{"report_id":"f43f1d1d-7fc0-4ed1-b666-a8552c8f6d59","version":6,"status":"done","tags":[],"date":"2026-05-24T00:23:07Z","url":{"schema":"http","addr":"hans-oe.com.cn","fqdn":"hans-oe.com.cn","domain":"hans-oe.com.cn","tld":"com.cn"},"ip":{"addr":"207.56.16.143","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hans-oe.com.cn/","fqdn":"hans-oe.com.cn","domain":"hans-oe.com.cn","tld":"com.cn"},"title":"欧易(OKX) - 全球领先的数字资产交易平台 | 安全 专业 高效","dom":{"size":25112,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (534)","md5":"1b3818527b06bd53271c4a1099ddc5dc","sha1":"5911aa73935fe2614d1324fae5302a6a83581578","sha256":"a5df283d78de96c4536a54bc665ecad945688c1bf84d69c3a01bca4c31af7ef2","sha512":"ffacc46346aa328bba4c129dcf48f226b37dfb09ac672304e1cf31fc53cc5027bb76110396c50a1cea0c5ccef7d48f4e9b355d645ec789c9da3a67c1cfffd5d6","ssdeep":"192:/ORzwPHlIkyw3yhcAH4KMkVAwwO8adSF5PCXEA6/RkkSqAmJr2MMIItcqtcVqZYK:IfYHZ2kie3U/","tlshash":"63b2952aa1f31852395390a86bbb97097665c403c80ace187fbd565ccfcad98cd9374d","dom_hash":"domhashbf9acb64f07581ba2b6433b1a6218f23","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hans-oe.com.cn","fqdn":"hans-oe.com.cn","domain":"hans-oe.com.cn","tld":"com.cn"},"ip":{"addr":"207.56.16.143","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-28T00:23:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"hans-oe.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"hans-oe.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"hans-oe.com.cn","ip":{"addr":"207.56.16.143","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"domain_registered":"2026-05-16","domain_rank":0,"first_seen":"2026-05-24T00:22:53.047186Z","last_seen":"2026-05-24T00:22:53.047186Z","alert_count":2,"request_count":1,"received_data":25777,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.okx.com","ip":{"addr":"172.64.144.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2001-07-03","domain_rank":29351,"first_seen":"2019-04-12T18:26:11Z","last_seen":"2026-05-22T15:06:20.389381Z","alert_count":0,"request_count":1,"received_data":1128,"sent_data":452,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hans-oe.com.cn/","fqdn":"hans-oe.com.cn","domain":"hans-oe.com.cn","tld":"com.cn"},"ip":{"addr":"207.56.16.143","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1932c5ddd4cfdd0ae93874d495fdbb24","sha1":"3d105f938664cbba4330725e452031d481073802","sha256":"501ca8369a1a18d3922c03f35591cf55d40cae5c80305f27fa7e61b7a746e384","sha512":"64c0772741219243821e4406284ff52fdbb81546363065ff5af86ad6b700c046dac93cb3467e42101e875a9d3fe7d8cb44ccf0ad98a3aac6b691a527531f1b16","ssdeep":"","tlshash":"c561347f30a6a06109a730b99b4fe349752200873421dd087e3f8f615f75ba15c626db","size":3336,"data":"","first_seen":"2026-05-24T00:22:57.86641Z","last_seen":"2026-05-24T05:46:22.970106Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"hans-oe.com.cn/","fqdn":"hans-oe.com.cn","domain":"hans-oe.com.cn","tld":"com.cn"},"ip":{"addr":"207.56.16.143","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-24T00:22:45.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hans-oe.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 00:10:45 GMT","end":"Fri, 14 Aug 2026 00:10:44 GMT"},"fingerprint":{"sha1":"7A:91:C0:27:0B:82:5E:00:E0:2E:08:EE:9B:FD:E5:3F:CF:3A:63:C5","sha256":"1A:E2:47:01:59:6C:55:6C:81:A5:68:68:81:AB:0F:3B:D9:9A:C1:CB:63:B8:AD:87:B3:3E:69:4F:5E:7D:F0:53"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hans-oe.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 24 May 2026 00:22:51 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 21 May 2026 02:57:23 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0e7493-62f4\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25332,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (534)","md5":"10647a2508be99bcba3f1a6bc554a043","sha1":"3004ff07adbd8a86d814175f0bd66a15d184b0fc","sha256":"e92fa6bd7414a688db890214ebc8a280bdb4c6188eb1628e3d87977b4190b911","sha512":"58420c6244caca975deb67e2a061cbaa16f01db39000508c0663713c30ecd1fb481337ed75a853076fd75f43f3312e61c95c7171d9ad9e032754752b4edb1c0e","ssdeep":"192:LfRzwPHlIkyw3yhcAH4KMkVAwwO8adSF5PCXEA6/RkkSqAmJy4MMIIhcqRcVqZY4:PfYH0qoie3UN","tlshash":"b7b2942a61f318523953a0a86bbb97097665c403c80ace187fbd565ccfcad98cda374d","first_seen":"2026-05-24T00:22:57.85985Z","last_seen":"2026-05-24T05:46:22.969306Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1331,"timings":{"blocked":534,"dns":1,"connect":263,"send":0,"wait":263,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"hans-oe.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-24","alert":"Sinkholed","trigger":"hans-oe.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.okx.com/cdn/web3/logo/okx-logo-white.svg","fqdn":"www.okx.com","domain":"okx.com","tld":"com"},"ip":{"addr":"172.64.144.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hans-oe.com.cn/","date":"2026-05-24T00:22:46.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.okx.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 15 Apr 2026 04:44:15 GMT","end":"Tue, 14 Jul 2026 05:44:12 GMT"},"fingerprint":{"sha1":"D8:A7:DD:11:F5:F6:40:E8:B4:4D:35:99:99:43:E8:49:7A:6F:2C:CF","sha256":"05:96:8D:DA:12:0F:CB:A3:F7:84:A9:CF:FB:67:F0:AF:6E:0E:BA:CF:BB:57:F8:75:F3:89:BA:62:84:11:7D:11"}}},"request":{"raw":"GET /cdn/web3/logo/okx-logo-white.svg HTTP/1.1\r\nHost: www.okx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hans-oe.com.cn/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 24 May 2026 00:22:47 GMT\r\ncontent-type: application/xml\r\nserver: cloudflare\r\nset-cookie: __cf_bm=XkP4M0PsW1EVGoV.TVxFispg2fE163zAObxNYfm4Wzc-1779582166.5906832-1.0.1.1-lcl2U7zzbe83KiRUVT8RncnYy_Ir9iV_Nirx01bAuHATO5gz2kbtw8_4nmJ6XLoBb9eIubkLEWPaoMVHPkLGwnnjncQXzgH7k7cXRdaRLTmXbfiQ_6jnuSJbrfzfF76x; HttpOnly; SameSite=None; Secure; Path=/; Domain=okx.com; Expires=Sun, 24 May 2026 00:52:47 GMT\r\nx-oss-request-id: 6A1244D73F9B873737F968AD\r\nx-oss-cdn-auth: success\r\nx-oss-server-time: 1\r\nx-oss-ec: 0026-00000001\r\nvia: ens-cache9.l2de4[748,747,404-1280,M], ens-cache8.l2de4[749,0], ens-cache2.nl3[756,756,404-1280,M], ens-cache2.nl3[758,0]\r\nali-swift-global-savetime: 1779582167\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-error: orig response 4XX error\r\nx-swift-savetime: Sun, 24 May 2026 00:22:47 GMT\r\nx-swift-cachetime: 1\r\ncache-control: public, max-age=31536000\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\neagleid: 2ff6309617795821666316667e\r\nexpires: Mon, 24 May 2027 00:22:47 GMT\r\ncf-cache-status: MISS\r\ncontent-encoding: gzip\r\ncf-ray: a00825dd2d1e120a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":911,"timings":{"blocked":45,"dns":1,"connect":1,"send":0,"wait":818,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}