{"report_id":"03bbeb7c-3a0b-42a0-bd01-1dc4d301f27d","version":6,"status":"done","tags":[],"date":"2026-01-27T11:48:44Z","url":{"schema":"http","addr":"tok.alianzati.com","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"tok.alianzati.com/","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"title":"TikTok Shop","dom":{"size":77636,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2970)","md5":"ea19fee837ec921b1f7593d72226e25b","sha1":"d0a6fa2383dcbc5bd2fba639cd568e49ec779497","sha256":"3be591481a81c312692e3d1add7362cf0e6dbb6fa5e7a7dcc2b034363ec7c8df","sha512":"a90349672aba57f5b66ee25b2a9dfa09d6da881efa6636f68139c99efc7ad0996ebfb45ed2fafb7fc7190a64b0657065da6a100cdc0f564741b8b00a7450d5c8","ssdeep":"768:C8KsPKsgApMwgnOGkWB/e8X0ogJ785cZ1jFUVnvKsRKn:C8KsPKsT6nntXoScZyKsRKn","tlshash":"ac73f6a066f011b705d385c46e766f0abf95e25bda2a0644b6fc4fd99fc3c92de07028","dom_hash":"domhash5754371e73e9ab04aeb83a55f16bbbb4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tok.alianzati.com","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-03T11:48:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"tkdemo.task678.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-03-25","domain_rank":0,"first_seen":"2025-05-15T12:27:29.029884Z","last_seen":"2025-12-24T07:42:04.720151Z","alert_count":0,"request_count":9,"received_data":0,"sent_data":4704,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tiktok-app.shop","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-01-15","domain_rank":0,"first_seen":"2024-03-12T04:24:25Z","last_seen":"2025-12-15T13:36:39.328981Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tok.alianzati.com","ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2016-12-14","domain_rank":0,"first_seen":"2026-01-27T10:59:18.001722Z","last_seen":"2026-01-27T10:59:18.001722Z","alert_count":264,"request_count":66,"received_data":3354970,"sent_data":34398,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"GSAP","description":"GSAP is an animation library that allows you to create animations with JavaScript.","website":"https://greensock.com/gsap","common_platform_enumeration":"","icon":"TweenMax.png","categories":["JavaScript frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tok.alianzati.com/","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"Function","is_inline":false,"md5":"2512414f817df8312569d55032748f81","sha1":"13467df6e962aa77bb36867ff1412e1ba9f8feb1","sha256":"e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de","sha512":"db6e4298746d519b0987bfa0feb89c39315718e178418e482b1c10c76439eae343afabf2db35ffaaa26c7ee6a3855084d39e9b88d35b11f87c354ceaf38874a0","ssdeep":"","tlshash":"a590029525c25101965295d4455b5c8450658675249569809180956259550205125cbc","size":47,"data":"","first_seen":"2023-04-11T22:25:25Z","last_seen":"2026-06-27T10:36:38.539391Z","times_seen":21882,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/jquery.magnific-popup.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c15be16610f0ec6cc7483b0d84982197","sha1":"07f1aeec984f3af6b7b098d5d0270186d3e95d03","sha256":"5f1b25dc09b49c104b8676e0186d6c24f7a6335d8bd82570f3257349d5b7bbff","sha512":"92d6810fcbd9604b3850be35b80264536b45563e4fdcaaebd5babdb0e51ff02dbe07a3a8a7ee293568e4a966d98e9336846f024d8c33e87c03a7e69d2fd4cfad","ssdeep":"384:MPhVPXQ2G2XAQyqVxRQ5giCCMLtA15h5/F6l8aZwHwztLCpmso:MPBIt8I5h5t1qkOLCMso","tlshash":"bb921994f2b2b21383a735b8686f300939729953ed06c855a55d98d87efcec89027f3d","size":20369,"data":"","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-06-06T01:42:07.020136Z","times_seen":570,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/tweenMax.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"6296e4cbdcf8f726fbbe2f56a246ef33","sha1":"0d477ae74145be06f9681ae626b3816694115bd0","sha256":"b2eb575eacb77fd139ffdf2cb86a12295189043fce93e000210dd88b41afc57a","sha512":"6155b91328bce0520e6edd291fb2339899cd997fe98304439a4860e0e9e427a38bf4bfbbd201620d04421afbd0805d76df7fbaefd547ed2ae498b701075186ce","ssdeep":"1536:8jm/F0VPBJ7jG/D+EH/GPJBpYSiZAr0GOlygZYzw6JcIfGxlLYiGsYVVOiP:8C/Wv51/vme0lybJXkYiGJ","tlshash":"e3b318c5312270128497269a557f0a47333bddbab4098d2cf589c5de3e1ce8921aff7a","size":116050,"data":"","first_seen":"2024-07-04T22:43:54Z","last_seen":"2026-06-06T01:42:06.99466Z","times_seen":569,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/vue.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"8da91780fa9815752579efedb7b6ee03","sha1":"4525cbd167c96324016eaa2584703e2024e85c90","sha256":"3c1d4b0c549e8de9d4a9bafb12ab70b6a1ac747d07293b98c5b25b6632999afd","sha512":"5b1f278866cf3420fcee64ae174b01472b705b6fb6645afb1f054317c92b09bdde82cb42738a107e283efdc7e0d8e1ddf3629c525398c6548302a747a8ae530b","ssdeep":"1536:/xUpXlU1At+HWTcPKoVMurh6AiRuA7O8vGwYjT9cisc/tz0bl1:eXCIgrHL8vGwYN5tz0bL","tlshash":"53b3e8dcb296b47113eb20b1417f150bf33a6915a80ac590f223e4d67db8c8e916be7d","size":107679,"data":"","first_seen":"2023-12-27T12:14:10Z","last_seen":"2026-06-27T10:38:53.733198Z","times_seen":2086,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"9893a7e6b65c4f34317dd6f3ed09204d","sha1":"0cb5eeb76dd2b80d3a2c4eafc03078f279b3679e","sha256":"f37b1ae7d007e88ca77d8631e7b3bd14de0aa50fcfe24e9998f95c866de3119f","sha512":"9e1b80485c7a2ece2808665f7578e6b3bd173b37d135896a8fd33c82ff109eb0f125e47184628412079c5e1106f77e51960bcb49f5bfe763ba6f6cde308e8dfd","ssdeep":"","tlshash":"5fd0a92961f22031a00bb83b060b128c30b0808b0308d9023a2cb5ac8fb4d243afaed8","size":280,"data":"","first_seen":"2024-10-01T02:52:29Z","last_seen":"2026-04-18T12:25:44.124311Z","times_seen":146,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/index.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c3f5e4a790979e1e5668428f1add7f48","sha1":"4d61a511bc42de8153e91c0b9d932c71578e6cf2","sha256":"6a3e0de9e0da157ca839ae1eca4c10bd9a275f0edb7b12ae29ce4df4f6722203","sha512":"fda5185b3881c654ffec009f5d9afbc24c416cee30ff37723ccbd5a5eafd46a6ea7a25ae1a25f580fc0bca4824dc8078eb0c25e97695f61c78f25c25c3c86aae","ssdeep":"","tlshash":"1b41478928a22296678334b58e8f7109753aa47f1589c981fd0cd7905f7533b805bfcf","size":2437,"data":"","first_seen":"2026-01-27T10:59:22.392808Z","last_seen":"2026-04-18T12:25:44.121031Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/jquery.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-06-27T11:35:13.629432Z","times_seen":484916,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/script.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"d761ec041c6f157149dd799cda5dd4f4","sha1":"883627490847fb151f4eb93d7ac66d1a45483dbb","sha256":"f6ffeffd873fcc4a66c6b9d04c934ea99e5469c8fa44902efbf14d3ca8ee189a","sha512":"394fe27cf673fbd58522e5c1cfd41a1db6493ef398fd0c66e43719ba637c4f135bf15a9995f12c4253d0349a19a583448af18ae0c5815b12f04f450272f5a6a6","ssdeep":"1536:r8+0PxYm+YYNXc6cuICGqxEn2kOLfOsQ4Q+Q+QgQBQxQJQKQcQQAQVQXQ6QqQlQa:z0PxJz2ouICr2OLGslr/PIS+xVQzA4T2","tlshash":"6f73fd44f3d17c560babeb6b2b1fa0e6e36b096d39e4480be041fd60655d327e5a42f0","size":75092,"data":"","first_seen":"2024-07-04T22:43:54Z","last_seen":"2026-06-06T01:42:06.991521Z","times_seen":567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-27T11:27:42.202495Z","times_seen":230277,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/swiper-bundle.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9a9f38aa0acaa7ce04312456f7d23c1","sha1":"bf3c40e57dd84da986337920ef4d5bfef476b115","sha256":"1ab59033075783342dbec81fa17026d5591d0ed4645fc6faa048ba6741e6d0be","sha512":"64263fd277eb6d79a7c9c363c1a462be12bb06951a2942c2d10d97aacb50aeb8eabb6a3be10b11deaf4a9aec5eaff62e2b8a3acde5e3aed47219cb1345b1af08","ssdeep":"3072:lJLCyDdkEUYnafpoy9v8cIWyUaV4y+oGeJJ91EfrNK/Yvq:lJLC4dkEUYnafpl9v8cIWybV4y+oGMJh","tlshash":"09e3f8896360b1a552e3268b93a9c651e3b51400b409c4e870bd4c9b6d7ed9813ffffe","size":143790,"data":"","first_seen":"2024-07-04T22:43:54Z","last_seen":"2026-06-06T01:42:06.99418Z","times_seen":560,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/aos.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0041457719a9b541a81669201b820b7","sha1":"10bc52e3895f57acf7e9de24a465a1f3abb6d9fa","sha256":"397c09afcedde7c04a774ce7738d7a1ab0a7cf69814bf1e281226888582a9519","sha512":"0fb1f89ecb8f6f57f2c5abf1a003fa20acc29981ac70be9c96038a7b96e35c2bb0c81b8a777b3e5ddc3ca0d15c5cbce4a985304f4aa260fc35827a01f7eb9024","ssdeep":"192:xOaHX24ysbeCVXVyILkYmTpOIytlomlBpOIVtlomlrjm5bovo5FglaZW0fNacZgn:xVpyRSVLL28HVjkFglMfNaEg+w","tlshash":"87521bdc7186f166479394fb417f610af2f114b4684d8440e139c4e73eb999aca33eae","size":13952,"data":"","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-06-06T01:42:07.011311Z","times_seen":570,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/jquery.nice-select.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"6da8d42255961163046979da18f54b72","sha1":"6262d03800d298badf3d8188df5212f4d3fa0d7d","sha256":"00095a8b4be4fffdfc68d53607b18dfc6ec6fa5248025323f6667c53d192d6f0","sha512":"2420ed235cffe8ae2bb2a9a20731b6d98ca2615c69fb1ca6f253d7aee037963d34589335cc4ab9f4fa24b572416b2c0020b8d5064e027f0a0dc74f8307021c11","ssdeep":"96:E0QuNla97TLpeVP4+m+nVROLmKOeT4hKeDOm9oOn9Qwbvyn:EtWlaJTLoyoVROLmKOeT4hKeDOm9oOnk","tlshash":"30910f0762d011b256ff30a32c137146b233a82be95999067d5d42f00f9ed35a6f6ece","size":4539,"data":"","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-04-28T13:39:27.666595Z","times_seen":373,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-27T11:28:19.257743Z","times_seen":705480,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/bootstrap.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5dd8c20243d232a12ba5d3371e406bae","sha1":"741b98fb8faf65719edab5c712b7ea4df7b2faba","sha256":"2549ead0944c11eb5de73825c107487f2032dd0042b2c762a1cc6f430f6ed609","sha512":"fe5c02aac808865b4f19bd5f25e2a97912b1a39f4bbda571a0d6a1d46b38f84b1590812d539ba302c6110422112064cc78192b077297f5fe11a6559b3728b6ad","ssdeep":"1536:T4srTGR2t4tlKitxuIZL0cW0hIptaxuNHPwrS1bwbUKzXoP:gZuaxuPwrSBcUjP","tlshash":"9673c6493254b4730ade45b68037420bf2265d98b24b802cb5bcadde2a7dd867277f7c","size":79943,"data":"","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-06-06T01:42:07.033283Z","times_seen":570,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/jquery.counterup.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac8c7cd057d291dc5f8992182887e554","sha1":"a2f19870b9bfc913dd3f877b1801f9c6c3c3aa8e","sha256":"d787c8b33d180fa608d2cc2224a6fa91bb4a178c1d47a0cb33a8408c808510df","sha512":"2c4b5c030a1b0adad839c6d4413675ec3d967c584956c601e65dde9ed1fe6f54bdb29fca1d443f7d8f8c37bc4cba75c079a8c13ea617fe6283029a792d764ba8","ssdeep":"384:aFLREJJnYobgdi0y8jC9griW0sOv5KvJwQ7uMcteySiQ39qFJ7ztgysyF2o:avuYoEYYjwFNzAyF2o","tlshash":"8ca2dd482eeb20126f4b60b9fd1f61456276812b54895c677cdc93c80fe21391ebaff9","size":21448,"data":"","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-06-06T01:42:07.025184Z","times_seen":571,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/lazysizes.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"1676485dd72c3bcd843fe5edac986faa","sha1":"9cb71a19d578da4b9ae6fd477b2e28b47160d1c9","sha256":"0bb1ea7499d5431a76a643de7c6f1be2379cc39ad3d84e5d1ba228f77b5ac2c3","sha512":"48d8f9e1b6670efae9ee5a82fb5e4765a9b27ba6d9be043d627347ef79f91728002e88aa06c2f47f1f7fe5a781d78b89d00b22f4e9963d988ff915f9aa5b9ca3","ssdeep":"192:aIJHXkovHIdcC9vaE6cyxqI1qwLcIRAKEFkNB+xb+25CqqBFPvAxOm:a2kNdcC9J6co91qwLcI6KgkixbdjqBFG","tlshash":"29f1a4df755530b3aaeb74a5456f210e673274339d46e451e2bad080093c94aa327f2d","size":8042,"data":"","first_seen":"2024-07-04T22:43:54Z","last_seen":"2026-06-06T01:42:07.020973Z","times_seen":570,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/tilt.jquery.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7c41f525cd406ce3261ed432d417f6b","sha1":"038a72b0440d0eebd6332f32375438889d0cec17","sha256":"8c343b24bfa1ada9122d5f5b38bfaa6fbcbf8f075dd751ff9d72c98278b46d9e","sha512":"2605a3f031ff3d13aba46dc57966dd43b773f91654e5efed6702c2fc2d22be028ed9a1613edae1db28477bb604da6c4df5436666b21296eda01ded972eb779eb","ssdeep":"96:H9HqJXyrg9U0S2VcjOB/MjvENOtnUz3FbyTXTyVyURCD3jgupRe:dH8yrbTIMjLtnUziXkRCY7","tlshash":"dac140847111711e59cbe324d18b0e06a23ae0155c22a87d75fdc9edadbaccd127bfb8","size":5641,"data":"","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-04-28T13:39:27.6774Z","times_seen":576,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/avatar-4.jpg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/avatar-4.jpg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Jun 2024 00:11:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c99-66fc\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26364,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3","md5":"32f4ef445a831afc54c921957df06ee5","sha1":"fcc35102be6b310cab662fec2cd4762cbcf4d946","sha256":"7ea461e2b4b049841a3646a2b011a7701b1360b441c4a9834b427c718fbd691a","sha512":"af27d1203b0a97e58fdbc731d98526c2bfb9905a6360227ed4d5c60507b16a56526572cc4e894694c4328ca9b1e4b013bb5b8da1c9400609f03844d4bf1fe67f","ssdeep":"384:REsX7ywFNZkqdruHxz5iFWYWRuknTzSgw8MKOag7GY3CHVX0fykJkyFYKLkVAPmU:G+maZGFiQ3hVMYQby1XfkJhkeP5t","tlshash":"83c2e241c49c8d35f58c17bac49c7ba11bce6b2df636499364819d120fe99812ff8784","first_seen":"2024-07-04T22:43:56Z","last_seen":"2026-06-11T01:56:38.396503Z","times_seen":844,"resource_available":false,"data":null}},"time_used":1077,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1077,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/Italian.svg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/Italian.svg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 289\r\nlast-modified: Wed, 26 Jun 2024 00:11:03 GMT\r\netag: \"667b5c97-121\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":289,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1d72a5dec3acd073763570e3e5fdf784","sha1":"25ecff80eb26ef79709ab7278eb3991ac8cc2734","sha256":"9fa88118818d9b64838f578e2babcca3d0630aed21b5c33b34aff7ac5ce506bc","sha512":"dee0b0cae09b07705091cd7371f40650d09fb1fbd736e60fa2716679a660b515a0c74bdfcdb5a9d32a178870a14697010b018c417ce30402f5ffa42c8b8384a2","ssdeep":"","tlshash":"33d02bf487bda414060843344b3c35d259b660ca614420caf4d018a0250d1a75cc39e9","first_seen":"2023-05-05T00:41:36Z","last_seen":"2026-06-27T03:40:35.059706Z","times_seen":2698,"resource_available":false,"data":null}},"time_used":1954,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1073,"receive":881,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/index.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/index.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 25 Jan 2026 12:38:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69760eb5-985\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2437,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"d9a5f18a750374287cb4d33f5f8e6ad9","sha1":"fb80da203dc8a9799593de2ee183fb1d1ee44078","sha256":"f5f5f91397fa0c709c4486c8892c45143b0d0e8f2828c65f26c42dbffc09484a","sha512":"d5c1d3f8cbdafd3f7ef177f6df15bf4dfca7ca57bd5cf95c621f827a694af4d5d4adce73b17c01252a6d8fbac23c003f36cd086d77a026d6abde99799e8c58be","ssdeep":"","tlshash":"0b51388968a22296678334b58e8fb109753aa47f1589c581fe0cc7905f7533b805bfcf","first_seen":"2026-01-27T10:59:22.343372Z","last_seen":"2026-04-18T12:25:44.105731Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1054,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1054,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/3.mp4","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/3.mp4 HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 276252\r\nlast-modified: Fri, 11 Oct 2024 12:31:41 GMT\r\netag: \"67091aad-4371c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-276251/276252\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":276252,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"4cdff2f18617a14345d4d9f4f078fa39","sha1":"add7fa5ce4a8d5dacbb5e169b4f79331ab12edd1","sha256":"333b209ea20ec8a006d254af9d19fef811278350589eeb1595b68548dd47b037","sha512":"44d84f3430f01d97fdf1e1103170b9a769cf652f18ab4ec37f85b735dcdc623b2de534f42d9b3d443a55c71ca8f9124fea0591d9e001a9e5dd1617bf38a40b53","ssdeep":"3072:VqwpDxwu60cr8+gUboXZexwcSkcrpxyTYmHvRvkjXPG0XRThGj7ApxUHVxrEzGon:ppiF0cI+h6NkMTyTYgkjrnGHbEz56zA","tlshash":"5d44122eead36594ff39bfb391d61cb3a12a8945a4941bd37ccc79448fda0240840fa6","first_seen":"2024-07-04T22:43:55Z","last_seen":"2026-06-11T01:56:38.379768Z","times_seen":781,"resource_available":false,"data":null}},"time_used":2206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":992,"receive":1214,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/poster.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/poster.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:25 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-27T11:33:37.522562Z","times_seen":531748,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":502,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/font/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/font/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/static/css/css2.css\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:25 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 46704\r\nlast-modified: Wed, 26 Jun 2024 00:11:18 GMT\r\netag: \"667b5ca6-b670\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46704,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 46704, version 1.0","md5":"30a274cd01b6eeb0b082c918b0697f1e","sha1":"393311bde26b99a4ad935fa55bad1dce7994388b","sha256":"88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42","sha512":"c02c5894dfb5fbf47db7e9eda5e0843c02e667b32e6c6844262dd5ded92dd95cc72830a336450781167bd21fbfad35d8e74943c2817baac1e4ca34eaad317777","ssdeep":"768:f3Ybit5PQRS0FhgC1g10ijolF5rm2GsRnENYMSGAxgvZdH3VayjX2p2iKEmcLf:fIbi7eHBmt0F5rm2GsRENqGAx0Zdlt2r","tlshash":"1223f100917181a2eea73b3e82c96adb00ed51db6dc0e564a22f16f99d1f23f4385d5b","first_seen":"2023-09-15T13:47:10Z","last_seen":"2026-06-27T08:32:45.533146Z","times_seen":20123,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":495,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkdemo.task678.com/webfonts/fa-light-300.woff2","fqdn":"tkdemo.task678.com","domain":"task678.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.678Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /webfonts/fa-light-300.woff2 HTTP/1.1\r\nHost: tkdemo.task678.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tok.alianzati.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tiktok-app.shop/assets/images/favicon.ico","fqdn":"tiktok-app.shop","domain":"tiktok-app.shop","tld":"shop"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:26.181Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /assets/images/favicon.ico HTTP/1.1\r\nHost: tiktok-app.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":0,"dns":167,"connect":101,"send":0,"wait":0,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/German.svg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/German.svg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 221\r\nlast-modified: Wed, 26 Jun 2024 00:10:54 GMT\r\netag: \"667b5c8e-dd\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":221,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e88d88604d655d0bd7059cf1fbd59ec2","sha1":"f46bdcf00fbd79c764b116ef8250e678e4b71c8b","sha256":"efd480af5a154a7651f29da23ee0d09dbc892410fb4041898ddf8face336c575","sha512":"b4cd0ac36c019b56dfa1cecdd694a12401639ed47eedb5981ba4df1bccbfbd84f86febf330c96a3e7d4a7cadc1b5c92d91c314622dc764cf8c546802f8b1f836","ssdeep":"","tlshash":"3ed012a9d22e7a05da44cb301e7c75d7d1dab0ca618811dfe8701dad206e4a7dccfea4","first_seen":"2024-02-03T16:27:29Z","last_seen":"2026-06-27T09:20:24.577016Z","times_seen":2093,"resource_available":false,"data":null}},"time_used":1955,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1074,"receive":881,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/Korean.svg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/Korean.svg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Jun 2024 00:11:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c95-425\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1061,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2a183310b78d3d4fe57f88abcc491fcd","sha1":"a134d8392d41c775ee42fe2a0dba2cd5c043117b","sha256":"7a6cd5b51d0e2841ed8b79b1147ad8a66cf3c09f6344d4a63b5e4413ffa5d15b","sha512":"a8cc5d87f2c1b2ad3b68a81caa47e09621433ecb20e264c8584e5067c09f0d8ba11b1d290007d59ba308deb81c73c8bc19f76bb2063698ac2b03044156fe6bd7","ssdeep":"","tlshash":"9f11ceb020fd942c8b7dc302ebed64c89b1f70e7174206c6755c29b46f204979ac35ca","first_seen":"2024-05-09T16:52:27Z","last_seen":"2026-06-26T23:14:31.651511Z","times_seen":1008,"resource_available":false,"data":null}},"time_used":1070,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1070,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/jquery.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/jquery.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-15d9d\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-06-27T11:35:13.629432Z","times_seen":484916,"resource_available":true,"data":null}},"time_used":1052,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1052,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/jquery.magnific-popup.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/jquery.magnific-popup.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-4f91\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20369,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20087)","md5":"c15be16610f0ec6cc7483b0d84982197","sha1":"07f1aeec984f3af6b7b098d5d0270186d3e95d03","sha256":"5f1b25dc09b49c104b8676e0186d6c24f7a6335d8bd82570f3257349d5b7bbff","sha512":"92d6810fcbd9604b3850be35b80264536b45563e4fdcaaebd5babdb0e51ff02dbe07a3a8a7ee293568e4a966d98e9336846f024d8c33e87c03a7e69d2fd4cfad","ssdeep":"384:MPhVPXQ2G2XAQyqVxRQ5giCCMLtA15h5/F6l8aZwHwztLCpmso:MPBIt8I5h5t1qkOLCMso","tlshash":"bb921994f2b2b21383a735b8686f300939729953ed06c855a55d98d87efcec89027f3d","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-06-06T01:42:07.020136Z","times_seen":570,"resource_available":true,"data":null}},"time_used":1048,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1048,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/tilt.jquery.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/tilt.jquery.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-1609\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5641,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5640)","md5":"a7c41f525cd406ce3261ed432d417f6b","sha1":"038a72b0440d0eebd6332f32375438889d0cec17","sha256":"8c343b24bfa1ada9122d5f5b38bfaa6fbcbf8f075dd751ff9d72c98278b46d9e","sha512":"2605a3f031ff3d13aba46dc57966dd43b773f91654e5efed6702c2fc2d22be028ed9a1613edae1db28477bb604da6c4df5436666b21296eda01ded972eb779eb","ssdeep":"96:H9HqJXyrg9U0S2VcjOB/MjvENOtnUz3FbyTXTyVyURCD3jgupRe:dH8yrbTIMjLtnUziXkRCY7","tlshash":"dac140847111711e59cbe324d18b0e06a23ae0155c22a87d75fdc9edadbaccd127bfb8","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-04-28T13:39:27.6774Z","times_seen":576,"resource_available":true,"data":null}},"time_used":1045,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1045,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkdemo.task678.com/webfonts/fa-light-300.woff","fqdn":"tkdemo.task678.com","domain":"task678.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.848Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /webfonts/fa-light-300.woff HTTP/1.1\r\nHost: tkdemo.task678.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tok.alianzati.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-27T11:48:22.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:22 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 26 Mar 2025 09:16:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67e3c5f1-12df4\"\r\nset-cookie: server_name_session=a9e3980e460205d3f16074c24c91ce45; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Magnific Popup","description":"Magnific Popup is a responsive lightbox \u0026 dialog script with focus on performance and providing best experience for user with any device.","website":"https://dimsemenov.com/plugins/magnific-popup/","common_platform_enumeration":"","icon":"Magnific Popup.png","categories":["JavaScript libraries"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GSAP","description":"GSAP is an animation library that allows you to create animations with JavaScript.","website":"https://greensock.com/gsap","common_platform_enumeration":"","icon":"TweenMax.png","categories":["JavaScript frameworks"]}],"data":{"size":77300,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2970)","md5":"44e25397efbfe4db69964a94d5931f10","sha1":"970b7eb2c29dd321e9a8878f5e3e9ca0cef4da55","sha256":"5e2e544184f25c57a98cfd5c099c8ac73989c182d1d999aa6e53bfd3c594418b","sha512":"8b78def64df29e741a8f1587be463ebba8bf80f173a196318e702ae1f40955bcef92403562accdb6fbad4fc2a66c315f48774ba01955cb5a08f2fb95ebb8c7c5","ssdeep":"768:I8KsPKsgApMwgnOGkWB/e8X0ogJ785cp1jFUVnvKsRKL:I8KsPKsT6nntXoScpyKsRKL","tlshash":"e873f6a066f011b705d385c46e766f0aaf95e25bda2a0644b7fc4fd99fc3c92de07024","first_seen":"2025-06-11T11:51:02.660906Z","last_seen":"2026-04-18T12:25:44.088512Z","times_seen":24,"resource_available":false,"data":null}},"time_used":2072,"timings":{"blocked":717,"dns":79,"connect":315,"send":0,"wait":637,"receive":0,"ssl":321},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/avatar-1.jpg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/avatar-1.jpg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Jun 2024 00:11:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c99-5885\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22661,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3","md5":"df4ec799e50e4b0820999974126de66b","sha1":"e6884723d8b81115e443e471552953f393a6f71e","sha256":"372396d2ef1552755bec3be34d363ad967c0e807d6332daeb658d1d1a0080060","sha512":"c220c2bdd045afe4b25be91a8a2d28350577dceb9e4273fe6e26e74c1047333aed8ebd07e8da83d3d6999842366ceaf3a0a8bc495b9aadd885251ceea1cfc26c","ssdeep":"384:Rwa7TZDGf1wum0wUuhMlBz2NqSSHyrE0kqO/fO3S97ikTV2Uhjlro2t/gR5QxjUo:Ca7BSs0xziNSHyTw/B95T1do2toCjUo","tlshash":"dfa2e04f476ec34916366e79e4586ac99d33c403c8309b8393a1f9e8a41c7f21ca4776","first_seen":"2024-07-04T22:43:56Z","last_seen":"2026-06-11T01:56:38.385056Z","times_seen":845,"resource_available":false,"data":null}},"time_used":1046,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1046,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/2.mp4","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/2.mp4 HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 271153\r\nlast-modified: Fri, 11 Oct 2024 12:31:40 GMT\r\netag: \"67091aac-42331\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-271152/271153\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":271153,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"d706668c1cdda2721558bc93dfd76f0a","sha1":"12b4c9d53b507c267b602be100118530a7d93d39","sha256":"f5bebc82c7056235b74e39370499fdd7075c904318bf03923c0122c37eb1d8f4","sha512":"fcff8f8877d386bc3221f90f9440c67f6fd1a2f39a5ef9879346206e785e83aead2cf4e060fc8d0f18161bc743b57c787e1146f11ee8bf89cec5c930750bc6bb","ssdeep":"3072:fAqSWEmuI78aW8QPyIb/Kdn6kPaBN/ol3VLKJxayyEgqQVo/EuqFGi7ozjIjsbLq:LEPI78amkPafRxaHHqQVIeGyoXya/eOS","tlshash":"0644235360e0c84bed347af9d6c6a9dbd7526b0592f30bc774dc008d5b2e3aa6f25442","first_seen":"2024-07-04T22:43:55Z","last_seen":"2026-06-06T01:42:06.986444Z","times_seen":781,"resource_available":false,"data":null}},"time_used":2202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":993,"receive":1209,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkdemo.task678.com/webfonts/fa-regular-400.woff","fqdn":"tkdemo.task678.com","domain":"task678.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.845Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /webfonts/fa-regular-400.woff HTTP/1.1\r\nHost: tkdemo.task678.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tok.alianzati.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkdemo.task678.com/webfonts/fa-solid-900.woff","fqdn":"tkdemo.task678.com","domain":"task678.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.846Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /webfonts/fa-solid-900.woff HTTP/1.1\r\nHost: tkdemo.task678.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tok.alianzati.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkdemo.task678.com/webfonts/fa-solid-900.ttf","fqdn":"tkdemo.task678.com","domain":"task678.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.861Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /webfonts/fa-solid-900.ttf HTTP/1.1\r\nHost: tkdemo.task678.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://tok.alianzati.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkdemo.task678.com/webfonts/fa-light-300.ttf","fqdn":"tkdemo.task678.com","domain":"task678.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.861Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /webfonts/fa-light-300.ttf HTTP/1.1\r\nHost: tkdemo.task678.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://tok.alianzati.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/magnific-popup.min.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/magnific-popup.min.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-15a3\"\r\nexpires: Tue, 27 Jan 2026 23:48:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5539,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (5399), with no line terminators","md5":"900ebe8357742625554115838d986a54","sha1":"75bb5ee58e87fb83a07617293d9a23479fce3683","sha256":"055cea1a3fa7881c67f31315783333cb3b83f4062e76dd8a58f74d19a0371308","sha512":"b058a5323062564425d6d9c109ae91f0afa33a4fbbbf929896964edb5f19679fded0dee86d43da81c1f4c87e0a175a2062af1266046e7a3c259f0da3fdc282e3","ssdeep":"96:rAwc2SCO7EWPWNM0aDQX8EiUkhudlsbFDm5Mk9rCWhXAc:Mw0CO7EWPWNDaDQMEiUdiqMk9GWhQc","tlshash":"87b173f3a951217ac633c916d1c3af9d3227a227f2a346dfdf82a418c6ce4cc1625748","first_seen":"2024-07-04T22:43:55Z","last_seen":"2026-06-06T01:42:06.989326Z","times_seen":559,"resource_available":false,"data":null}},"time_used":717,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":717,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/aos.min.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/aos.min.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-718b\"\r\nexpires: Tue, 27 Jan 2026 23:48:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29067,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (28857), with no line terminators","md5":"7543b5a52a6811252d6ad245b38ab641","sha1":"4e18b858c909dc9f0ea4ddfc3313f9314c87b7cf","sha256":"aa0c1409d6bdd4b59a5cbb9f76208d357153501e494baf39bf0df0a5f8f04f26","sha512":"5ea79bb07ae3bfc4066bfdb47d1ee09922b0c9262dc2ebd6eba2f91631903f0ac3c8a9855887e7844ea431065a0fd04666b8e8f1a072e51093a3823e375e3e24","ssdeep":"768:MXdJLhzC9ZnOrdFGJtrSb59qVZx1GrdF2JlbiLRdtlVt4lxhKdvJg11NeNP9QNB5:UdJLhzC9ZnOrdFGJtrSb59qVZvGrdF25","tlshash":"e8d2c29a794cd100bf431b4762df2a1859347588e530098abe3f35ca1cd2de6b973fa9","first_seen":"2025-04-07T11:27:31.639532Z","last_seen":"2026-06-06T01:42:07.000515Z","times_seen":535,"resource_available":false,"data":null}},"time_used":772,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":772,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/zone.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/zone.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-10f6\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4342,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"ada6b6d57326fd9e3107d6e160d7172a","sha1":"02832df9e049cddba1bebf7ee7c699609a63b83b","sha256":"b7b9d762decb9b8b00ab27fdac90ce239c1f02dbf897fc5545b15024ec1ca1bd","sha512":"4403ac28d06e881e60b81d9ec0c9f14eedbf13df2965a5e68351a3c55a4769d6141907805ab959fd16d0f5155c9aec9b41fc73cfc09a87c552a2310bbe5ab36f","ssdeep":"48:q+gmiWGMNzY2kMe9gI891KOiXfd1/DjytcQ/4ydLjsMvWm5r1zu4yZ:q+vt/kMe9gI8HKFXfd9Dj7qjsfgz96","tlshash":"4a91ee4d9264011be9b3f7a83c5bbb44f61211bf1452680e3e7c56847ff272922a0eb4","first_seen":"2024-09-29T13:57:10Z","last_seen":"2026-06-06T01:42:06.992598Z","times_seen":293,"resource_available":true,"data":null}},"time_used":1038,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1038,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/tiktok.mp4","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:26.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/tiktok.mp4 HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=32768-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:26 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 8991306\r\nlast-modified: Fri, 11 Oct 2024 12:32:42 GMT\r\netag: \"67091aea-89b24a\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 32768-9024073/9024074\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49134,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"bf7d6f289ef115869f65475b870ecb9b","sha1":"1c2325d810fd1d946bd8ce40b70642c70cb0de52","sha256":"9e89f60f70a838ef9cbed7df093dd4ae197790320900a8b721b5057c36921f82","sha512":"2eb888eabbd57cbaa0c0ef96d5c9751eec5cce3dd6d2421d3ea30f7eb39b81216a9b24544c177af7c80fb4e27d9ffaefb4dae6fdd41af376a7cddb369a5ea891","ssdeep":"768:K4tv5tTUmAnYnjYTbksYsxKr+A//0YyWdgCmoTQb7W6PonO/jZkQ3T1jLinvVSE:NRtI5YjpPswyY9SnoTQb7zPonO/jZkQY","tlshash":"2f23f1fa5f900d2915e361f8e6431d1da2a66157772932b28c36cece8255dc4fb822cf","first_seen":"2025-05-01T12:51:59.485565Z","last_seen":"2026-04-18T12:25:44.09986Z","times_seen":8,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":317,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/swiper-bundle.min.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/swiper-bundle.min.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-407b\"\r\nexpires: Tue, 27 Jan 2026 23:48:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16507,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (16297), with no line terminators","md5":"4d7a540ccde5035c2f1ffcd4e647c573","sha1":"d6d3fcf1a33b79646625252139bd712fbd81238e","sha256":"3cabfa9e15865c1831727e35e571f59a91deda8e48efc246d3e46634fdb93359","sha512":"0be72c082cf5eda2621c97674a5e865822eab2bf7c5beb56ba87c486baf86d6597246d525c65c6dc62b3651781ed2a114ee036469099345b5cddb0f40cdfe167","ssdeep":"192:MjmUJbTKneTT4bHZ+SKlnxup/a2APfHff71eesedOJ9AZPz+c3At2/ZTc:MCUoeTMbHZ+Tnh2APfHfA4X44Tc","tlshash":"4d72346853401c2753274f364b71cbb9ddb444c24b93896e92c0ae44d7b6cbd236f6e9","first_seen":"2025-04-07T11:27:31.602344Z","last_seen":"2026-06-06T01:42:07.009957Z","times_seen":529,"resource_available":false,"data":null}},"time_used":736,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":736,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/play-store.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/play-store.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:11:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c99-15cc\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5580,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 155 x 52, 8-bit/color RGBA, non-interlaced","md5":"d559c38c7c7d418b00f3303188994a01","sha1":"fcfba9069094dfa1620643c3c7b76f7ce0b0db7c","sha256":"9036417b0f3d82337b5196a991cc8139bac6865f5aa3c0018f7105dd0e7aad87","sha512":"68adb632738bec373e537a7d6311aeeac264b09c4354fc821719fb173178fb142c25281e3d15bf72f6e3f5be070edf2fac2d18658497f197bf5178d93eb3bb92","ssdeep":"96:FSSxkoRNvpxHUJrd5kmgMbqgD/4+H54Gs56/+Ba1e7W+VmjW7Pt0a+:FSSO+1pxHUJr8ClDaVIWz6wF6a+","tlshash":"70b17c020b4a74124f5de87629090f528c721988c9ed0b78ac13b86bfada2bfd740a41","first_seen":"2024-07-04T22:43:56Z","last_seen":"2026-06-25T02:06:47.621749Z","times_seen":820,"resource_available":false,"data":null}},"time_used":1008,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1008,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/lazysizes.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/lazysizes.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-1f6a\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8042,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7862)","md5":"1676485dd72c3bcd843fe5edac986faa","sha1":"9cb71a19d578da4b9ae6fd477b2e28b47160d1c9","sha256":"0bb1ea7499d5431a76a643de7c6f1be2379cc39ad3d84e5d1ba228f77b5ac2c3","sha512":"48d8f9e1b6670efae9ee5a82fb5e4765a9b27ba6d9be043d627347ef79f91728002e88aa06c2f47f1f7fe5a781d78b89d00b22f4e9963d988ff915f9aa5b9ca3","ssdeep":"192:aIJHXkovHIdcC9vaE6cyxqI1qwLcIRAKEFkNB+xb+25CqqBFPvAxOm:a2kNdcC9J6co91qwLcI6KgkixbdjqBFG","tlshash":"29f1a4df755530b3aaeb74a5456f210e673274339d46e451e2bad080093c94aa327f2d","first_seen":"2024-07-04T22:43:54Z","last_seen":"2026-06-06T01:42:07.020973Z","times_seen":570,"resource_available":true,"data":null}},"time_used":1047,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1047,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/css2.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:24.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/css2.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/static/css/style.css\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-27f4\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10228,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ddf9dc3bcfebe7bdbe80c8a95f8e7dd2","sha1":"c20e01f4b2067d62cfa5d7fa9e78e78944f31ec1","sha256":"945496435d89ebed7e0bb6540ca2cf55b757f8d197c25d43b15ec9e36b92c71c","sha512":"a06fb1172d33a1a5dc051af8ca6a5f830c5c722c3a9f97bf56784884813ccb7fbed81ac0981ad46e651a0d8a1542ea89e39fdcc64251acd985b886a52af89765","ssdeep":"192:9CvNC9CsCJ34CtCmDCDCvOC+CzCJ3/CuCm8CR1RF1x1HS1R1Rm1C1HB141Rj1f1u:YvIYh5lofGvzDW56TUHRLnKHRe63QRxw","tlshash":"0b228980042b6100eb872cd2a3cf7e369e9d61557049c67a5ffd08959cefd362365b4d","first_seen":"2025-05-15T12:27:33.367641Z","last_seen":"2026-04-18T12:25:44.067201Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1020,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1020,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/English.svg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/English.svg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 504\r\nlast-modified: Wed, 26 Jun 2024 00:10:55 GMT\r\netag: \"667b5c8f-1f8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":504,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6dcadf6916764560c2f1fec586e2c1de","sha1":"161ee20a0a75bb06d4f2ca9acdbb137d9a963cec","sha256":"c8be1e7208798a4ae692ee1e937065d498bb29e741943f6172b29118b8ed8066","sha512":"b925b9042182dc31f953ebfe2bbe666822bb9a56411fc1045d46b5b20e68effe25bd6ce65cad1bcee3ef9008768bdb8221f66573d8daa27c60a8d004acada0a1","ssdeep":"","tlshash":"a0f09ec8d32d7045c70793104cbcf8e3d4d962ce559400dab4d09ae4216e7a7d8d7d91","first_seen":"2023-12-20T14:16:02Z","last_seen":"2026-06-27T08:10:22.714469Z","times_seen":3681,"resource_available":false,"data":null}},"time_used":970,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":970,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/twitter1.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/twitter1.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:10:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c8e-1a06\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6662,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced","md5":"09ecbe4ad4bcd9c5d13294e000cf64d0","sha1":"8dafd3a21f66680e80749ec068ddf818c3311136","sha256":"2dadfb225ada833c49b11a1795d6464c231a63e7e9e076e61d179595e57f7373","sha512":"1ba59090fa3ab88e47dcb421755793f7e8d0ec531cfea8b3b7c1a03b36166e0b130d66b5a1dc3a6eb726f40af08cf80895b9a434ec7eb15e56a051277020dbe5","ssdeep":"192:t9hELGtmZKR2kC+UoOebUoCP1aX1QNmhF6:twLW13aP2smhY","tlshash":"9fd18e8ccaa19c41148cd6c100eab7751737906396855eb294dff9733ee47cac7ad887","first_seen":"2024-09-27T14:52:15Z","last_seen":"2026-06-11T01:56:38.365584Z","times_seen":401,"resource_available":false,"data":null}},"time_used":1059,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1059,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/YT1.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/YT1.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:10:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c8e-1854\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced","md5":"5ebcbd1e8faddbe53f6b89d48b826d7f","sha1":"6dd8df0a04d9f6c4976506dc876815da7c53524a","sha256":"1f871cb7c62bf7c23eb1231128bf3c2810b1b8cad4a63547453956a07397cb24","sha512":"71206af22c3d4b6b06416e6edc4f7f33e22d5b5b7b81cc4c80fd3c3e58126a2a07d09e29682d761e9b8b9fa616cda735f5cf862f598b8e773640f20ce13f6ac2","ssdeep":"96:v18zL0Tc3vZ4fTVm9Vk8uJh9BbxUJTO45EiAqtaSPV5fqZU4gvDgewbL7glS:tmLAc3vCfAHy9beC4paSbqZUJb5w00","tlshash":"fdd18e87c941dac2f5282ae724ff51af3989670899c4d4319a8fda4548a4535823a3e9","first_seen":"2024-09-27T14:52:15Z","last_seen":"2026-06-11T01:56:38.369666Z","times_seen":401,"resource_available":false,"data":null}},"time_used":1058,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1058,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/bootstrap.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/bootstrap.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-13847\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79943,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65223)","md5":"5dd8c20243d232a12ba5d3371e406bae","sha1":"741b98fb8faf65719edab5c712b7ea4df7b2faba","sha256":"2549ead0944c11eb5de73825c107487f2032dd0042b2c762a1cc6f430f6ed609","sha512":"fe5c02aac808865b4f19bd5f25e2a97912b1a39f4bbda571a0d6a1d46b38f84b1590812d539ba302c6110422112064cc78192b077297f5fe11a6559b3728b6ad","ssdeep":"1536:T4srTGR2t4tlKitxuIZL0cW0hIptaxuNHPwrS1bwbUKzXoP:gZuaxuPwrSBcUjP","tlshash":"9673c6493254b4730ade45b68037420bf2265d98b24b802cb5bcadde2a7dd867277f7c","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-06-06T01:42:07.033283Z","times_seen":570,"resource_available":true,"data":null}},"time_used":1051,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1051,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/font/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/font/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2 HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/static/css/css2.css\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:25 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 27444\r\nlast-modified: Wed, 26 Jun 2024 00:11:19 GMT\r\netag: \"667b5ca7-6b34\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27444,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 27444, version 1.0","md5":"13d1b429e99059f97e58fa10dd69f8b5","sha1":"174c7f299158103127d50de82f1086c3b66e8258","sha256":"1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40","sha512":"30dbd99f1abe8d2a9ddf73a93ed199ffb2b55903b5bc2618935a64ad54706f054fc9b46a80ccd1cab4eff3f5a607b5b599f5e02a2e89c990e10b210e4f16ed9d","ssdeep":"768:fsJMrdHxJnTKDF7e7XvmgzC2PXZDQP8NNZN/FX9559j:aMxR5eeLvm+CypDvjZNdX955R","tlshash":"c1c2f10085de9ac1e7e0f9350847d4c56cef9225784513ec8edc8d463dddaa20adea9a","first_seen":"2023-06-23T06:16:18Z","last_seen":"2026-06-27T11:31:10.56074Z","times_seen":8646,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":489,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkdemo.task678.com/webfonts/fa-regular-400.woff2","fqdn":"tkdemo.task678.com","domain":"task678.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.666Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /webfonts/fa-regular-400.woff2 HTTP/1.1\r\nHost: tkdemo.task678.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tok.alianzati.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/app-store.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/app-store.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:11:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c99-22ed\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8941,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 174 x 58, 8-bit/color RGBA, non-interlaced","md5":"2307149fd16a93b368b9759daffc99c1","sha1":"572db71ea067e6ebe3502f3d95efc2cd5c4975f2","sha256":"2b970e31593d110544492f4ef959630d2aaae837484dcd60e9c61deeafac1ea3","sha512":"bc23ecfe83ac1a354f4a23e5aa362f84f3d4256f8c8e9d55b57e8d051feda3783d9783cc91170ceb0a750f59cefdab6327bf37efac6d926432de3d8d97655e9e","ssdeep":"192:MSi/+5MYG8zfZF6Hi3+JzEHB0vgpI5BLYDZzKPkcuZI:LW+mv8VUhtO0FT6ZzKPkcuZI","tlshash":"b202bfea9c69ced4fff8ee113013468c3bb46d56a08613b918d80c9371c34cddac6a91","first_seen":"2024-07-04T22:43:56Z","last_seen":"2026-06-25T02:06:47.620723Z","times_seen":830,"resource_available":false,"data":null}},"time_used":996,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":996,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/Chinese.svg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/Chinese.svg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Jun 2024 00:10:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c8c-44d\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1101,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d90d31299c7d1dca4f9b5ddaaced3e88","sha1":"8088e2561327e7e3c48750661abbfbcc9528d2cd","sha256":"096498d60841f404bf034d6c2a4c03b61eebfc87068c63b4388c77f65a001ba1","sha512":"4899ea1fefd5337494daa15be6afefa18a3f50ce2553d5f7d1a14fda6c589a002533f1edfe32a7bf3a58fbe7e8dc27933256595aed6db6054a69269e72770d76","ssdeep":"","tlshash":"0f11d3e4c7e8f672f49b87db9224d6447117e5f9f1b3988cc348d8740781a94bd0c95a","first_seen":"2024-10-04T10:37:42.687637Z","last_seen":"2026-06-06T01:42:07.007963Z","times_seen":390,"resource_available":false,"data":null}},"time_used":1076,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1076,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/script.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/script.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-12554\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75092,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d761ec041c6f157149dd799cda5dd4f4","sha1":"883627490847fb151f4eb93d7ac66d1a45483dbb","sha256":"f6ffeffd873fcc4a66c6b9d04c934ea99e5469c8fa44902efbf14d3ca8ee189a","sha512":"394fe27cf673fbd58522e5c1cfd41a1db6493ef398fd0c66e43719ba637c4f135bf15a9995f12c4253d0349a19a583448af18ae0c5815b12f04f450272f5a6a6","ssdeep":"1536:r8+0PxYm+YYNXc6cuICGqxEn2kOLfOsQ4Q+Q+QgQBQxQJQKQcQQAQVQXQ6QqQlQa:z0PxJz2ouICr2OLGslr/PIS+xVQzA4T2","tlshash":"6f73fd44f3d17c560babeb6b2b1fa0e6e36b096d39e4480be041fd60655d327e5a42f0","first_seen":"2024-07-04T22:43:54Z","last_seen":"2026-06-06T01:42:06.991521Z","times_seen":567,"resource_available":true,"data":null}},"time_used":1040,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1040,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/tiktok.mp4","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/tiktok.mp4 HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=8978432-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:25 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 45642\r\nlast-modified: Fri, 11 Oct 2024 12:32:42 GMT\r\netag: \"67091aea-89b24a\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 8978432-9024073/9024074\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45642,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"9cd54cd7f84a40962b9eab39c38b939c","sha1":"4f5b89bafa9f1dd8d37bb3b9c53d9f705f33d8f4","sha256":"2681bed83901a54c62bbc96375ca6a69055000dc75027aad314b84e957b0ebfb","sha512":"1224a40b3f4cb515279435267967ec220d82386dd2b74b2ab39eabafa151b2f00de9f9204822e8ff17eba95304540a5ce668fc5fe478471d69cff6f951501a30","ssdeep":"768:GhU0G0w7f2rcZjZQESOGGOXa+/WsOOTKPAdpnYalZnnFp4WSMsolyC5Swo9v:GG4f0aOGKshmYvnlLFkMsolyC5ho9v","tlshash":"bb236aa077290307ef92673059f223a93b39d6b08397189f5a42971e7cb37f54a530d9","first_seen":"2024-10-01T02:18:30Z","last_seen":"2026-06-11T01:56:38.387324Z","times_seen":715,"resource_available":false,"data":null}},"time_used":1005,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":982,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/font/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/font/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2 HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/static/css/css2.css\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:25 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 27444\r\nlast-modified: Wed, 26 Jun 2024 00:11:19 GMT\r\netag: \"667b5ca7-6b34\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27444,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 27444, version 1.0","md5":"13d1b429e99059f97e58fa10dd69f8b5","sha1":"174c7f299158103127d50de82f1086c3b66e8258","sha256":"1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40","sha512":"30dbd99f1abe8d2a9ddf73a93ed199ffb2b55903b5bc2618935a64ad54706f054fc9b46a80ccd1cab4eff3f5a607b5b599f5e02a2e89c990e10b210e4f16ed9d","ssdeep":"768:fsJMrdHxJnTKDF7e7XvmgzC2PXZDQP8NNZN/FX9559j:aMxR5eeLvm+CypDvjZNdX955R","tlshash":"c1c2f10085de9ac1e7e0f9350847d4c56cef9225784513ec8edc8d463dddaa20adea9a","first_seen":"2023-06-23T06:16:18Z","last_seen":"2026-06-27T11:31:10.56074Z","times_seen":8646,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":498,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkdemo.task678.com/webfonts/fa-solid-900.woff2","fqdn":"tkdemo.task678.com","domain":"task678.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.672Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: tkdemo.task678.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tok.alianzati.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/Spanish.svg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/Spanish.svg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Jun 2024 00:11:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c94-16385\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91013,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9305ebd7dca8be2bc0ae16186da8ce01","sha1":"6ac5500bd842e4a33244e47752139449865b7c30","sha256":"f9fe443d9c518a278898f33db59e5ac5c69cb75d1515368561d72956ce35e87b","sha512":"77e28fb37bba172cc1a80138a7ccbc886434568596dbc07f4acdf4e15a801e4c6f50f43f2ae947d38257c61bda97d25dc97e38f32bdf0865a467d445b6b49e29","ssdeep":"1536:3xgc9mCK7490AzcRPewyx6+F12P0v1NupVg6wuU9GW/b/qOuD+1TcKszCGOfiki0:mc9mCK749xDl6+H2P0v1NGW","tlshash":"9693ac7c871c87bc9a12cb789f3da0f5530ef0e8b23aa256541c88b061e75ded46b9c5","first_seen":"2024-01-05T17:55:28Z","last_seen":"2026-06-25T16:12:19.377491Z","times_seen":762,"resource_available":false,"data":null}},"time_used":1073,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1073,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/ins1.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/ins1.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:10:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c8e-1e55\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7765,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced","md5":"26455df694d387ff86ff1bf48ed12c40","sha1":"af0adbf02d74de65af6f9b2a769d67062c334175","sha256":"846630c0ed5c121fb52258c12da6dcc39d87a4ba5e3744f39a7a1d95db808e4a","sha512":"c7dcdc14746ead0b57e9aae2abb0303ed94859b287f8116a8a474029d91f6ea602ff881c454c5f323546d824a1c042ac7483f9d07fe6190eb2b48eb09aaad548","ssdeep":"192:OL4b0trg1amjM36PrSDGGS/7ICGsfZ4lF:OL4GFmj3PcGbDICnxy","tlshash":"a2f18d8bf236c01842ebbc8d18e72ca85e1b05d845deda80f9e9d80347a11ef55e58db","first_seen":"2024-09-27T14:52:15Z","last_seen":"2026-06-11T01:56:38.389941Z","times_seen":399,"resource_available":false,"data":null}},"time_used":1060,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1060,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/jquery.counterup.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/jquery.counterup.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-53c8\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21448,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (911)","md5":"ac8c7cd057d291dc5f8992182887e554","sha1":"a2f19870b9bfc913dd3f877b1801f9c6c3c3aa8e","sha256":"d787c8b33d180fa608d2cc2224a6fa91bb4a178c1d47a0cb33a8408c808510df","sha512":"2c4b5c030a1b0adad839c6d4413675ec3d967c584956c601e65dde9ed1fe6f54bdb29fca1d443f7d8f8c37bc4cba75c079a8c13ea617fe6283029a792d764ba8","ssdeep":"384:aFLREJJnYobgdi0y8jC9griW0sOv5KvJwQ7uMcteySiQ39qFJ7ztgysyF2o:avuYoEYYjwFNzAyF2o","tlshash":"8ca2dd482eeb20126f4b60b9fd1f61456276812b54895c677cdc93c80fe21391ebaff9","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-06-06T01:42:07.025184Z","times_seen":571,"resource_available":true,"data":null}},"time_used":1051,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1051,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/1.mp4","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/1.mp4 HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 561958\r\nlast-modified: Fri, 11 Oct 2024 12:32:45 GMT\r\netag: \"67091aed-89326\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-561957/561958\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":561958,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"c9e9d44ff722002fae76d923472a1b01","sha1":"cf4d834c4aaa1d4cea21d38da367add8259f78f6","sha256":"af6908a80017d4dac46a7e9a631b17d61db853f5d7bfee6ac4a14585786503f2","sha512":"7de41b3feac78aefb396dc6be300b4481fd8848cb0d7bde2e9e83605619ca04c77c9d257eba8d79acda1218a8b60a9c4808ff4b5ca27b67c6fc9bc199004d061","ssdeep":"12288:0LcQ7KjmCcaGcUeOGO2mkL92XJKOGwjeT97zO:0LcQ7KjmZaGclOGOnkLcJK+jeTdzO","tlshash":"36c4237d70dc24e1c439fe72994501fa866a0765da743bef7f9e809887a22462c13b4f","first_seen":"2024-07-04T22:43:55Z","last_seen":"2026-06-11T01:56:38.402017Z","times_seen":778,"resource_available":false,"data":null}},"time_used":2197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":993,"receive":1204,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/nice-select.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/nice-select.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-1114\"\r\nexpires: Tue, 27 Jan 2026 23:48:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4372,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"85159172c4f47eff80712fec2577f798","sha1":"f06d049fd7068802722fedbd5b580a8f4b8eb7ac","sha256":"1f83e0ee8dcfc77afc8364d414c57f29616bc42099283c9f964cc607143357c9","sha512":"cf5b47b861b43d937efc0e916951904a6a5c39b41946d8fabe5247303181633970a2252b89493911c4d4c17f1176da107426634babe9203d797043806b58b2ea","ssdeep":"96:rAPctjpPS6xipekHeFeXeW+7y58ImjgAc:MPwdPFuekH4W+G5/Ylc","tlshash":"1591bd38d6025583523b8b7fbbda1a19e63cc143292315acb7d196070f7a4ac9c95f4f","first_seen":"2024-07-04T22:43:55Z","last_seen":"2026-04-28T13:39:27.675107Z","times_seen":325,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":754,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/Malay.svg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/Malay.svg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Jun 2024 00:10:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c93-56a\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1386,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"50be507f7ddce55f869e4f40773aba5a","sha1":"da45f7e13e3a1fdf2169c4025f4db2ab267b9474","sha256":"da82a094cfdfc2c4936c8aff7e8bccae928e7ab1f813c11ae4933d1ef6dfb301","sha512":"1fe6480ef621d4ddd8540251ed5bb13efe964d92e63c7f19c4eb7af18f0d8b4f917a34bc2f4c55c6e9d455f71a72258e2878628caaa4dacae082956b2387327d","ssdeep":"","tlshash":"6321f7f496b837188f1587540fbc60e79a5474cf310963cef45c0578aa5ea8b8d929e2","first_seen":"2024-05-09T16:52:27Z","last_seen":"2026-06-11T01:56:38.375006Z","times_seen":675,"resource_available":false,"data":null}},"time_used":1068,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1068,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/screenshot-lg-1.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/screenshot-lg-1.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:11:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c9a-2d739\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":186169,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1536 x 1104, 8-bit/color RGBA, non-interlaced","md5":"4a8bb2445d1a11f0adb663f1396a400a","sha1":"60c2bd67ff74c808399584ac477115e48c76c2c7","sha256":"c1156ff308916a26b55e32595fa254af7532659c7278c4fa86d0361582f12b87","sha512":"bea535984f6d4ea74b5d7cd9c11fde4933f4b2684e5a3d55d6971752d62a2d287128542aa81ef7c82daf286f795e832fdb0ec7d8b1e92c0a7dde71eace3aa58d","ssdeep":"3072:3JQiOw8m81XQ1FX4qVSP7Bxw1inGzFytHKkuG513VJv4HPgIXTfXCOUJN6Fb003z:5lOwQdG5xVSzc1NzF0qi7P4HPgcCo7","tlshash":"be04121c623bd82ade1b63b549f41f832373552316eeb785e568b3fc2902e4cb0556e8","first_seen":"2024-09-27T14:52:14Z","last_seen":"2026-06-11T01:56:38.378316Z","times_seen":438,"resource_available":false,"data":null}},"time_used":1063,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1063,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/bootstrap.min.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/bootstrap.min.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-3e0c2\"\r\nexpires: Tue, 27 Jan 2026 23:48:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":254146,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (562)","md5":"e803d8348af046dc591d8c01ae3e16d7","sha1":"9f3a11673f8fca26ab21a6096eb14cf43904ba59","sha256":"b592d8462d366b8c226e303efc921cda6256314e2ab1f117ecc7024396c7cd60","sha512":"b7e346b8beb30c5c547e5e1c789c0a996fb9acd577cd9ab332c5a4cd22696ebb1b25a444b0b905b8bccde779be475a789f28f2e2faf04c0b8d5def0bf753f615","ssdeep":"1536:63vrFwjyhcpL9NZvfKr8fFfDvshTItLt6zleSQmuI:6rhcphNZvNt6zleSQmuI","tlshash":"c244525ae8f3296c1c57916966eeaeb9b3385083c719dc74b8cf33048f492d15d62ec8","first_seen":"2025-05-02T12:16:42.992237Z","last_seen":"2026-04-28T13:39:27.670504Z","times_seen":84,"resource_available":false,"data":null}},"time_used":407,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":407,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/Japanese.svg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/Japanese.svg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 470\r\nlast-modified: Wed, 26 Jun 2024 00:10:58 GMT\r\netag: \"667b5c92-1d6\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":470,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"22e3b3a4abbb24945620817fd27ed7db","sha1":"b5f2d0d5127becf2f525f44adb8ff9f8c8d67150","sha256":"bfea80baf9989383dc4bf7ca594ed95be0df0ff125bfc88d0bfa878eb0198022","sha512":"4a8bba04821d24b29af1c50bb80b8fb0f14b90ef09beae191f4ee60e4d1820723889ea86e6b404901305787c466caa3ea6667f4f3290e4f1f6110e7b63cda01d","ssdeep":"","tlshash":"63f05ca4a6f9880cce284629cbad29c5572ea0c6438a40ddb1941a597f1c27716db2f4","first_seen":"2023-12-06T12:02:13Z","last_seen":"2026-06-27T08:34:07.651635Z","times_seen":1457,"resource_available":false,"data":null}},"time_used":1956,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1070,"receive":886,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/Thai.svg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/Thai.svg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 284\r\nlast-modified: Wed, 26 Jun 2024 00:11:04 GMT\r\netag: \"667b5c98-11c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":284,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bcc03a3cd1a367274a2444aff71c0a68","sha1":"cc941547c987ff2a0de3c2429094e2471b003eeb","sha256":"329cc0d520536d6eb4b9304105f23650c2d02bbdba8f8696e996dbf166de6f2e","sha512":"a962596a3e7d22b5f6bd96fe44a0da33668527b503621f4a3ff00cc75125f4dbb2702279c737aaa2d9bd56eb5ccfb00c59550326f362c662c38cba50b5bf9e5e","ssdeep":"","tlshash":"a1d02bf8c37c74144d4882300eac72d29556608a115810c7b8a12da539591f39cc79d2","first_seen":"2023-08-04T15:07:25Z","last_seen":"2026-06-27T03:40:35.061531Z","times_seen":1269,"resource_available":false,"data":null}},"time_used":1952,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1066,"receive":886,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/icon.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/icon.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:10:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c8e-770\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1904,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"5edf47e32361035c09593963bb5c378e","sha1":"0f64b967396376465b3d77b9cbbcf3741aa08a0b","sha256":"e4c95cc789ee72e921dc86424c280189bb012877b9c0532a4c1412709e0718ae","sha512":"2cda3beb6cbbf4ebb5da3af2c81bbbc5335218b126dc4681ecf36c1430e493f812b883b08970d849e3904923d223c1c2fe64ea64c3929a43d4de7767662ca6be","ssdeep":"","tlshash":"4f41d782f950ae92e286d1d218d7944b6e1198c0eea0f07f74c7dca60c240fccc5dac7","first_seen":"2024-10-01T02:52:29Z","last_seen":"2026-04-18T12:25:44.094179Z","times_seen":171,"resource_available":false,"data":null}},"time_used":1055,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1055,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/tweenMax.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/tweenMax.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-1c552\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":116050,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32043)","md5":"6296e4cbdcf8f726fbbe2f56a246ef33","sha1":"0d477ae74145be06f9681ae626b3816694115bd0","sha256":"b2eb575eacb77fd139ffdf2cb86a12295189043fce93e000210dd88b41afc57a","sha512":"6155b91328bce0520e6edd291fb2339899cd997fe98304439a4860e0e9e427a38bf4bfbbd201620d04421afbd0805d76df7fbaefd547ed2ae498b701075186ce","ssdeep":"1536:8jm/F0VPBJ7jG/D+EH/GPJBpYSiZAr0GOlygZYzw6JcIfGxlLYiGsYVVOiP:8C/Wv51/vme0lybJXkYiGJ","tlshash":"e3b318c5312270128497269a557f0a47333bddbab4098d2cf589c5de3e1ce8921aff7a","first_seen":"2024-07-04T22:43:54Z","last_seen":"2026-06-06T01:42:06.99466Z","times_seen":569,"resource_available":true,"data":null}},"time_used":1046,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1046,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/image/hero-banner-bg-1.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/image/hero-banner-bg-1.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:11:07 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c9b-2243\"\r\nexpires: Thu, 26 Feb 2026 11:48:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8771,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2880 x 1440, 4-bit colormap, non-interlaced","md5":"e62aaa01df9bcef41f04ccaad92d87a1","sha1":"48faabc4dfef2645db295a7904c134d17d618dc0","sha256":"398f84b0ce8b1ce8276885781d8d5162dd0999eaf22496e77fb0004ffb196e49","sha512":"3024c8ff74b86fbe190315f123034c7d1eb7d19ce4febb7a40d2aafc34575869cad9637d91b1701966c77d951d454bb6f25ced3a739229f936c307921211dd00","ssdeep":"192:zFWsaHH/CeZFdMHDuPdKHoebTcGppBSwo6O6pP5PrvPc08tY7oYV:zRFjqdK9cGppB66d5rA8n","tlshash":"73028db7d7282136c1de34b69181a0c41e3965360a2dfe0c69dc57ed6b1d0aee1e16bc","first_seen":"2024-07-04T22:43:55Z","last_seen":"2026-06-11T01:56:38.393185Z","times_seen":801,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/font/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/font/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/static/css/css2.css\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:25 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 46704\r\nlast-modified: Wed, 26 Jun 2024 00:11:18 GMT\r\netag: \"667b5ca6-b670\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46704,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 46704, version 1.0","md5":"30a274cd01b6eeb0b082c918b0697f1e","sha1":"393311bde26b99a4ad935fa55bad1dce7994388b","sha256":"88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42","sha512":"c02c5894dfb5fbf47db7e9eda5e0843c02e667b32e6c6844262dd5ded92dd95cc72830a336450781167bd21fbfad35d8e74943c2817baac1e4ca34eaad317777","ssdeep":"768:f3Ybit5PQRS0FhgC1g10ijolF5rm2GsRnENYMSGAxgvZdH3VayjX2p2iKEmcLf:fIbi7eHBmt0F5rm2GsRENqGAx0Zdlt2r","tlshash":"1223f100917181a2eea73b3e82c96adb00ed51db6dc0e564a22f16f99d1f23f4385d5b","first_seen":"2023-09-15T13:47:10Z","last_seen":"2026-06-27T08:32:45.533146Z","times_seen":20123,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":492,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/all.min.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/all.min.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-13a94\"\r\nexpires: Tue, 27 Jan 2026 23:48:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80532,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65400)","md5":"c9ecefb067d74a23db1887cae1a4036b","sha1":"f842df24b378c3433ead2e7e79ecc03d7d44b39d","sha256":"558df707c9da3bc2fc4a27c3c11403f5cb97892a3f1dbd776e8faeaa89ebde65","sha512":"4e92c3661ce002acc20657a25a5466cf4828793d29975cb64393dcd4a511ef5a369a42a32672d08b1ebf7da7e27d558967449bf99136f2667084300a368e6070","ssdeep":"768:JXj31owDUbK4asPffBCYHfWZD+Kyt/1MFiWJb+VzHY0K2+qjdWjc:JX6woG4as37HeZDZyXSMVjS2nN","tlshash":"c3730ab8e54d01d9a732c04fbf42b3bca1baf73ce5911d95f00e592c2ad16a81189f79","first_seen":"2025-05-15T12:27:33.375732Z","last_seen":"2026-04-18T12:25:44.076762Z","times_seen":28,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":662,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/style.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/style.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-219fa\"\r\nexpires: Tue, 27 Jan 2026 23:48:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":137722,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"e7f50c1aad47a58d43e9422812743c7a","sha1":"100f34e6a13dee3e0bbfc036f8ba351520ebfb71","sha256":"7378b6c4f19319e7061ada822882bbf1d95b5d81ae7798af045a9c768e4779e3","sha512":"eeb8164d0f4e582bcfc255f0935f1f90308d3f69e591912544bf68f98490738b40ce21ac611b6a77102d17ca64b6ed5bd05f273b12a74807196beef94e5c2fc4","ssdeep":"3072:jSR2/3eKiW43Cof22PQPj3fr+T3AdwP9qx303KTF320KRKna3jHu:jSR2/3eKiW43Cof22PQPj3fr+T3AdwPW","tlshash":"85d37646eaf30a9a681f55285bfee705336c6083c90ecea9bfcd72444f851ed5172e48","first_seen":"2025-05-17T14:29:57.779039Z","last_seen":"2026-04-18T12:25:44.118066Z","times_seen":27,"resource_available":false,"data":null}},"time_used":917,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":917,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/avatar-3.jpg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/avatar-3.jpg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Jun 2024 00:11:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c99-4cc9\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19657,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3","md5":"7f4e88b0dc91c63acd501d5eefab5e05","sha1":"7d083a1ec1ca2a4dcab5c6eda740a5818a054ac1","sha256":"29aa525cb16afd6e8a9a233035ddb8171d8cd6dc6ad82ef743d9bbe2725517eb","sha512":"cf955c627e3b0fcad065b91284970a3d8425d6f0ef66b16c8da06dbb97a87fdea8dbea201f5546340557707946341a57a6c263f66b96545ecdd3cbc032098735","ssdeep":"384:Rty7AArn0NFcTQervW6Dgoi+uYS38JKvnH0CByXJrvFrNjLQ8dwDVEKQuF:bO04jD3JKP0KyX9FrBQLDFF","tlshash":"6792d063ce8c72b0dace7ff5a26662628f457e78d75964924323dbc910760cc4b3d121","first_seen":"2024-07-04T22:43:56Z","last_seen":"2026-06-11T01:56:38.395322Z","times_seen":843,"resource_available":false,"data":null}},"time_used":1077,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1077,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkdemo.task678.com/webfonts/fa-regular-400.ttf","fqdn":"tkdemo.task678.com","domain":"task678.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.859Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /webfonts/fa-regular-400.ttf HTTP/1.1\r\nHost: tkdemo.task678.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://tok.alianzati.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/avatar-2.jpg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/avatar-2.jpg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Jun 2024 00:11:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c99-7a9e\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31390,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3","md5":"1c03b908f62008df8e7e02ca5db8cf50","sha1":"515976a79fe5ee2392616b0651182240c6ee3d65","sha256":"eb36c0f955a29a4125a2e195d4ff15db120f833a91b8d13a6998ad1b285a74b7","sha512":"29eccb5af3975e70918a9ff165495fa6a8dcb90e427e5fee7e79707caeb6d94fb569270a8b01a184afeac05a0137e43fc2e967220fe94ee6f98075c162c4e86d","ssdeep":"768:KfjJQLsun2gpAAQ5GOxfg4+OkukRPLtzsAu:4tQwMIoOxYCkbdLtzsAu","tlshash":"0de2f227d20008e686863e72ac0a9ad2fc59390bdd9f1ce79d627f62471d0494cd96ce","first_seen":"2024-07-04T22:43:56Z","last_seen":"2026-06-11T01:56:38.4149Z","times_seen":845,"resource_available":false,"data":null}},"time_used":1078,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1078,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/poster.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/poster.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-27T11:33:37.522562Z","times_seen":531748,"resource_available":true,"data":null}},"time_used":1957,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1076,"receive":881,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/vi.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/vi.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:10:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c8d-147a\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5242,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1116x697, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1be1efad699d740bac0b196fa72427b1","sha1":"fc2dbf6ad72e9d92a23d2537ae9dfafea56cd244","sha256":"cfdb722ecba71a614c18604ad4ba2d01e67e4cb5f82804a716abef465db43e9b","sha512":"1dcfb6cb3125ed8386b9c47c9d3b4ca4a0c20b80ebb998fedac43585e9d4b8499b8ced951158c7686000e00dcfdae5f9a61bbc4a2c0c45f1ffe29a4d63ee54ca","ssdeep":"96:Q6sHcMfBE9cWTBKiKclIrq3U6QRtqFbXYdg1FDEBEFiJdhZMMW:QTfElN33U6QRtSCgbDEBESG","tlshash":"82b14dad68722a8cc71e43b8569444fb958dd77fae30a91c4e2c1db6241531f8b8c2ce","first_seen":"2024-09-27T14:52:15Z","last_seen":"2026-06-11T01:56:38.380482Z","times_seen":302,"resource_available":false,"data":null}},"time_used":1065,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1065,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/dribbble1.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/dribbble1.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:10:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c8d-210a\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8458,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 175 x 175, 8-bit/color RGBA, non-interlaced","md5":"00df14144d71635bc31880d951e9312e","sha1":"507e5908a6e9caa7ec21e3a3f5aecaf7014d38e8","sha256":"ef6de4cfac36d60d893a7f6e0113f5b79835c4c75c54df20103a06606353406f","sha512":"02cd0f52727bc6ca2da5da404de52c77f6a62fc5c84c23715497ece7e0acb44b029c080f8e53100fcfe4cf5b902dac75cc612cb91de8825198651e8304fe5159","ssdeep":"192:tMLboDIzgOjgaLApzBZediyx2TaHZ2TrMz4tvJ2XfmiIC9t:tMLbjgiLCtZfTaHagz4tBmZIst","tlshash":"9102ae1de51d6f92889d1f3551f16eae4c3a08829982dea161addc3238f4d7a29178c3","first_seen":"2024-09-27T14:52:14Z","last_seen":"2026-06-11T01:56:38.411602Z","times_seen":400,"resource_available":false,"data":null}},"time_used":1062,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1062,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/vue.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/vue.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-1a49f\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":107679,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65362)","md5":"8da91780fa9815752579efedb7b6ee03","sha1":"4525cbd167c96324016eaa2584703e2024e85c90","sha256":"3c1d4b0c549e8de9d4a9bafb12ab70b6a1ac747d07293b98c5b25b6632999afd","sha512":"5b1f278866cf3420fcee64ae174b01472b705b6fb6645afb1f054317c92b09bdde82cb42738a107e283efdc7e0d8e1ddf3629c525398c6548302a747a8ae530b","ssdeep":"1536:/xUpXlU1At+HWTcPKoVMurh6AiRuA7O8vGwYjT9cisc/tz0bl1:eXCIgrHL8vGwYN5tz0bL","tlshash":"53b3e8dcb296b47113eb20b1417f150bf33a6915a80ac590f223e4d67db8c8e916be7d","first_seen":"2023-12-27T12:14:10Z","last_seen":"2026-06-27T10:38:53.733198Z","times_seen":2086,"resource_available":true,"data":null}},"time_used":1039,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1039,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/language.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /language.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/static/js/zone.js.js\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:25 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":1014,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1012,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/choose-1.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/choose-1.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:11:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c9a-f4e2\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":62690,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 640x738, components 3","md5":"2942a2e431b9d5976bae604b19f1effc","sha1":"6ae4ff91d4ad7410907d95abaa3920f46c4f20cf","sha256":"be21913816bb537f3fa8f7b7bb2e3654381f5be2428e2586b7eb04e7e41e685b","sha512":"616923bedfba4249b04852db56c6ad0dbccba26c1a89ef6b20da21b3bb7bc00ff7b3f2fbe54ba39693e222d272c86f3c508f0569861739d8cc50d542d3f59241","ssdeep":"1536:0TjlOm0Gp3TIx6EWYBGC/pWQHQMTvI6SPnnujs+Qfo8Yd7UU0Olq3G:0Tj0wM6FYBGXQHbv7SPOHeOGG","tlshash":"58530202f2b1b85fc81c2231a5b1afeac4195717a7044f66bd6b5bc87ce57e84ecd880","first_seen":"2024-09-27T14:52:15Z","last_seen":"2026-06-11T01:56:38.388119Z","times_seen":623,"resource_available":false,"data":null}},"time_used":1063,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1063,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/tiktok.mp4","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/tiktok.mp4 HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 9024074\r\nlast-modified: Fri, 11 Oct 2024 12:32:42 GMT\r\netag: \"67091aea-89b24a\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-9024073/9024074\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33308,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"02e70ebba4cfb127b07fcd1fed89a6de","sha1":"9e5009b415adcda54d21081ce6c25acde89d6413","sha256":"be728e84fb62fb4991cd56ddeee191f7c617c3b1edbe4d167525bce70c7a2160","sha512":"9ffbbc967fdc94f59a23584b28b4a7c9861a4c570fc158c22c019ed1fcff0562e04c1d3e29a21104bed7ca6c932c17c47120fa08e942ad715fed99cd5c52bdeb","ssdeep":"768:o3WgNMcYiLyY3VMijeHeQn5cas8VGzcMx:o3LMgljCeQnzt8Ak","tlshash":"60e2e1332b4214645091bd4e3deaacbb43795e20174ee85e879b5fafc099f61d0b906c","first_seen":"2026-01-27T11:48:47.316076Z","last_seen":"2026-01-27T11:48:47.316076Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1451,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":994,"receive":457,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/flaticon.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/flaticon.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-5d0\"\r\nexpires: Tue, 27 Jan 2026 23:48:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1488,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1348), with no line terminators","md5":"b8eb404857495d8f5c6888ecb910ca3a","sha1":"58a6205ca4a70795589d7d29263e2283862a39ba","sha256":"a2860451612a4a4c8894743799df12535e89b646c2b3046bfe177436bdc3820f","sha512":"2122a73b1f72be13c95415eaf6216aa6c710e7f167aaff01bfef1a15a2d53bb3a48c73a28bc5690643a54e4a40a1a9bc1ea1ec8e67efcd06eecc688c864fc4a5","ssdeep":"","tlshash":"0d31bcbac17e44c4a781cdc727eeb234e50ab179ecd18c96e71a4e18a8f1a9546c1f34","first_seen":"2025-05-15T12:27:33.390619Z","last_seen":"2026-04-18T12:25:44.110464Z","times_seen":28,"resource_available":false,"data":null}},"time_used":699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":699,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/responsive.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/responsive.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-17a7\"\r\nexpires: Tue, 27 Jan 2026 23:48:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6055,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"86f73864491a0359592bac4adf1fca96","sha1":"e6769d7d03bb33b2e487ea8d5af7bb8f9a027e8c","sha256":"9b084bc827b445092af35075ad26d15f44827a1bc15d437f7643bf5a1bb91846","sha512":"3f1c0ef5516b656a6347ba4228bc21ae9858610ac31849da47017520c7ac8a4f6df4bab910bda037fbcdd3ec943ae2c8718ebb3f0e6aff30c359df6d98d5419a","ssdeep":"96:rAi98EoqPEuS4Zt/EIDr6NRv05J3PNbM59S2dijg04OyWLBjDZslBTxlsfcyEJCv:Mi98EoCEuSNIDr6fv05Jw8ZSGfCrHe","tlshash":"9ec19cdbbba2165c382e3ab5d97e75a16314a043d30dedd67dc06069cf881d6cbd2a0c","first_seen":"2024-07-04T22:43:55Z","last_seen":"2026-04-28T13:39:27.650674Z","times_seen":339,"resource_available":false,"data":null}},"time_used":958,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":958,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/screenshot-lg-2.png","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/screenshot-lg-2.png HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Jun 2024 00:11:07 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5c9b-aebc\"\r\nexpires: Thu, 26 Feb 2026 11:48:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44732,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1280x920, components 3","md5":"0e0f0753997380711fc448250bcac2c7","sha1":"b690398486705272a92acc7571ac52255838ead4","sha256":"a03f4fe052a60d67479261dadc7defced40148f6dc382bf110d844b40bdd7afb","sha512":"a1e0dd93a03be191bfe96fa3d31a9510b99d623800b811d8ec9016846c76b693d71b0dd70164621e369a3d59a2317035166f5a7741467134fbe6a699d5447274","ssdeep":"768:KD9o+Li/vUT+bQ2sud9Kr/ykvmmmFaAnUUON/UE9i+cNIZyWVDEutkkaQwxME:KMB5l1iBUE9iHGyI4uJw2E","tlshash":"ff13d03b7772e6e2d844237a40c533b5e13b9e36f22224a151a28c11da1937bbe553df","first_seen":"2024-09-27T14:52:15Z","last_seen":"2026-06-11T01:56:38.383386Z","times_seen":441,"resource_available":false,"data":null}},"time_used":1063,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1063,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/swiper-bundle.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/swiper-bundle.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-231ae\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":143790,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65199)","md5":"c9a9f38aa0acaa7ce04312456f7d23c1","sha1":"bf3c40e57dd84da986337920ef4d5bfef476b115","sha256":"1ab59033075783342dbec81fa17026d5591d0ed4645fc6faa048ba6741e6d0be","sha512":"64263fd277eb6d79a7c9c363c1a462be12bb06951a2942c2d10d97aacb50aeb8eabb6a3be10b11deaf4a9aec5eaff62e2b8a3acde5e3aed47219cb1345b1af08","ssdeep":"3072:lJLCyDdkEUYnafpoy9v8cIWyUaV4y+oGeJJ91EfrNK/Yvq:lJLC4dkEUYnafpl9v8cIWybV4y+oGMJh","tlshash":"09e3f8896360b1a552e3268b93a9c651e3b51400b409c4e870bd4c9b6d7ed9813ffffe","first_seen":"2024-07-04T22:43:54Z","last_seen":"2026-06-06T01:42:06.99418Z","times_seen":560,"resource_available":true,"data":null}},"time_used":1047,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1047,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/css/animate.min.css","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/css/animate.min.css HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-118c1\"\r\nexpires: Tue, 27 Jan 2026 23:48:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71873,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65365)","md5":"1a069f675d26ce109b5a405112a7fd33","sha1":"b880afa27c03eac2d954b1cadcd7004c6c5978d3","sha256":"aa0b5d2e1bac36e844b2224d2c0940622ab9e298f21e1cf9d440a7bc0a5d3de5","sha512":"660662574cf8699e9884bc27a02c6c6e5a688ab8e25292d2f767f8379867f7d04d2e3d82f378092bb5d2f0b17af1c0d8e5b21f8cd11cc917c492fd2d1da581b5","ssdeep":"1536:56uNQ3fdPwwanleMf72yMvkZAP5wh1XAOkdDm33yT5grZep0dTA:ukZ8wh1XAOkdDm33yT5grZep0dTA","tlshash":"a4633aae4891124990230e67c7cd5ea84b3ccaa355721cee33552c4b8b46fee73de617","first_seen":"2024-08-19T18:03:50.612786Z","last_seen":"2026-04-28T13:39:27.655215Z","times_seen":341,"resource_available":false,"data":null}},"time_used":828,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":828,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/config.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:25.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /config.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/static/js/zone.js.js\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:25 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T11:34:36.996317Z","times_seen":16760842,"resource_available":true,"data":null}},"time_used":1015,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1012,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/picture/French.svg","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/picture/French.svg HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 231\r\nlast-modified: Wed, 26 Jun 2024 00:10:52 GMT\r\netag: \"667b5c8c-e7\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":231,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bf4cae9b80cd98ef576670139bdb167d","sha1":"a761902c65cfdca4058ce0c9d5f8eac667cd6118","sha256":"8cdacc8d79bcf210cdca2777a2c0de1f9e5862526877bd3026c9d59ecdcd4578","sha512":"bb6b5de936dfdb7f7aea85e15d22ef5a15bbf020dd055d9d0423cd59972ab6aef642db2c522435b14cf92535432fa9ea1f7c31ee4eb5f01543dcda89d4292d83","ssdeep":"","tlshash":"5cd0a7a9d32da410c74447200a7c75c254a5f0c9a48411cbe890049522190f69cc39a5","first_seen":"2023-12-06T12:02:13Z","last_seen":"2026-06-27T09:20:24.682355Z","times_seen":2077,"resource_available":false,"data":null}},"time_used":1955,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1074,"receive":881,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/jquery.nice-select.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/jquery.nice-select.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-11bb\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4539,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"6da8d42255961163046979da18f54b72","sha1":"6262d03800d298badf3d8188df5212f4d3fa0d7d","sha256":"00095a8b4be4fffdfc68d53607b18dfc6ec6fa5248025323f6667c53d192d6f0","sha512":"2420ed235cffe8ae2bb2a9a20731b6d98ca2615c69fb1ca6f253d7aee037963d34589335cc4ab9f4fa24b572416b2c0020b8d5064e027f0a0dc74f8307021c11","ssdeep":"96:E0QuNla97TLpeVP4+m+nVROLmKOeT4hKeDOm9oOn9Qwbvyn:EtWlaJTLoyoVROLmKOeT4hKeDOm9oOnk","tlshash":"30910f0762d011b256ff30a32c137146b233a82be95999067d5d42f00f9ed35a6f6ece","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-04-28T13:39:27.666595Z","times_seen":373,"resource_available":true,"data":null}},"time_used":1049,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1049,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tok.alianzati.com/static/js/aos.min.js.js","fqdn":"tok.alianzati.com","domain":"alianzati.com","tld":"com"},"ip":{"addr":"118.107.44.23","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tok.alianzati.com/","date":"2026-01-27T11:48:23.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tok.alianzati.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 27 Dec 2025 02:28:36 GMT","end":"Fri, 27 Mar 2026 02:28:35 GMT"},"fingerprint":{"sha1":"AA:8F:AC:7B:3B:10:4C:5C:C3:B0:F5:D4:04:4B:C0:CD:37:DE:10:08","sha256":"85:F8:23:45:8F:C9:96:18:99:00:04:38:99:81:2A:EA:EC:D8:F7:E4:20:35:DB:0C:6F:F8:F6:BE:59:83:88:5B"}}},"request":{"raw":"GET /static/js/aos.min.js.js HTTP/1.1\r\nHost: tok.alianzati.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tok.alianzati.com/\r\nCookie: server_name_session=a9e3980e460205d3f16074c24c91ce45\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 27 Jan 2026 11:48:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Jun 2024 00:11:21 GMT\r\nvary: Accept-Encoding\r\netag: W/\"667b5ca9-3680\"\r\nexpires: Tue, 27 Jan 2026 23:48:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13952,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13875)","md5":"e0041457719a9b541a81669201b820b7","sha1":"10bc52e3895f57acf7e9de24a465a1f3abb6d9fa","sha256":"397c09afcedde7c04a774ce7738d7a1ab0a7cf69814bf1e281226888582a9519","sha512":"0fb1f89ecb8f6f57f2c5abf1a003fa20acc29981ac70be9c96038a7b96e35c2bb0c81b8a777b3e5ddc3ca0d15c5cbce4a985304f4aa260fc35827a01f7eb9024","ssdeep":"192:xOaHX24ysbeCVXVyILkYmTpOIytlomlBpOIVtlomlrjm5bovo5FglaZW0fNacZgn:xVpyRSVLL28HVjkFglMfNaEg+w","tlshash":"87521bdc7186f166479394fb417f610af2f114b4684d8440e139c4e73eb999aca33eae","first_seen":"2024-07-04T22:43:53Z","last_seen":"2026-06-06T01:42:07.011311Z","times_seen":570,"resource_available":true,"data":null}},"time_used":1043,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1043,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-27","alert":"Phishing Block","trigger":"tok.alianzati.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-27","alert":"Sinkholed","trigger":"tok.alianzati.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}