{"report_id":"02edc5d2-8530-43b3-b4db-8fe3ba761a00","version":6,"status":"done","tags":[],"date":"2025-12-21T02:53:41Z","url":{"schema":"http","addr":"ecolife.top/","fqdn":"ecolife.top","domain":"ecolife.top","tld":"top"},"ip":{"addr":"84.234.17.61","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"ecolife.top/","fqdn":"ecolife.top","domain":"ecolife.top","tld":"top"},"title":"Ecolife - Экология и устойчивый образ жизни","dom":{"size":15936,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8405)","md5":"00fbf8256e2af7187243b87bf252b21b","sha1":"0e208c1fc33d9bfbf834ac28cdb7f48bf8434c25","sha256":"1a2847e1b6b7c7ac3f446e0fcf273825239d82c85917b138725209b1d5e3c755","sha512":"869a1f8caa516069383ff77bab64bedb94362ea3c6155aeafba2969a51c66060b786c4ec883cedf1dd0d3a54cfd46db9875bfacc43927c608ac12557204aa644","ssdeep":"192:Qh/7JXe97JXex/27xcqIE/cmFSAQr9OZkcask/ms8aWHsfksiqaHNLvqO1n:QPML72lpjJOxauh9","tlshash":"0662d92861a010af3d53d4e7ec80ba59781a90fbef2f969a35ad58117fe3c7185db304","dom_hash":"domhash45fb9cad94778f6972a3341c971c2edd","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ecolife.top/","fqdn":"ecolife.top","domain":"ecolife.top","tld":"top"},"ip":{"addr":"84.234.17.61","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-25T02:53:41Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ecolife.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2025-12-15T00:37:47.140969Z","alert_count":0,"request_count":2,"received_data":815956,"sent_data":814,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ecolife.top","ip":{"addr":"84.234.17.61","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2024-12-21","domain_rank":0,"first_seen":"2025-12-21T02:53:41.548916Z","last_seen":"2025-12-21T02:53:41.548917Z","alert_count":3,"request_count":3,"received_data":306298,"sent_data":1342,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ecolife.top/","fqdn":"ecolife.top","domain":"ecolife.top","tld":"top"},"ip":{"addr":"84.234.17.61","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e4cd5c715df28f4284654ee28b3a253b","sha1":"fa81d76da3e260ad2335dbe41b728153a6fd5737","sha256":"73dbfc2c14451a0a27034347763193a13dcd45d9212481adf700d77620bb6d48","sha512":"351f322a3d9c9dae7ce1f7869058abf2e14ee682b895d389c5ed8f627de4e77cd4115fe8e1bf86dbac7d990e400c2032e45dd4f76145fab7ad601d5759702caf","ssdeep":"","tlshash":"63f0906b7e7e093a09ff6797278b9a49351210432848ca457fbe8e804f63ec098b71c0","size":589,"data":"","first_seen":"2025-12-21T02:53:44.167348Z","last_seen":"2025-12-21T02:53:44.167348Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-05T14:53:47.630922Z","times_seen":28905,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ecolife.top/","date":"2025-12-21T02:53:18.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 07:09:58 GMT","end":"Sat, 21 Feb 2026 08:09:55 GMT"},"fingerprint":{"sha1":"B5:C9:29:A1:B9:60:7F:A7:9E:9E:63:3E:DF:4E:05:34:4B:27:D3:86","sha256":"2D:FA:43:BC:F1:83:E4:D9:E0:ED:1A:D1:C5:0E:F5:E0:77:29:F1:F1:23:2F:E3:30:7B:72:49:1E:82:5C:DB:C1"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ecolife.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 21 Dec 2025 02:53:18 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::jwcjr-1765212281299-f54ecb125284\r\nlast-modified: Mon, 08 Dec 2025 16:44:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 1073317\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AYzIGPAxmiYM%2B2G35D1GBtDI12MdiWS%2Bazh69SQNjy9FuNQ6t2dlgAZGkgbT7K10qs%2BS%2FBa3w5cvNSWiGQlpLA%2FI%2BXaSEjDTvE7ppDlNpjk%3D\"}]}\r\ncf-ray: 9b1416a1ae420b45-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-05T14:53:47.630922Z","times_seen":28905,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecolife.top/favicon.ico","fqdn":"ecolife.top","domain":"ecolife.top","tld":"top"},"ip":{"addr":"84.234.17.61","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ecolife.top/","date":"2025-12-21T02:53:19.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecolife.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 21 Nov 2025 15:43:30 GMT","end":"Thu, 19 Feb 2026 15:43:29 GMT"},"fingerprint":{"sha1":"31:31:CB:D5:24:16:CC:58:53:22:EA:AF:71:70:AA:74:D2:44:C7:35","sha256":"B6:F6:BC:F5:0A:89:4F:9C:D2:4E:34:54:09:6C:FD:2E:9C:F6:B2:DE:AA:F2:23:C4:31:E6:AF:EA:62:97:48:6E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ecolife.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ecolife.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx/1.22.1\r\ndate: Sun, 21 Dec 2025 02:53:19 GMT\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"998368d7c95ea4293237f2320546e440","sha1":"30dfd2d3bb8a7e3241bd7792e90a98ebb70be3a4","sha256":"533a1ca5d6595793725bca7641d9461a0f00dd1732dded3e4281196f5dd21736","sha512":"648c4720a85dbf834be1ba00f0e1b4167cc670fe15896efb00a77fb6e0c225a13aae3da10d85fa6e7f726420d9bb3c20c43466e02296d44153c127b7160e0b97","ssdeep":"","tlshash":"4fc02b2d7513bc4cc563317832c37080c0c6833769bb4112c440800331cf2998bc3397","first_seen":"2023-04-06T02:01:38Z","last_seen":"2026-04-05T13:12:07.311822Z","times_seen":4069,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ecolife.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ecolife.top/","fqdn":"ecolife.top","domain":"ecolife.top","tld":"top"},"ip":{"addr":"84.234.17.61","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-21T02:53:18.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecolife.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 21 Nov 2025 15:43:30 GMT","end":"Thu, 19 Feb 2026 15:43:29 GMT"},"fingerprint":{"sha1":"31:31:CB:D5:24:16:CC:58:53:22:EA:AF:71:70:AA:74:D2:44:C7:35","sha256":"B6:F6:BC:F5:0A:89:4F:9C:D2:4E:34:54:09:6C:FD:2E:9C:F6:B2:DE:AA:F2:23:C4:31:E6:AF:EA:62:97:48:6E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ecolife.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.22.1\r\ndate: Sun, 21 Dec 2025 02:53:18 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Mon, 06 Jan 2025 06:19:13 GMT\r\netag: W/\"2932d2df3a1e3fe61657112b16029c06\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":7597,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"9cfa5d62c422058292723c6b0b22cb63","sha1":"db844b66806871ece594096c13e288192bda13ee","sha256":"2d1d787b2195c555e614e0b7a7ba54b3ab318e4036df92628bdb09b2167e0af1","sha512":"62c843e1503cb429830470375da077c155ff48dcb06d90fe8f20db2a0c224932bffe68dff1e517259eec92eb4d34c5eab61821d4292e64822fb3eda92765ed50","ssdeep":"192:AhVAQ19OZkcask/ms8aWHsfksNqaFNLvqO14M:A/NJOxauhXM","tlshash":"a1f1ff3464e624eb1243b467e9447e147ca9807feb5b960932bc6d6b3fe3c10c65f229","first_seen":"2025-12-21T02:53:44.16377Z","last_seen":"2025-12-21T02:53:44.16377Z","times_seen":1,"resource_available":false,"data":null}},"time_used":878,"timings":{"blocked":421,"dns":339,"connect":34,"send":0,"wait":36,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ecolife.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.3.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ecolife.top/","date":"2025-12-21T02:53:18.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 07:09:58 GMT","end":"Sat, 21 Feb 2026 08:09:55 GMT"},"fingerprint":{"sha1":"B5:C9:29:A1:B9:60:7F:A7:9E:9E:63:3E:DF:4E:05:34:4B:27:D3:86","sha256":"2D:FA:43:BC:F1:83:E4:D9:E0:ED:1A:D1:C5:0E:F5:E0:77:29:F1:F1:23:2F:E3:30:7B:72:49:1E:82:5C:DB:C1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ecolife.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 21 Dec 2025 02:53:18 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::788tg-1766285116036-77520df297fc\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 482\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8hdc1saBE0JsanGmYb4nJHGPpOSQPryxW8dO%2FkyUe69JJlqTfEuhMUVPaOrsyJ7kpTZJWh9p2GlW071a9tWhuXvFOi4KtUeTCFj92SlF0g8%3D\"}]}\r\ncf-ray: 9b1416a19e3d0b45-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":32,"dns":20,"connect":1,"send":0,"wait":5,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecolife.top/static/logo.png","fqdn":"ecolife.top","domain":"ecolife.top","tld":"top"},"ip":{"addr":"84.234.17.61","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ecolife.top/","date":"2025-12-21T02:53:18.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ecolife.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 21 Nov 2025 15:43:30 GMT","end":"Thu, 19 Feb 2026 15:43:29 GMT"},"fingerprint":{"sha1":"31:31:CB:D5:24:16:CC:58:53:22:EA:AF:71:70:AA:74:D2:44:C7:35","sha256":"B6:F6:BC:F5:0A:89:4F:9C:D2:4E:34:54:09:6C:FD:2E:9C:F6:B2:DE:AA:F2:23:C4:31:E6:AF:EA:62:97:48:6E"}}},"request":{"raw":"GET /static/logo.png HTTP/1.1\r\nHost: ecolife.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ecolife.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.22.1\r\ndate: Sun, 21 Dec 2025 02:53:18 GMT\r\ncontent-type: image/png\r\ncontent-length: 297909\r\nlast-modified: Mon, 06 Jan 2025 06:04:48 GMT\r\netag: \"677b7280-48bb5\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":297909,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 700 x 700, 8-bit/color RGBA, non-interlaced","md5":"c7a91d9dc59b113c2642245abdedadf7","sha1":"b51d48346dbc1eccb64d36370cd02b05e727e7d4","sha256":"32d33d1129179995b3c5f49ff249dd9416e1ae97886d6f900cf057dca8a87f0e","sha512":"e703c71f66d0278f1823422849de51becb73e0f164e854ab8e700fba51b6a0677412b5e0de98e000a823c58522f4c1f86a850866fab127bd06b3c5472e69da92","ssdeep":"6144:GWGqoYQai8xSUzl2NbzMH1P/zIXm/Z2chEfdERQ9MNC:6Lnai8xSURkbIHFcXmbhcERI","tlshash":"b05423fbbfe26047df5143b500e146e0e6e5ad4a0c1c8c69543fe6d8a90bbc2799b8c4","first_seen":"2025-12-21T02:53:44.165622Z","last_seen":"2025-12-21T02:53:44.165622Z","times_seen":1,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-21","alert":"Sinkholed","trigger":"ecolife.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}