 8-bit/color RGB, non-interlaced","md5":"e08d0647267ea015ca2372dfce3d2e35","sha1":"b7220530f9ec4a646ae6e72ff47c1bfbcba9ac8c","sha256":"9b84a59e7a164bf088a37c6080b4d414b230026bd4137cc5aeb708462484ffe4","sha512":"dc2af080814ea073c062c1485875e0911567813c9de4a4fb83b8f9541f1e6cd7a007c47572b693e04357f9b0686d2b9c8711f7444ddcb724b5e14ad74124cea2","ssdeep":"12288:MXmB6nvytBPCHJXhl7efA8wv54iW4BQcXZXML0VMj0:M2oatBPGlyBwv+9kXlK90","tlshash":"4ba4233de4684049149da8ede4550a7dc9aa8fad17b62d036fbd2cf61fa1e921337830","first_seen":"2025-12-14T01:56:37.285057Z","last_seen":"2026-04-12T12:44:50.939163Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3105,"timings":{"blocked":2363,"dns":0,"connect":0,"send":0,"wait":366,"receive":376,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xjpdata1.oss-ap-southeast-1.aliyuncs.com/hotel/icon/customer1.png","fqdn":"xjpdata1.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/icon/customer1.png HTTP/1.1\r\nHost: xjpdata1.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 3966\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A76B4B1335303B1769\r\nAccept-Ranges: bytes\r\nETag: \"003CE952E289E29352A64F584A38BD22\"\r\nLast-Modified: Thu, 16 Oct 2025 08:24:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12253149167868013777\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ADzpUuKJ4pNSpk9YSji9Ig==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3966,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"003ce952e289e29352a64f584a38bd22","sha1":"2d934f92a69f5d3fde0fb024f1529f6e23a050da","sha256":"9f65b8b62d9e21d58e38b6bc86545d4896bdfe4bca5f16e3e9e3c73b5545c5cf","sha512":"5d3c9d8769ff5ed36ac407b3522aaa35e3514a1553adea4900dd82744c9ffbd45ddb63295d2de75ad903c95761dac32ec8bcb2ac923d6eaa9e43df107f72406b","ssdeep":"","tlshash":"b681290b1e715483cf4ac3300cf9b3b4694bc09852997ce75c41e58ad6e216b6a7f8a8","first_seen":"2025-12-14T01:45:04.050612Z","last_seen":"2026-04-12T13:08:58.791609Z","times_seen":64,"resource_available":false,"data":null}},"time_used":2396,"timings":{"blocked":1031,"dns":29,"connect":334,"send":0,"wait":333,"receive":0,"ssl":666},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_category/53.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_category/53.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 295130\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A7385D5B3833AEFC62\r\nAccept-Ranges: bytes\r\nETag: \"F307BD0E3B9BF2D30E55B70773383EF4\"\r\nLast-Modified: Thu, 06 Nov 2025 19:57:44 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10862269920715550664\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 8we9Djub8tMOVbcHczg+9A==\r\nx-oss-server-time: 23\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":295130,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGB, non-interlaced","md5":"f307bd0e3b9bf2d30e55b70773383ef4","sha1":"09329b103df58520ed70efc3b956deb70f142a01","sha256":"28f8de32968c9c30f26fc9b65bdef6e7cd7cd81a20d92e102c5b5cac159b914f","sha512":"009d3eb1c111d117ec0dc2150790a1271f8d4fb96ba6ac1b484b486194028ec4177cebca76179af4f58c0d06e1f63ce1a5de04c4bfa21393160ab6069751605e","ssdeep":"6144:QW4VDoeOnYIY0A6AcBX2BHMfw7TuZsC+YB2huw2HW9M4gNM75:0Dp8eRcBX2qfwmTUT2HGM5N+5","tlshash":"395423c00f2ac9bd6b5808d045c5bd1d29ab81c5ef4a77568c3812bca3a5bd6ad77f30","first_seen":"2025-12-16T06:49:53.633814Z","last_seen":"2026-04-12T12:44:50.941247Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2194,"timings":{"blocked":0,"dns":34,"connect":329,"send":0,"wait":352,"receive":818,"ssl":661},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/765.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/765.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 83683\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A76B4B1335367A1869\r\nAccept-Ranges: bytes\r\nETag: \"A62A06809D6A3741AFB688401FE31072\"\r\nLast-Modified: Thu, 06 Nov 2025 19:55:45 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17006270841988576748\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: pioGgJ1qN0GvtohAH+MQcg==\r\nx-oss-server-time: 13\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":83683,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x768, components 3","md5":"a62a06809d6a3741afb688401fe31072","sha1":"1acdf7d23fcf9674a956ed5e0e573abe18b387f7","sha256":"00070d3c17b55dd4b66fdd55286d5102720ad80d7b170b305ead6a3d09d14bd3","sha512":"a89dca18097deb551a4c154079a10de7e6a433cf21b45e1713c50695f53b9c0dfe97a86751914498ec5709437bc97fbf6ee91ab158c356e06da393a89987345d","ssdeep":"1536:ktucHmd2B+tWy8CPnLUTguhwkHUzLf9zO2xuA9XFf8xAU:yHmdy+tpQ3wklc79ixAU","tlshash":"3a83025795ea11121f5c03bf6dab12fc06f47e2895c44f95c8d0bf156874fb0895b02b","first_seen":"2026-01-17T02:51:54.213473Z","last_seen":"2026-04-12T12:44:50.941983Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1691,"timings":{"blocked":0,"dns":31,"connect":327,"send":0,"wait":345,"receive":333,"ssl":655},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echoali.oss-ap-southeast-1.aliyuncs.com/hotel/hotel_photos/1006.png","fqdn":"echoali.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.250","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://a.gobookroom.com/","date":"2026-04-12T12:44:22.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /hotel/hotel_photos/1006.png HTTP/1.1\r\nHost: echoali.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://a.gobookroom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Sun, 12 Apr 2026 12:44:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 89792\r\nConnection: keep-alive\r\nx-oss-request-id: 69DB93A7AA029838395CCA78\r\nAccept-Ranges: bytes\r\nETag: \"4D1775A6703F07063CBD75D1896234EE\"\r\nLast-Modified: Thu, 06 Nov 2025 19:56:38 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11681809445837979901\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: TRd1pnA/BwY8vXXRiWI07g==\r\nx-oss-server-time: 15\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":89792,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 898x675, components 3","md5":"4d1775a6703f07063cbd75d1896234ee","sha1":"329d234c55050f2b9ecc88958cf6b5c3de1ea2c6","sha256":"ba269005809f4eca5773e9cf6cad3941a27160cd7e4d0c49d757bcf49aa0ae37","sha512":"65dd33743c6f727cb655c0b047cdf140f6e523d787a753f0673a5cbf6f3a955f32230d9cd29ef788d492e2a0bfe3807c4a1aab6ab647fe58f5622753f4f36252","ssdeep":"1536:rl0mVvzKPeuU7lTpJPwxQ4VwliKQxOKNcr5hoOORw44Z/uGYUzP+Amzw1u+MDeWz:6mdKmNBHwxQ4VwcOKAfAw44VuGlzhobz","tlshash":"cb93022e904516ed9655f8bc39e9b8ecb6016e00d8e3fe713257b16ff4b0ce24484e69","first_seen":"2026-04-12T12:44:50.943887Z","last_seen":"2026-04-12T13:08:58.822447Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1717,"timings":{"blocked":0,"dns":28,"connect":333,"send":0,"wait":348,"receive":337,"ssl":671},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}