{"report_id":"f62c68ba-d974-4a78-887e-cb3516263676","version":6,"status":"done","tags":[],"date":"2026-06-03T11:41:15Z","url":{"schema":"http","addr":"chamatrailsinn.com","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":0,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"chamatrailsinn.com/","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"title":"币圈APP下载 - 全球领先数字货币交易平台官方客户端","dom":{"size":9279,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"087a87af3245f1a4b882f868ad280f33","sha1":"e41993c3aaca9cbea9ebda3e81d1291b76d2d467","sha256":"cf336da4681fd5499fa29810eb7f1c7b32c19de014177161dd61ac0b9c6ba299","sha512":"7f4441f499a4f492dda322c042ebc98d3432a46dd49c4df11a3edad2bc1dd950b907094c1cdfed93736c5b2f48e5aad972471695ef4020c8e595246bc10622d6","ssdeep":"192:TE/h6PbpZxp+pLpBgpkV2X+pmZp0T3nJpBSwDyoLHdH/oEP:THZjuVBYkV2+mrk3nvBSwDXhH/oEP","tlshash":"4f12709a61f0697b01a384dbb764675e2ee6d223c53a4e00b7fd0f898fc1d969d4301a","dom_hash":"domhashaa75c03c706d7d0369d08d7339095a6f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"chamatrailsinn.com","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":0,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-08T11:41:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"tongji.114ok.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"chamatrailsinn.com","ip":{"addr":"172.87.31.70","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"domain_registered":"2026-03-10","domain_rank":0,"first_seen":"2026-05-04T11:39:18.913921Z","last_seen":"2026-05-04T11:39:18.913921Z","alert_count":0,"request_count":7,"received_data":233199,"sent_data":3448,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"tongji.114ok.com","ip":{"addr":"154.12.28.152","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"domain_registered":"2025-05-16","domain_rank":0,"first_seen":"2026-03-06T14:49:33.29275Z","last_seen":"2026-06-03T10:26:05.974474Z","alert_count":6,"request_count":6,"received_data":14452,"sent_data":2908,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"chamatrailsinn.com/u.js","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"768b8a8c54aad96339214ef70c473e5d","sha1":"f950b3234b0b4213370e79d6a7dedf6fe53a6e5d","sha256":"7f135da8a407fcc572377637db78061344cc647982035dc2791a34d01c1def43","sha512":"99182a8a19f1645a97a162bc8c77f723ab1f2cd75b8605f8be35428ac6080c914c9dad1b2200bb3df09ee03fa44ad67979a872c77054a8e3a720df793dbacdd2","ssdeep":"","tlshash":"83f05c2f5c698635933b0864127ed14cb271605db06fc906d8cee89d68a8f754caae8b","size":464,"data":"","first_seen":"2026-05-04T11:39:23.612646Z","last_seen":"2026-06-03T11:41:16.191811Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chamatrailsinn.com/a.js","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc25aa644fdbe3c755428e6efb88aa62","sha1":"1c7818c196b3c1b7cbc816c0b5912f05db28c208","sha256":"913972477094d8417baa7c81dd521ce7caedb465c64adf47df16143aa1bddfeb","sha512":"8bef127519c1be4906595052f7aeed0f5027db0d6180cf9dc929a2e0ed0cfea13f1de1b6ecba920d204a3c882028545e008d9805b889aae8dedcc7c3237dcb25","ssdeep":"","tlshash":"2df0d42f6c754239e3370864013dd04c7271104d706fc54298cef45c78a4f754c66e8a","size":464,"data":"","first_seen":"2026-04-28T07:05:40.111333Z","last_seen":"2026-06-11T11:35:02.066625Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tongji.114ok.com/script.js","fqdn":"tongji.114ok.com","domain":"114ok.com","tld":"com"},"ip":{"addr":"154.12.28.152","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8bf183f4d18c63a74b24343e833af8d3","sha1":"7b56269adf40dab7f7517cb76abc46696cae2804","sha256":"be444c289ac019af8486b50fe2bbf2fdb2890812fb945dc78940b6781a68ac52","sha512":"75e4aa93cd80bb49a69c6f2cce208416d07160b3dd96a85b8d1936346a4a29b73b0eb04196b096b49e7e9e0c6751bef9849736a50d0978f78b827906ccd8e598","ssdeep":"96:5hxd6VIOvoGnRBh/sMqjBK54dZZPnAx8QfqNGMxxs8Tb9mfGuK:5h6VcCkjBOkbAx5ikMxxPfVH","tlshash":"209149e6e44170f13bfd64c6a2781220b23a1bb0b50290a4fabd5c974f2d687257df2c","size":4595,"data":"","first_seen":"2026-04-17T16:50:29.722561Z","last_seen":"2026-06-24T14:18:12.772085Z","times_seen":610,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tongji.114ok.com/script.js","fqdn":"tongji.114ok.com","domain":"114ok.com","tld":"com"},"ip":{"addr":"154.12.28.152","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8bf183f4d18c63a74b24343e833af8d3","sha1":"7b56269adf40dab7f7517cb76abc46696cae2804","sha256":"be444c289ac019af8486b50fe2bbf2fdb2890812fb945dc78940b6781a68ac52","sha512":"75e4aa93cd80bb49a69c6f2cce208416d07160b3dd96a85b8d1936346a4a29b73b0eb04196b096b49e7e9e0c6751bef9849736a50d0978f78b827906ccd8e598","ssdeep":"96:5hxd6VIOvoGnRBh/sMqjBK54dZZPnAx8QfqNGMxxs8Tb9mfGuK:5h6VcCkjBOkbAx5ikMxxPfVH","tlshash":"209149e6e44170f13bfd64c6a2781220b23a1bb0b50290a4fabd5c974f2d687257df2c","size":4595,"data":"","first_seen":"2026-04-17T16:50:29.722561Z","last_seen":"2026-06-24T14:18:12.772085Z","times_seen":610,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"chamatrailsinn.com/static/css/appweb.css","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:53.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chamatrailsinn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:15:57 GMT","end":"Fri, 07 Aug 2026 07:15:56 GMT"},"fingerprint":{"sha1":"13:0C:15:99:D6:C7:9B:E1:7D:24:26:CF:C9:6D:63:95:07:9D:A7:58","sha256":"2F:F3:66:4F:C4:E1:9C:22:6D:F5:87:18:B8:31:58:8E:11:E7:19:B7:F5:79:7E:C8:4C:D0:4B:69:E2:E5:B5:6F"}}},"request":{"raw":"GET /static/css/appweb.css HTTP/1.1\r\nHost: chamatrailsinn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chamatrailsinn.com/\r\nCookie: server_name_session=31e0a359c558dc1de3d5ea4908e0c4f8\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:53 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 24 Nov 2025 09:10:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"692420fd-555d\"\r\nexpires: Wed, 03 Jun 2026 23:40:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21853,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"0882b8af9954436b1b5b79af2540586a","sha1":"6956ae224f0ef49d402de7a101eca55a295e4c5f","sha256":"6f3a8cb345e8bbdb73a4e35c2344633623a295d03a5c44f2cb4e8dbb451983e4","sha512":"53eaf8581cd6d85eda7dfafa3fd40a0eb8182ce787a9cc70d3cb323f9ceef0711f30538fbe84ff858a0fabaa6fca2e76bf6e9dd65037305ca289cf96046be3dd","ssdeep":"192:Ub/RGNrtCnHYtoxnrh4hVlgyX7K9EFzqHxqzDzC8oRmcDzytJ+rGfj0t7w+YruQm:CEhrgyX7KNYOVY9pOPwNLJtK72K","tlshash":"7ca2538c961111539a33db7c6fb28705e6e48013ce0253ad7bee62094ff61f856a2f9c","first_seen":"2025-10-01T21:43:14.447112Z","last_seen":"2026-06-16T05:13:31.087668Z","times_seen":136,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chamatrailsinn.com/tj.js","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:53.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chamatrailsinn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:15:57 GMT","end":"Fri, 07 Aug 2026 07:15:56 GMT"},"fingerprint":{"sha1":"13:0C:15:99:D6:C7:9B:E1:7D:24:26:CF:C9:6D:63:95:07:9D:A7:58","sha256":"2F:F3:66:4F:C4:E1:9C:22:6D:F5:87:18:B8:31:58:8E:11:E7:19:B7:F5:79:7E:C8:4C:D0:4B:69:E2:E5:B5:6F"}}},"request":{"raw":"GET /tj.js HTTP/1.1\r\nHost: chamatrailsinn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chamatrailsinn.com/\r\nCookie: server_name_session=31e0a359c558dc1de3d5ea4908e0c4f8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 0\r\nlast-modified: Thu, 07 May 2026 09:17:16 GMT\r\netag: \"69fc589c-0\"\r\nexpires: Wed, 03 Jun 2026 23:40:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-24T18:14:31.963288Z","times_seen":16687664,"resource_available":true,"data":null}},"time_used":451,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":451,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chamatrailsinn.com/a.js","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:53.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chamatrailsinn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:15:57 GMT","end":"Fri, 07 Aug 2026 07:15:56 GMT"},"fingerprint":{"sha1":"13:0C:15:99:D6:C7:9B:E1:7D:24:26:CF:C9:6D:63:95:07:9D:A7:58","sha256":"2F:F3:66:4F:C4:E1:9C:22:6D:F5:87:18:B8:31:58:8E:11:E7:19:B7:F5:79:7E:C8:4C:D0:4B:69:E2:E5:B5:6F"}}},"request":{"raw":"GET /a.js HTTP/1.1\r\nHost: chamatrailsinn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chamatrailsinn.com/\r\nCookie: server_name_session=31e0a359c558dc1de3d5ea4908e0c4f8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 464\r\nlast-modified: Mon, 27 Apr 2026 12:37:27 GMT\r\netag: \"69ef5887-1d0\"\r\nexpires: Wed, 03 Jun 2026 23:40:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":464,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"dc25aa644fdbe3c755428e6efb88aa62","sha1":"1c7818c196b3c1b7cbc816c0b5912f05db28c208","sha256":"913972477094d8417baa7c81dd521ce7caedb465c64adf47df16143aa1bddfeb","sha512":"8bef127519c1be4906595052f7aeed0f5027db0d6180cf9dc929a2e0ed0cfea13f1de1b6ecba920d204a3c882028545e008d9805b889aae8dedcc7c3237dcb25","ssdeep":"","tlshash":"2df0d42f6c754239e3370864013dd04c7271104d706fc54298cef45c78a4f754c66e8a","first_seen":"2026-04-28T07:05:40.111333Z","last_seen":"2026-06-11T11:35:02.066625Z","times_seen":11,"resource_available":true,"data":null}},"time_used":451,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":451,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tongji.114ok.com/script.js","fqdn":"tongji.114ok.com","domain":"114ok.com","tld":"com"},"ip":{"addr":"154.12.28.152","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:54.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tongji.114ok.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Apr 2026 05:49:35 GMT","end":"Sun, 26 Jul 2026 05:49:34 GMT"},"fingerprint":{"sha1":"BF:60:A1:BF:2D:44:98:09:51:20:37:C4:1A:D6:82:A5:E3:0B:3D:C0","sha256":"22:4E:26:F6:CB:25:58:00:8D:47:30:E8:2E:58:7F:DC:44:4A:D3:6F:3A:47:66:E7:BA:F5:CD:E8:33:D3:DE:A7"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: tongji.114ok.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chamatrailsinn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-dns-prefetch-control: on\r\ncontent-security-policy: default-src 'self'; img-src 'self' https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src 'self' https:; frame-ancestors 'self' ;\r\naccess-control-allow-origin: *\r\ncache-control: max-age=60\r\nlast-modified: Thu, 16 Apr 2026 23:44:12 GMT\r\netag: W/\"11f3-19d98ae48e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nset-cookie: server_name_session=12efd712f23d1ff9e51eb78b7dab4178; Max-Age=86400; httponly; path=/\r\nexpires: Wed, 03 Jun 2026 11:41:55 GMT\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4595,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4594)","md5":"8bf183f4d18c63a74b24343e833af8d3","sha1":"7b56269adf40dab7f7517cb76abc46696cae2804","sha256":"be444c289ac019af8486b50fe2bbf2fdb2890812fb945dc78940b6781a68ac52","sha512":"75e4aa93cd80bb49a69c6f2cce208416d07160b3dd96a85b8d1936346a4a29b73b0eb04196b096b49e7e9e0c6751bef9849736a50d0978f78b827906ccd8e598","ssdeep":"96:5hxd6VIOvoGnRBh/sMqjBK54dZZPnAx8QfqNGMxxs8Tb9mfGuK:5h6VcCkjBOkbAx5ikMxxPfVH","tlshash":"209149e6e44170f13bfd64c6a2781220b23a1bb0b50290a4fabd5c974f2d687257df2c","first_seen":"2026-04-17T16:50:29.722561Z","last_seen":"2026-06-24T14:18:12.772085Z","times_seen":610,"resource_available":true,"data":null}},"time_used":1608,"timings":{"blocked":687,"dns":0,"connect":308,"send":0,"wait":297,"receive":0,"ssl":313},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"tongji.114ok.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chamatrailsinn.com/favicon.ico","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:54.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chamatrailsinn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:15:57 GMT","end":"Fri, 07 Aug 2026 07:15:56 GMT"},"fingerprint":{"sha1":"13:0C:15:99:D6:C7:9B:E1:7D:24:26:CF:C9:6D:63:95:07:9D:A7:58","sha256":"2F:F3:66:4F:C4:E1:9C:22:6D:F5:87:18:B8:31:58:8E:11:E7:19:B7:F5:79:7E:C8:4C:D0:4B:69:E2:E5:B5:6F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: chamatrailsinn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chamatrailsinn.com/\r\nCookie: server_name_session=31e0a359c558dc1de3d5ea4908e0c4f8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:54 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-24T18:17:02.450548Z","times_seen":530594,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tongji.114ok.com/api/send","fqdn":"tongji.114ok.com","domain":"114ok.com","tld":"com"},"ip":{"addr":"154.12.28.152","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:55.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tongji.114ok.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Apr 2026 05:49:35 GMT","end":"Sun, 26 Jul 2026 05:49:34 GMT"},"fingerprint":{"sha1":"BF:60:A1:BF:2D:44:98:09:51:20:37:C4:1A:D6:82:A5:E3:0B:3D:C0","sha256":"22:4E:26:F6:CB:25:58:00:8D:47:30:E8:2E:58:7F:DC:44:4A:D3:6F:3A:47:66:E7:BA:F5:CD:E8:33:D3:DE:A7"}}},"request":{"raw":"OPTIONS /api/send HTTP/1.1\r\nHost: tongji.114ok.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://chamatrailsinn.com/\r\nOrigin: https://chamatrailsinn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:55 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, DELETE, POST, PUT\r\naccess-control-max-age: 86400\r\nx-dns-prefetch-control: on\r\ncontent-security-policy: default-src 'self'; img-src 'self' https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src 'self' https:; frame-ancestors 'self' ;\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nallow: OPTIONS, POST\r\nset-cookie: server_name_session=12efd712f23d1ff9e51eb78b7dab4178; Max-Age=86400; httponly; path=/\r\ncache-control: no-cache, no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-24T18:14:31.963288Z","times_seen":16687664,"resource_available":true,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"tongji.114ok.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tongji.114ok.com/api/send","fqdn":"tongji.114ok.com","domain":"114ok.com","tld":"com"},"ip":{"addr":"154.12.28.152","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:55.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tongji.114ok.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Apr 2026 05:49:35 GMT","end":"Sun, 26 Jul 2026 05:49:34 GMT"},"fingerprint":{"sha1":"BF:60:A1:BF:2D:44:98:09:51:20:37:C4:1A:D6:82:A5:E3:0B:3D:C0","sha256":"22:4E:26:F6:CB:25:58:00:8D:47:30:E8:2E:58:7F:DC:44:4A:D3:6F:3A:47:66:E7:BA:F5:CD:E8:33:D3:DE:A7"}}},"request":{"raw":"POST /api/send HTTP/1.1\r\nHost: tongji.114ok.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://chamatrailsinn.com/\r\nContent-Type: application/json\r\nContent-Length: 279\r\nOrigin: https://chamatrailsinn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:55 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, DELETE, POST, PUT\r\naccess-control-max-age: 86400\r\nx-dns-prefetch-control: on\r\ncontent-security-policy: default-src 'self'; img-src 'self' https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src 'self' https:; frame-ancestors 'self' ;\r\nvary: Accept-Encoding, rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nset-cookie: server_name_session=12efd712f23d1ff9e51eb78b7dab4178; Max-Age=86400; httponly; path=/\r\ncache-control: no-cache, no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":419,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9bf2c02b4823e86d0c982b9b8399980","sha1":"9ee17dcd469ab84f63f288c9ce04ebee28692863","sha256":"6ef33855896e5d692995035bdff6a7c29690755232e739b4eb5ce6e8665979f8","sha512":"cba17d8eefe0cf2c2a944e9a2fc7fcaef0adaaeaa960880882044909c9c2f352c8978f73a997c589c2663b0020baa9a99bc4d1d6ef7e853931ec35a05aa0de88","ssdeep":"","tlshash":"97e0f13986c24d9d702d7f442f981665eb5a20a51db812e0d4fb7814aa3afb15506a18","first_seen":"2026-06-03T11:41:16.187417Z","last_seen":"2026-06-03T11:41:16.187417Z","times_seen":1,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":348,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"tongji.114ok.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tongji.114ok.com/api/send","fqdn":"tongji.114ok.com","domain":"114ok.com","tld":"com"},"ip":{"addr":"154.12.28.152","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:55.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tongji.114ok.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Apr 2026 05:49:35 GMT","end":"Sun, 26 Jul 2026 05:49:34 GMT"},"fingerprint":{"sha1":"BF:60:A1:BF:2D:44:98:09:51:20:37:C4:1A:D6:82:A5:E3:0B:3D:C0","sha256":"22:4E:26:F6:CB:25:58:00:8D:47:30:E8:2E:58:7F:DC:44:4A:D3:6F:3A:47:66:E7:BA:F5:CD:E8:33:D3:DE:A7"}}},"request":{"raw":"POST /api/send HTTP/1.1\r\nHost: tongji.114ok.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://chamatrailsinn.com/\r\nContent-Type: application/json\r\nContent-Length: 279\r\nOrigin: https://chamatrailsinn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:55 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, DELETE, POST, PUT\r\naccess-control-max-age: 86400\r\nx-dns-prefetch-control: on\r\ncontent-security-policy: default-src 'self'; img-src 'self' https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src 'self' https:; frame-ancestors 'self' ;\r\nvary: Accept-Encoding, rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nset-cookie: server_name_session=12efd712f23d1ff9e51eb78b7dab4178; Max-Age=86400; httponly; path=/\r\ncache-control: no-cache, no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":419,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f401d0709081968a7a0e23e59696b00e","sha1":"b7710fd13e7b55c8678eebfa8578a3ebb5f175c5","sha256":"bab1440153dc70dc6414f27fa0777a43cb81c70d02acdbc2f23677acd415e074","sha512":"7c956ae3085bf9d96d5c1ec48419d18cf5d190278f93fd93e366195123ad9bc14dd4f4e60c54f8506cc4487bc4268bd10e0376bdc7b0bed51c69940e4f4b0e29","ssdeep":"","tlshash":"22e023d004198e6e206625000c9415f05f1e25d346c810f190e722aafc3698b590ac10","first_seen":"2026-06-03T11:41:16.188485Z","last_seen":"2026-06-03T11:41:16.188485Z","times_seen":1,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":361,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"tongji.114ok.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chamatrailsinn.com/","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-03T11:40:53.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chamatrailsinn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:15:57 GMT","end":"Fri, 07 Aug 2026 07:15:56 GMT"},"fingerprint":{"sha1":"13:0C:15:99:D6:C7:9B:E1:7D:24:26:CF:C9:6D:63:95:07:9D:A7:58","sha256":"2F:F3:66:4F:C4:E1:9C:22:6D:F5:87:18:B8:31:58:8E:11:E7:19:B7:F5:79:7E:C8:4C:D0:4B:69:E2:E5:B5:6F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: chamatrailsinn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:53 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 27 Apr 2026 13:44:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ef683c-235a\"\r\nset-cookie: server_name_session=31e0a359c558dc1de3d5ea4908e0c4f8; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9050,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"6cffc773c595fcdfd354e951431158a5","sha1":"641ba18d5716c0bb7cf5e7934d5f7930434d3e0b","sha256":"35b2c981e10c51e9d6d891a5c9b91d030b9da10fb2733f0d6328193238e29be4","sha512":"71b00b0990d7b065a62b15922b652bd360576a3ae3b5202f04430b3717edf3a29ba8acc3e7818c2bb05dbdf202b9a9e4d03bd64c50e668fa3b96fcbeedfe27bc","ssdeep":"192:PE/16PbpZxp+pLpBgpkV2X+pmZp0T3nJpBSwDyoLHdH/+Ew:PnZjuVBYkV2+mrk3nvBSwDXhH/+Ew","tlshash":"f812709a60f0697b01a380db7765675b2eeac623c53a4f00b7fd0f898fc1d96994300a","first_seen":"2026-05-04T11:39:23.614978Z","last_seen":"2026-06-03T11:41:16.189536Z","times_seen":2,"resource_available":true,"data":null}},"time_used":856,"timings":{"blocked":353,"dns":45,"connect":150,"send":0,"wait":150,"receive":0,"ssl":155},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chamatrailsinn.com/static/image/mbxt6.png","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:53.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chamatrailsinn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:15:57 GMT","end":"Fri, 07 Aug 2026 07:15:56 GMT"},"fingerprint":{"sha1":"13:0C:15:99:D6:C7:9B:E1:7D:24:26:CF:C9:6D:63:95:07:9D:A7:58","sha256":"2F:F3:66:4F:C4:E1:9C:22:6D:F5:87:18:B8:31:58:8E:11:E7:19:B7:F5:79:7E:C8:4C:D0:4B:69:E2:E5:B5:6F"}}},"request":{"raw":"GET /static/image/mbxt6.png HTTP/1.1\r\nHost: chamatrailsinn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chamatrailsinn.com/\r\nCookie: server_name_session=31e0a359c558dc1de3d5ea4908e0c4f8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 24 Nov 2025 09:10:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"692420fe-30539\"\r\nexpires: Fri, 03 Jul 2026 11:40:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":197945,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1002 x 563, 8-bit/color RGBA, non-interlaced","md5":"937456a4dff895c3b5310f659e0fa195","sha1":"62b1aabe6e7e73c77921034a8c72fe8224118254","sha256":"e4d07a0c334babcbd0e3755d198d5b83245ea0e747324d3f1e122f4afa8bca92","sha512":"4b25dfddeaced5fe85ad7515d4e68256a7626c006bd25c7fed54892c3a369b4fcde3dfa7f4e9dc238e48a86c4fbb823bde29b0b0909b616d00b6e395096794bd","ssdeep":"6144:6kE+jhjOcKs0mSO0dwySqJg2KaTgcq0i0g:6kE+PK8v0dwySqJgBxcq0iP","tlshash":"10141293494e85e39bb8a459513f1c413e1f29a48aac6c3644bd817fcbb06ceff14d29","first_seen":"2026-03-18T20:07:13.626153Z","last_seen":"2026-06-14T01:40:26.929002Z","times_seen":16,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chamatrailsinn.com/u.js","fqdn":"chamatrailsinn.com","domain":"chamatrailsinn.com","tld":"com"},"ip":{"addr":"172.87.31.70","port":443,"asn":21859,"as":"ZEN-ECN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:53.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chamatrailsinn.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 07:15:57 GMT","end":"Fri, 07 Aug 2026 07:15:56 GMT"},"fingerprint":{"sha1":"13:0C:15:99:D6:C7:9B:E1:7D:24:26:CF:C9:6D:63:95:07:9D:A7:58","sha256":"2F:F3:66:4F:C4:E1:9C:22:6D:F5:87:18:B8:31:58:8E:11:E7:19:B7:F5:79:7E:C8:4C:D0:4B:69:E2:E5:B5:6F"}}},"request":{"raw":"GET /u.js HTTP/1.1\r\nHost: chamatrailsinn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chamatrailsinn.com/\r\nCookie: server_name_session=31e0a359c558dc1de3d5ea4908e0c4f8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 464\r\nlast-modified: Mon, 27 Apr 2026 10:48:56 GMT\r\netag: \"69ef3f18-1d0\"\r\nexpires: Wed, 03 Jun 2026 23:40:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":464,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"768b8a8c54aad96339214ef70c473e5d","sha1":"f950b3234b0b4213370e79d6a7dedf6fe53a6e5d","sha256":"7f135da8a407fcc572377637db78061344cc647982035dc2791a34d01c1def43","sha512":"99182a8a19f1645a97a162bc8c77f723ab1f2cd75b8605f8be35428ac6080c914c9dad1b2200bb3df09ee03fa44ad67979a872c77054a8e3a720df793dbacdd2","ssdeep":"","tlshash":"83f05c2f5c698635933b0864127ed14cb271605db06fc906d8cee89d68a8f754caae8b","first_seen":"2026-05-04T11:39:23.612646Z","last_seen":"2026-06-03T11:41:16.191811Z","times_seen":5,"resource_available":true,"data":null}},"time_used":451,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":451,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tongji.114ok.com/script.js","fqdn":"tongji.114ok.com","domain":"114ok.com","tld":"com"},"ip":{"addr":"154.12.28.152","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:54.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tongji.114ok.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Apr 2026 05:49:35 GMT","end":"Sun, 26 Jul 2026 05:49:34 GMT"},"fingerprint":{"sha1":"BF:60:A1:BF:2D:44:98:09:51:20:37:C4:1A:D6:82:A5:E3:0B:3D:C0","sha256":"22:4E:26:F6:CB:25:58:00:8D:47:30:E8:2E:58:7F:DC:44:4A:D3:6F:3A:47:66:E7:BA:F5:CD:E8:33:D3:DE:A7"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: tongji.114ok.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chamatrailsinn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:55 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nx-dns-prefetch-control: on\r\ncontent-security-policy: default-src 'self'; img-src 'self' https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src 'self' https:; frame-ancestors 'self' ;\r\naccess-control-allow-origin: *\r\ncache-control: max-age=60\r\nlast-modified: Thu, 16 Apr 2026 23:44:12 GMT\r\netag: W/\"11f3-19d98ae48e0\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nset-cookie: server_name_session=12efd712f23d1ff9e51eb78b7dab4178; Max-Age=86400; httponly; path=/\r\nexpires: Wed, 03 Jun 2026 11:41:55 GMT\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4595,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4594)","md5":"8bf183f4d18c63a74b24343e833af8d3","sha1":"7b56269adf40dab7f7517cb76abc46696cae2804","sha256":"be444c289ac019af8486b50fe2bbf2fdb2890812fb945dc78940b6781a68ac52","sha512":"75e4aa93cd80bb49a69c6f2cce208416d07160b3dd96a85b8d1936346a4a29b73b0eb04196b096b49e7e9e0c6751bef9849736a50d0978f78b827906ccd8e598","ssdeep":"96:5hxd6VIOvoGnRBh/sMqjBK54dZZPnAx8QfqNGMxxs8Tb9mfGuK:5h6VcCkjBOkbAx5ikMxxPfVH","tlshash":"209149e6e44170f13bfd64c6a2781220b23a1bb0b50290a4fabd5c974f2d687257df2c","first_seen":"2026-04-17T16:50:29.722561Z","last_seen":"2026-06-24T14:18:12.772085Z","times_seen":610,"resource_available":true,"data":null}},"time_used":1635,"timings":{"blocked":670,"dns":65,"connect":296,"send":0,"wait":297,"receive":0,"ssl":303},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"tongji.114ok.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tongji.114ok.com/api/send","fqdn":"tongji.114ok.com","domain":"114ok.com","tld":"com"},"ip":{"addr":"154.12.28.152","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://chamatrailsinn.com/","date":"2026-06-03T11:40:55.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tongji.114ok.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Apr 2026 05:49:35 GMT","end":"Sun, 26 Jul 2026 05:49:34 GMT"},"fingerprint":{"sha1":"BF:60:A1:BF:2D:44:98:09:51:20:37:C4:1A:D6:82:A5:E3:0B:3D:C0","sha256":"22:4E:26:F6:CB:25:58:00:8D:47:30:E8:2E:58:7F:DC:44:4A:D3:6F:3A:47:66:E7:BA:F5:CD:E8:33:D3:DE:A7"}}},"request":{"raw":"OPTIONS /api/send HTTP/1.1\r\nHost: tongji.114ok.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://chamatrailsinn.com/\r\nOrigin: https://chamatrailsinn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Wed, 03 Jun 2026 11:40:55 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, DELETE, POST, PUT\r\naccess-control-max-age: 86400\r\nx-dns-prefetch-control: on\r\ncontent-security-policy: default-src 'self'; img-src 'self' https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src 'self' https:; frame-ancestors 'self' ;\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nallow: OPTIONS, POST\r\nset-cookie: server_name_session=12efd712f23d1ff9e51eb78b7dab4178; Max-Age=86400; httponly; path=/\r\ncache-control: no-cache, no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-24T18:14:31.963288Z","times_seen":16687664,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"tongji.114ok.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}