{"report_id":"0caa2d70-e091-45b1-8a34-6dfa3186ff36","version":6,"status":"done","tags":[],"date":"2025-11-05T07:52:18Z","url":{"schema":"http","addr":"elang805win.online/","fqdn":"elang805win.online","domain":"elang805win.online","tld":"online"},"ip":{"addr":"172.67.129.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"elang805win.online/","fqdn":"elang805win.online","domain":"elang805win.online","tld":"online"},"title":"ELANG805WIN | Akses Daftar \u0026 Main Situs Slot Gacor Qris 1 Detik Tanpa Delay","dom":{"size":58482,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1763)","md5":"f84b42a6f29d17e9a2a53fa8e0ad197f","sha1":"2aa6e36ce4889ce2035bddb372c326ff43193fd5","sha256":"09309eead6d290b3fa1d476cef47532101213031ccacc633122f2ef801163f6e","sha512":"7870d5158a1b79c59a628ecd022aa2a7e9cda6e502c961c24202be0a8434ec45337306bf82c228335a50fb87a2ecd451cfcfeb43059fc764af3ced2de9e2b72e","ssdeep":"384:wRuOL4XvUIRNnfHfiP1e9nxmwjO3in6ZNMd1Ioin2:wRuOL4XvBnfHEe9xNe9NMNZ","tlshash":"cb43842f56e600191c43a0f5b6eb7619f67ad04bce1eec99fede5150cf847a0ac92708","dom_hash":"domhash7e4e9d56391f93a71921423594ec60e2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"elang805win.online/","fqdn":"elang805win.online","domain":"elang805win.online","tld":"online"},"ip":{"addr":"172.67.129.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-10T07:52:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-05T07:51:56Z","timestamp":1762329116,"ip_dst":{"addr":"172.66.46.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.20","port":39650,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)","source":"{\"timestamp\":\"2025-11-05T07:51:56.512729+0000\",\"flow_id\":152750547317066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.20\",\"src_port\":39650,\"dest_ip\":\"172.66.46.244\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2057746,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_11_20\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_11_20\"]}},\"tls\":{\"sni\":\"elang805win.pages.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3474,\"start\":\"2025-11-05T07:51:56.504138+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-05","alert":"Sinkholed","trigger":"elang805win.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"elang805win.pages.dev","ip":{"addr":"172.66.46.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-09-02","domain_rank":0,"first_seen":"2025-11-05T07:52:19.512159Z","last_seen":"2025-11-05T07:52:19.512159Z","alert_count":0,"request_count":4,"received_data":2586097,"sent_data":1652,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-02T22:13:40.433865Z","alert_count":0,"request_count":1,"received_data":505073,"sent_data":401,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"elang805win.online","ip":{"addr":"172.67.129.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-01","domain_rank":0,"first_seen":"2025-11-05T07:52:19.512808Z","last_seen":"2025-11-05T07:52:19.512808Z","alert_count":5,"request_count":5,"received_data":63727,"sent_data":2239,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-05T07:51:56Z","timestamp":1762329116,"ip_dst":{"addr":"172.66.46.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.20","port":39650,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)","source":"{\"timestamp\":\"2025-11-05T07:51:56.512729+0000\",\"flow_id\":152750547317066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.20\",\"src_port\":39650,\"dest_ip\":\"172.66.46.244\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2057746,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_11_20\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_11_20\"]}},\"tls\":{\"sni\":\"elang805win.pages.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3474,\"start\":\"2025-11-05T07:51:56.504138+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-D64N52PR7Z","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e22babdeabe830a2f8ec3e0ed7ebb44d","sha1":"e3f7c6060ce0b322728a581b224acab223073fa2","sha256":"1569670f5b186d17ff0d1af50d88c16dfcff8a2ba371484f8fbbb5f082fe2a39","sha512":"afc61ebe8dcef0481f72c3a97f6dd914353c491bc33f4820d5e1cd4b9df2d838151372fc69f08234018caffc5dca165cb48f2fed2fb03404f91434f9eb980070","ssdeep":"6144:0BuWF4XJN1tbJXRnNFBOgpmbv7dQIYheO+9zAK6K/:KdFWbhXRnNBGYhKzz","tlshash":"4eb40ace73c67426579af468502f01cba9bb24a2b49cc89bb1c9ccf01d7469a4177f78","size":504469,"data":"","first_seen":"2025-11-05T05:56:50.679452Z","last_seen":"2025-11-05T07:52:25.382086Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elang805win.online/","fqdn":"elang805win.online","domain":"elang805win.online","tld":"online"},"ip":{"addr":"172.67.129.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f1c3c303a83869114cb0e880f8a73e54","sha1":"c244b4896ae26ea1bdbbf545683b3a54a45267fd","sha256":"bfbfe8d45b33e4d607a9874e1a0655bf0c6e36e329f3fbe649c0608b6f17592d","sha512":"74c28979f0c274686ead334ed62f2f92fafe0fbd749525bbe810c4404ff4d46e24bf1ffcd6ef6e355ad41b6213ae22c52b324531417fdc8f73bb80ac586ee99e","ssdeep":"","tlshash":"87b02b30302484230050190c73a31f453d02031c00cf2c0832d6402e9c1795341a2560","size":123,"data":"","first_seen":"2025-10-12T12:09:35.959495Z","last_seen":"2026-05-13T08:47:54.582648Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"elang805win.online/_nuxt/error-404.7UKTUqwb.js","fqdn":"elang805win.online","domain":"elang805win.online","tld":"online"},"ip":{"addr":"172.67.129.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://elang805win.online/","date":"2025-11-05T07:51:57.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elang805win.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 01 Nov 2025 10:49:26 GMT","end":"Fri, 30 Jan 2026 11:48:01 GMT"},"fingerprint":{"sha1":"79:87:EA:36:B9:A0:7D:31:2F:F1:49:BA:6D:79:5D:86:E7:4C:B4:F4","sha256":"2B:D0:1B:53:F7:43:56:CD:95:E3:6D:45:C0:A0:D2:2A:F7:08:5D:1B:4A:3D:67:90:DB:73:EE:B4:8F:46:8D:B1"}}},"request":{"raw":"GET /_nuxt/error-404.7UKTUqwb.js HTTP/1.1\r\nHost: elang805win.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://elang805win.online/\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 05 Nov 2025 07:51:57 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZOkE1raOcd0ChL0lglSyX%2BJLXqnfS9Xbqk68pOUQzL7%2B%2BIDYJ7QPMXZjUXyVRX4bGeEO2GANwDazI5dxGUWGzEXJLPFmVDPpwyImZrG4yn0%3D\"}]}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 999ac4d618290b65-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-05-15T15:20:31.580269Z","times_seen":510122,"resource_available":true,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":598,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-05","alert":"Sinkholed","trigger":"elang805win.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elang805win.pages.dev/images/favicon.png","fqdn":"elang805win.pages.dev","domain":"elang805win.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.46.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://elang805win.online/","date":"2025-11-05T07:51:57.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elang805win.pages.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 02 Nov 2025 04:30:27 GMT","end":"Sat, 31 Jan 2026 05:29:04 GMT"},"fingerprint":{"sha1":"E0:A7:6F:92:14:50:6B:3F:7A:BD:24:A3:27:7C:6C:38:5C:0E:6C:93","sha256":"87:85:B7:BF:AA:1D:2C:E1:BF:AE:5E:45:50:4A:F3:E3:31:52:B7:B4:BA:55:23:F0:FC:AA:96:4B:A3:4D:08:C9"}}},"request":{"raw":"GET /images/favicon.png HTTP/1.1\r\nHost: elang805win.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 05 Nov 2025 07:51:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 244817\r\npriority: u=6,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"2dc5ecf9db00f7c28d033d0c9d7ce4b4\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LgvD%2BznvfhcUCMt9dn1sopoFTg6xvBsL0P0M4z5Jgv8CjZHjFYS5Cr8wVMDFJKltRMN1H0DZwkG6RPN59Y0P8mIGFptdEr%2FHJtUMRxNiELUtqdjveg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 999ac4d6087ddfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":244817,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"cb0ce49a6f65ff0e8fda7ba49d45b9a4","sha1":"e1c4dc2e1c52ae5262c16c36da8b69a5d32cc769","sha256":"3f0820e9556fde97f368b95ee968c723476e1ecc9a111815f1ebbc2aa23fbd33","sha512":"3b3add09229cbf2fc8c559d931b3fa29ec57d24e38ac9bec975c1a2b8b7d22a7f96fa0b5566e69d27fa78d134c71d3455f538a7efef0383db32f641ff04314b2","ssdeep":"6144:IM5wglFqe4VYejY9eqV4AgCxI3Xwci5MZ:3db6jYMy1x2XK+","tlshash":"803412d65ea24f42cc4f20b25a8b47237b1b435a5ad3e98e03f1863977b63f59e03548","first_seen":"2025-11-05T07:52:25.381006Z","last_seen":"2025-11-05T07:52:25.381006Z","times_seen":1,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-D64N52PR7Z","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://elang805win.online/","date":"2025-11-05T07:51:56.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 08:37:33 GMT","end":"Mon, 05 Jan 2026 08:37:32 GMT"},"fingerprint":{"sha1":"6D:B1:20:6C:4E:45:23:88:91:95:5C:C3:FE:0D:A8:1B:29:43:20:6A","sha256":"15:E2:87:29:F5:07:FE:12:A2:58:8F:EE:D0:AD:2A:AC:63:5D:69:08:82:23:F9:BD:90:70:9F:09:AA:7B:57:8B"}}},"request":{"raw":"GET /gtag/js?id=G-D64N52PR7Z HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 05 Nov 2025 07:51:56 GMT\r\nexpires: Wed, 05 Nov 2025 07:51:56 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 160982\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":504469,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"e22babdeabe830a2f8ec3e0ed7ebb44d","sha1":"e3f7c6060ce0b322728a581b224acab223073fa2","sha256":"1569670f5b186d17ff0d1af50d88c16dfcff8a2ba371484f8fbbb5f082fe2a39","sha512":"afc61ebe8dcef0481f72c3a97f6dd914353c491bc33f4820d5e1cd4b9df2d838151372fc69f08234018caffc5dca165cb48f2fed2fb03404f91434f9eb980070","ssdeep":"6144:0BuWF4XJN1tbJXRnNFBOgpmbv7dQIYheO+9zAK6K/:KdFWbhXRnNBGYhKzz","tlshash":"4eb40ace73c67426579af468502f01cba9bb24a2b49cc89bb1c9ccf01d7469a4177f78","first_seen":"2025-11-05T05:56:50.679452Z","last_seen":"2025-11-05T07:52:25.382086Z","times_seen":2,"resource_available":true,"data":null}},"time_used":324,"timings":{"blocked":106,"dns":1,"connect":21,"send":0,"wait":42,"receive":64,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elang805win.pages.dev/images/logo.png","fqdn":"elang805win.pages.dev","domain":"elang805win.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.46.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://elang805win.online/","date":"2025-11-05T07:51:56.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elang805win.pages.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 02 Nov 2025 04:30:27 GMT","end":"Sat, 31 Jan 2026 05:29:04 GMT"},"fingerprint":{"sha1":"E0:A7:6F:92:14:50:6B:3F:7A:BD:24:A3:27:7C:6C:38:5C:0E:6C:93","sha256":"87:85:B7:BF:AA:1D:2C:E1:BF:AE:5E:45:50:4A:F3:E3:31:52:B7:B4:BA:55:23:F0:FC:AA:96:4B:A3:4D:08:C9"}}},"request":{"raw":"GET /images/logo.png HTTP/1.1\r\nHost: elang805win.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 05 Nov 2025 07:51:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 708915\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"008329bec8519f6f6594a5d52b52a602\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dmRl8Nkse8eR70lAm5dnol289SG6z43GWpFp%2FuRr6%2FVXDoXLLJwiaiA%2FnyWdTL%2Bxd4qIPvolJBtGK4zAu3P1EQoPb34m27BF%2FzFNVyVa%2FkbIg8A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 999ac4d269d356b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":708915,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2048 x 731, 8-bit/color RGBA, non-interlaced","md5":"e3ad2d38e7aa5a4b507303df09bf62f1","sha1":"072b0725df6d1465efc07049bc4d415ca7d2b035","sha256":"bae9e04c7de041298b93b8ef55d1602f2b792b9c8f7cf5c6c0f3a170d4309ebe","sha512":"531cc615cb8f41617e2e662d77620ea3c1a5006cbbe4b2207c86c86c86a503f95521f2d41b2d02554b1afb8bf183471e5a363de064c23d6f16234bcd5cf70b3d","ssdeep":"12288:uMUzCFmj4A/mTYNjDWsoqfvJl6oZj19+z+zOXYiOLRDruRRsrMWjEO0hebJZTa:udzV/muykz6obxCaDss0J8F0","tlshash":"fae4236ec39b1247ee4a47f512d73f217982cb70da8798188e749f3a50fab746384681","first_seen":"2025-11-05T07:52:25.382837Z","last_seen":"2025-11-05T07:52:25.382837Z","times_seen":1,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":74,"dns":42,"connect":1,"send":0,"wait":216,"receive":29,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elang805win.pages.dev/images/favicon.png","fqdn":"elang805win.pages.dev","domain":"elang805win.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.46.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://elang805win.online/","date":"2025-11-05T07:51:56.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elang805win.pages.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 02 Nov 2025 04:30:27 GMT","end":"Sat, 31 Jan 2026 05:29:04 GMT"},"fingerprint":{"sha1":"E0:A7:6F:92:14:50:6B:3F:7A:BD:24:A3:27:7C:6C:38:5C:0E:6C:93","sha256":"87:85:B7:BF:AA:1D:2C:E1:BF:AE:5E:45:50:4A:F3:E3:31:52:B7:B4:BA:55:23:F0:FC:AA:96:4B:A3:4D:08:C9"}}},"request":{"raw":"GET /images/favicon.png HTTP/1.1\r\nHost: elang805win.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 05 Nov 2025 07:51:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 244817\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"2dc5ecf9db00f7c28d033d0c9d7ce4b4\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g7%2FlUKZ3dyRsY17C%2BhSx%2FVugZEJS6BMtiErOTflbx%2BX3GVuNjvvjPc2GB%2BPK0AUWcXpAr4nrjvhf1Chh2xaIz4ly%2BoAeqk%2FLTJXcW8X8udx0q0I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 999ac4d259c656b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":244817,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"cb0ce49a6f65ff0e8fda7ba49d45b9a4","sha1":"e1c4dc2e1c52ae5262c16c36da8b69a5d32cc769","sha256":"3f0820e9556fde97f368b95ee968c723476e1ecc9a111815f1ebbc2aa23fbd33","sha512":"3b3add09229cbf2fc8c559d931b3fa29ec57d24e38ac9bec975c1a2b8b7d22a7f96fa0b5566e69d27fa78d134c71d3455f538a7efef0383db32f641ff04314b2","ssdeep":"6144:IM5wglFqe4VYejY9eqV4AgCxI3Xwci5MZ:3db6jYMy1x2XK+","tlshash":"803412d65ea24f42cc4f20b25a8b47237b1b435a5ad3e98e03f1863977b63f59e03548","first_seen":"2025-11-05T07:52:25.381006Z","last_seen":"2025-11-05T07:52:25.381006Z","times_seen":1,"resource_available":false,"data":null}},"time_used":352,"timings":{"blocked":69,"dns":40,"connect":1,"send":0,"wait":196,"receive":10,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elang805win.online/_nuxt/error-500.97t7ZV6P.js","fqdn":"elang805win.online","domain":"elang805win.online","tld":"online"},"ip":{"addr":"172.67.129.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://elang805win.online/","date":"2025-11-05T07:51:57.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elang805win.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 01 Nov 2025 10:49:26 GMT","end":"Fri, 30 Jan 2026 11:48:01 GMT"},"fingerprint":{"sha1":"79:87:EA:36:B9:A0:7D:31:2F:F1:49:BA:6D:79:5D:86:E7:4C:B4:F4","sha256":"2B:D0:1B:53:F7:43:56:CD:95:E3:6D:45:C0:A0:D2:2A:F7:08:5D:1B:4A:3D:67:90:DB:73:EE:B4:8F:46:8D:B1"}}},"request":{"raw":"GET /_nuxt/error-500.97t7ZV6P.js HTTP/1.1\r\nHost: elang805win.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://elang805win.online/\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 05 Nov 2025 07:51:57 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LSTZFGjEB817iEkz8zkohQcB7MeHGj1Ddvle9Q4n%2BhCVS1oLcxB%2BYfaYKufTz7l3PphPfDDFAAO0LCFZbODv66FV01DqY0O1mpg5yGDi%2Fb8%3D\"}]}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 999ac4d6182a0b65-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-05-15T15:20:31.580269Z","times_seen":510122,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-05","alert":"Sinkholed","trigger":"elang805win.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elang805win.pages.dev/images/banner.png","fqdn":"elang805win.pages.dev","domain":"elang805win.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.46.244","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://elang805win.online/","date":"2025-11-05T07:51:56.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elang805win.pages.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 02 Nov 2025 04:30:27 GMT","end":"Sat, 31 Jan 2026 05:29:04 GMT"},"fingerprint":{"sha1":"E0:A7:6F:92:14:50:6B:3F:7A:BD:24:A3:27:7C:6C:38:5C:0E:6C:93","sha256":"87:85:B7:BF:AA:1D:2C:E1:BF:AE:5E:45:50:4A:F3:E3:31:52:B7:B4:BA:55:23:F0:FC:AA:96:4B:A3:4D:08:C9"}}},"request":{"raw":"GET /images/banner.png HTTP/1.1\r\nHost: elang805win.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 05 Nov 2025 07:51:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 1384556\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"c8c740c6abf2dbac3fd572bfdb550673\"\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hIiuCFXDtjvVSs9zuM8mVps2Q2U3l3u4IoTFWPDpaYoU%2Ba1ULHtWe0Sx9eGw6p5hAxmR78T0dfAWwiqJlWLLmq4c16%2B4wOFEeZx7GDCd%2FY4Xdoc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 999ac4d269cf56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1384556,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGB, non-interlaced","md5":"fe01d408c200a7f5c940af407e234a8c","sha1":"28c454e1ff3b14711b4ae3bd7ddcd27963a1912a","sha256":"c95c0c98cf4d1a5d3bb69120db1716e2e8624d6e416a037edc3e17615cbaae07","sha512":"749d9e6cf6c5896335286150774881dd958b41392fdb4878ea7822807360c1b1dea8efaa2eee49154b66696a1071ce433f2f44cc1aa5d69441850454890a4228","ssdeep":"24576:7HtQ5jS/hnUlECfxnpVqxgJ8kGFQ1ao5Hqo0K5tVh:7HcwYnfxpVFJ8saoHzVh","tlshash":"6825339339058817908bb0b1f288757e30d603d9505f99d617af9a81b1bfb801bbedb7","first_seen":"2025-11-05T07:52:25.384239Z","last_seen":"2025-11-05T07:52:25.384239Z","times_seen":1,"resource_available":false,"data":null}},"time_used":460,"timings":{"blocked":73,"dns":40,"connect":3,"send":0,"wait":206,"receive":102,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elang805win.online/","fqdn":"elang805win.online","domain":"elang805win.online","tld":"online"},"ip":{"addr":"172.67.129.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-05T07:51:55.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elang805win.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 01 Nov 2025 10:49:26 GMT","end":"Fri, 30 Jan 2026 11:48:01 GMT"},"fingerprint":{"sha1":"79:87:EA:36:B9:A0:7D:31:2F:F1:49:BA:6D:79:5D:86:E7:4C:B4:F4","sha256":"2B:D0:1B:53:F7:43:56:CD:95:E3:6D:45:C0:A0:D2:2A:F7:08:5D:1B:4A:3D:67:90:DB:73:EE:B4:8F:46:8D:B1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: elang805win.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 05 Nov 2025 07:51:56 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 02 Nov 2025 05:30:27 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-permitted-cross-domain-policies: master-only\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LSUmXTXdg1z5GG6qmbno3FI6FcvCSE6cD7OKqfnughhOMGgJGbCKzU%2BtJYQ7oM%2FzkcRe1fWBGkQFQVWbAbSr3A4%2B3OU78ze3%2B29RU0mx4So%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 999ac4ccaf2d5693-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":60085,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (854)","md5":"82f33225375051d7cf0f4abc6f560d5b","sha1":"0ba5316a37a0fa9d002221c024784e995fe6f882","sha256":"dc149ed397c3aa132d575db033a9cc23e7734e03dd9a7e0a08e18bd1192544fe","sha512":"0668915c7de715ed41f7798abba337473921b52c397d8c37a56c971108c232b75fe3a4f2235e6f98ab56447c9ef141851f6588921e96ced2d46f50c2b2797a03","ssdeep":"384:wRuOeXvUIRNnfHfiP1e9nxmwjO3in6Z+Y2yViPphM:wRuOeXvBnfHEe9xNe9+Ylr","tlshash":"ee43532f56f600191c43a0f5a6eb7619e67ad04bce1eec99fedd5150cf887a0ac93708","first_seen":"2025-11-05T07:52:25.385238Z","last_seen":"2025-11-05T07:52:25.385238Z","times_seen":1,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":97,"dns":76,"connect":1,"send":0,"wait":667,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-05","alert":"Sinkholed","trigger":"elang805win.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elang805win.online/js/ga.js","fqdn":"elang805win.online","domain":"elang805win.online","tld":"online"},"ip":{"addr":"172.67.129.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://elang805win.online/","date":"2025-11-05T07:51:56.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elang805win.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 01 Nov 2025 10:49:26 GMT","end":"Fri, 30 Jan 2026 11:48:01 GMT"},"fingerprint":{"sha1":"79:87:EA:36:B9:A0:7D:31:2F:F1:49:BA:6D:79:5D:86:E7:4C:B4:F4","sha256":"2B:D0:1B:53:F7:43:56:CD:95:E3:6D:45:C0:A0:D2:2A:F7:08:5D:1B:4A:3D:67:90:DB:73:EE:B4:8F:46:8D:B1"}}},"request":{"raw":"GET /js/ga.js HTTP/1.1\r\nHost: elang805win.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://elang805win.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 05 Nov 2025 07:51:57 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ov7ah0HeUxgzlwztvOOjrbmCbFnTd14%2FdAwvQGyVtxQVh5RpkRaXgwK68GqEm%2F3bULccpDQcXXXx8nPbpQUabfBZaBJ4IPaRkU16T5cWRqI%3D\"}]}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 999ac4d1d81a0b65-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-05-15T15:20:31.580269Z","times_seen":510122,"resource_available":true,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-05","alert":"Sinkholed","trigger":"elang805win.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elang805win.online/_nuxt/entry.ccJFMKKt.js","fqdn":"elang805win.online","domain":"elang805win.online","tld":"online"},"ip":{"addr":"172.67.129.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://elang805win.online/","date":"2025-11-05T07:51:56.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elang805win.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 01 Nov 2025 10:49:26 GMT","end":"Fri, 30 Jan 2026 11:48:01 GMT"},"fingerprint":{"sha1":"79:87:EA:36:B9:A0:7D:31:2F:F1:49:BA:6D:79:5D:86:E7:4C:B4:F4","sha256":"2B:D0:1B:53:F7:43:56:CD:95:E3:6D:45:C0:A0:D2:2A:F7:08:5D:1B:4A:3D:67:90:DB:73:EE:B4:8F:46:8D:B1"}}},"request":{"raw":"GET /_nuxt/entry.ccJFMKKt.js HTTP/1.1\r\nHost: elang805win.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://elang805win.online/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 05 Nov 2025 07:51:57 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SZEowjd4jIBvCgxU%2B5CWRa%2F%2Bg9x%2B1URQQKD9MXmlG%2B3w5LZApKguttXDE2BzxhtEurJvKzO3JRsYVPPe9bv0lgje7Cb5OCVL0aQbIvMPHF0%3D\"}]}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 999ac4d1d81b0b65-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":649,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":649,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-05","alert":"Sinkholed","trigger":"elang805win.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}