{"report_id":"21847734-cf04-4529-a523-12fa90433efc","version":6,"status":"done","tags":[],"date":"2025-10-02T02:18:32Z","url":{"schema":"http","addr":"mjzpo4ogjb.alambetvip.site/","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.180.227","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"title":"mjzpo4ogjb.alambetvip.site/"},"submit":{"url":{"schema":"http","addr":"mjzpo4ogjb.alambetvip.site/","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.180.227","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-06T02:18:32Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"mjzpo4ogjb.alambetvip.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-09-28T22:11:36.689828Z","alert_count":0,"request_count":2,"received_data":717067,"sent_data":909,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"mjzpo4ogjb.alambetvip.site","ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-25","domain_rank":0,"first_seen":"2025-10-02T02:18:33.309959Z","last_seen":"2025-10-02T02:18:33.309959Z","alert_count":4,"request_count":5,"received_data":139665,"sent_data":2881,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2025-09-28T22:13:48.149535Z","alert_count":0,"request_count":1,"received_data":20344,"sent_data":530,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0115b8cf2c67f28553b70f4b77908cb3","sha1":"e7e4d86c9e7c90ce098336616f6067d9d64105e8","sha256":"d60e163ebcc52f6270bbe4797e5bda58611359ac41984147b5a88251f2d2802f","sha512":"2d6195bf2d0d969b5a85fa9d33fc081be71eed32ca155d2c036a7d920a443c9b31954a17b2b09258f6488f499fa129a4580a5bbaf99945d0d11e7114b37a8994","ssdeep":"","tlshash":"a2e0c0db70120871629f89b623b5a124b253250e78091822fdfd88242e5858b48221ac","size":358,"data":"","first_seen":"2024-12-20T06:50:38.22342Z","last_seen":"2025-10-24T11:55:57.229776Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"75fbf36f62a07379a2c28129f033d4ce","sha1":"6953c721d8128cfafb22528436d8e90b4ce88b01","sha256":"9f1b2056c69c37d030e13102bb3b93d4d0da58cce68316637ee48077cb5fa198","sha512":"b1e1d53da149890e532c8476e96f5c96170aa175eb96c1034c526199e1a011c93bd31833bcfceefc4526593a3db6823b252136c3a19ad6eabd3fd1ad9bb0b1a4","ssdeep":"","tlshash":"3ed0a7ba2cb98d305798014b60b7f7a8356525a06f22954081cacc2b5e11ed344a1968","size":236,"data":"","first_seen":"2025-10-02T02:18:38.337075Z","last_seen":"2025-10-02T02:18:38.337075Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2d2fc8059120df63f2db578375f6f1d","sha1":"1dc4fbb1d696ed3512ee74c3ab819b703066dc2e","sha256":"990deacff467d380c0b90ee9551e5ca611a231406d6284fa4b32e12ddf3b395a","sha512":"a48b59b07c57acd1b24048faac8b942a9bfd6af9f8f938cf797154a27a504e8d848bde3b7373c2a823fdb94cc74fbc765bc452043f5f38c6de9fc862f827ec70","ssdeep":"192:ZBUPDku92yVwOC5F3TgVaGuMNZmwAlYUwJjffTZxiQwOSUSg1d1mwUaN:ZBUPDku9JVwOC5F3TWaGuQZmZlTa3Lik","tlshash":"2622d782b84ef228c1b478a1516f50c79cd9facd0c5acc475a15ace83e34718bc95f8e","size":9998,"data":"","first_seen":"2025-10-02T01:38:19.153516Z","last_seen":"2025-10-02T03:32:09.093254Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d7fc09b8a4bd752f30c83d9580b3c6a","sha1":"da2358d67f63cb87274ef47e207b1027a787f97a","sha256":"2bcd7394e0ae89979b164c678cb0710e5f794302c56178dbafb72c4a14642862","sha512":"bcc68e46e255e38dc930bc303b948a1d07af9c4e90e67fa2ace0da56556d8bd18d8945aab3685e4586ea2749988deb09409b4bdbc9fe7a9a4d1f753c5ed9e330","ssdeep":"","tlshash":"88f0c946ce025363d0ff065e73cf7320a022e3261362ae640fa3740824249c36a82fea","size":525,"data":"","first_seen":"2025-06-22T15:44:19.498324Z","last_seen":"2026-05-03T12:59:46.973225Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-N887RCZ3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e66d5d51a1475165183b53078752e15b","sha1":"c6eeba87d9c3162bcec7fa8e53f082f27cbe00a9","sha256":"628bad49f741852f5e6fd34c983195a0555dd929a632e1c213efcbdd2e69ad67","sha512":"eb308001002f2eccd4dab6d69e9c417111af68756f3bb6c8aef418501fc9f1f9ae5a95f0e1dcac1193602d278fd128a984493953b59370512fa0b54badd634d1","ssdeep":"3072:9d5ZibJ5eaXSko0O6ZNug8MaLPrMxS/WWCUNyfNPChqLfZAn02hdl4In0:HGX/h8P3VDC/AhqLfZAn0ET4I0","tlshash":"c36418cdb3d6b46283a3a474503f014bb17b68d2b44cd899f185d8d42e74aaa4237f7d","size":318492,"data":"","first_seen":"2025-10-02T02:18:38.331096Z","last_seen":"2025-10-02T02:18:38.331096Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-4J67Q8JM32\u0026cx=c\u0026gtm=4e59u1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d2fbf232f694bed8ade63bf161e3551","sha1":"a89952400a9ac079a3eb06ebff51b6fc98378bae","sha256":"1e49d232ffd7250ed4ce9c3138d58ad9b6987de68f6d745762602e9b1463c902","sha512":"5a6e789974f28d0c7a40876b2cf507e4af948fd8376a8085666b73efbd0bdad1e98e3e6e979c66999b51f3141c1e7156b74182d215de4563ad88d347b33dbf45","ssdeep":"6144:qEGXbRh8P3VDCII6JAhqLfZAn0E41+xBoc:ur3cVlI6JBFc","tlshash":"52841ace73d674265396e478903f018ba5bb28a2f44cc899f189dce42d74a9a4137f7c","size":397321,"data":"","first_seen":"2025-10-02T02:18:38.333808Z","last_seen":"2025-10-02T02:18:38.333808Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3f11e009d5dac0327d85c96eb370c414","sha1":"1a37971bc18ae5867f2123bfb10e6ba48e105dce","sha256":"269ae7b761046cb2eff5ac80c2e91a6cca18b0437ff323822bd54c07e7dbdb33","sha512":"af00fc7a813f8df8cb60853e7fe0a43e993405e17fc47b285e13da48d65d472647a57de137db6c020b581395e20ce5e7f92ed4298f552e0a4e4be6bfc76ea3db","ssdeep":"","tlshash":"fed0220113e58838026360fadfae6295292280473202de4b3d3c09c80fc29a482a05c0","size":218,"data":"","first_seen":"2025-09-28T06:52:00.185791Z","last_seen":"2025-10-24T11:55:57.230501Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"74df4988fe937398eee0d8e612affd4c","sha1":"53f575a10f87d0ceed700f3cb883f5a5ee7c4cd1","sha256":"ab90936cbb7059001cdae6ca516f96cd31ca0ed541ff89557376bd699938583b","sha512":"8a45b418eb0dfe9e3677bf28ca34c9c07f17b9656a190a731ce77d8092b42192e77a06806127735b18745ba10015cf3999a7d51bdbdedb00658194700dcb80b5","ssdeep":"","tlshash":"a31190753e195934c685414b317ef7a93d3260717e029044c26ddc255d18e87149fdbe","size":921,"data":"","first_seen":"2025-10-02T02:18:38.339963Z","last_seen":"2025-10-02T02:18:38.339963Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-05-15T12:32:07.630711Z","times_seen":335624,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"42c470f9e1d57edf3dcafd53ea5ffc77","sha1":"8c212f49bfd15b6b8319ac637a7c3c9c9bdf1939","sha256":"e8ca2b3647e490cb3791cafb06fd6b4274654bcf55ca4a2c35eac0bc600be037","sha512":"a21c79b012fe7642dd1ba349b7823e1112865152107e4eaeaaa7f3e21b475d8ae53bad5c21ddffb1f9dca5ade20cdf2f530a0800583b72ae23540fe90c87a3fd","ssdeep":"","tlshash":"589002d8b145f1300e122654147e414567b535e026559004860c41d1755c8075497d85","size":53,"data":"","first_seen":"2024-12-20T06:50:38.230504Z","last_seen":"2026-05-03T12:59:46.976089Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"8aa0deb872ce5255b91c5b2268385125","sha1":"6528b7e848950ddfe7359169fb844b9169e11b29","sha256":"cd9c72b16f44b167ee37e22629ba8716b1d9abb96b825359a9174c51f23f372f","sha512":"9f7c51052db50d0e03c7636dcb1265209557e773618501882e3e9e0cda8029fb8d9bd615776a47c5e2f75dfd00356ab4eeccf0aade53d7535fa220332d985bd4","ssdeep":"","tlshash":"eca0026cf4fff46516422624283e9545baedd9901609e10782ac15a177284894913a97","size":64,"data":"","first_seen":"2024-12-20T06:50:38.228939Z","last_seen":"2026-05-03T12:59:46.970332Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-N887RCZ3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mjzpo4ogjb.alambetvip.site/","date":"2025-10-02T02:18:11.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"DF:7E:8A:F9:1C:B5:DC:9E:90:E3:71:A7:92:85:2C:8F:2B:B4:42:8E","sha256":"3A:65:11:10:B9:58:2F:E1:BF:38:98:8D:2E:3E:A2:01:9D:C6:BE:69:5B:AD:F7:99:53:F9:AB:A6:6B:82:47:F1"}}},"request":{"raw":"GET /gtm.js?id=GTM-N887RCZ3 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mjzpo4ogjb.alambetvip.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 02 Oct 2025 02:18:11 GMT\r\nexpires: Thu, 02 Oct 2025 02:18:11 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 02 Oct 2025 00:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 107485\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":318492,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5723)","md5":"e66d5d51a1475165183b53078752e15b","sha1":"c6eeba87d9c3162bcec7fa8e53f082f27cbe00a9","sha256":"628bad49f741852f5e6fd34c983195a0555dd929a632e1c213efcbdd2e69ad67","sha512":"eb308001002f2eccd4dab6d69e9c417111af68756f3bb6c8aef418501fc9f1f9ae5a95f0e1dcac1193602d278fd128a984493953b59370512fa0b54badd634d1","ssdeep":"3072:9d5ZibJ5eaXSko0O6ZNug8MaLPrMxS/WWCUNyfNPChqLfZAn02hdl4In0:HGX/h8P3VDC/AhqLfZAn0ET4I0","tlshash":"c36418cdb3d6b46283a3a474503f014bb17b68d2b44cd899f185d8d42e74aaa4237f7d","first_seen":"2025-10-02T02:18:38.331096Z","last_seen":"2025-10-02T02:18:38.331096Z","times_seen":1,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":59,"dns":2,"connect":8,"send":0,"wait":30,"receive":22,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/4687995f25e1/main.js?","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mjzpo4ogjb.alambetvip.site/","date":"2025-10-02T02:18:11.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alambetvip.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 13:52:48 GMT","end":"Wed, 24 Dec 2025 14:52:43 GMT"},"fingerprint":{"sha1":"40:3B:83:4A:8A:E3:49:77:C7:F6:2F:D9:BA:D2:6D:D9:46:82:42:25","sha256":"8F:E0:DC:FA:F4:C7:02:A4:88:87:67:A1:81:82:41:91:E5:3A:6A:E7:DF:1E:BB:04:E6:0A:17:39:9F:00:0C:33"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/4687995f25e1/main.js? HTTP/1.1\r\nHost: mjzpo4ogjb.alambetvip.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 02:18:11 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9880b52ca93a4c11-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9998,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9998), with no line terminators","md5":"d2d2fc8059120df63f2db578375f6f1d","sha1":"1dc4fbb1d696ed3512ee74c3ab819b703066dc2e","sha256":"990deacff467d380c0b90ee9551e5ca611a231406d6284fa4b32e12ddf3b395a","sha512":"a48b59b07c57acd1b24048faac8b942a9bfd6af9f8f938cf797154a27a504e8d848bde3b7373c2a823fdb94cc74fbc765bc452043f5f38c6de9fc862f827ec70","ssdeep":"192:ZBUPDku92yVwOC5F3TgVaGuMNZmwAlYUwJjffTZxiQwOSUSg1d1mwUaN:ZBUPDku9JVwOC5F3TWaGuQZmZlTa3Lik","tlshash":"2622d782b84ef228c1b478a1516f50c79cd9facd0c5acc475a15ace83e34718bc95f8e","first_seen":"2025-10-02T01:38:19.153516Z","last_seen":"2025-10-02T03:32:09.093254Z","times_seen":8,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"mjzpo4ogjb.alambetvip.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/cdn-cgi/challenge-platform/h/g/jsd/r/0.07131886358440191:1759366009:Z0ayBRicmNNBrShcfPKXW6-oyLxXjUPejZmUazv1UC8/9880b5277d9b4c11","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mjzpo4ogjb.alambetvip.site/","date":"2025-10-02T02:18:11.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alambetvip.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 13:52:48 GMT","end":"Wed, 24 Dec 2025 14:52:43 GMT"},"fingerprint":{"sha1":"40:3B:83:4A:8A:E3:49:77:C7:F6:2F:D9:BA:D2:6D:D9:46:82:42:25","sha256":"8F:E0:DC:FA:F4:C7:02:A4:88:87:67:A1:81:82:41:91:E5:3A:6A:E7:DF:1E:BB:04:E6:0A:17:39:9F:00:0C:33"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/r/0.07131886358440191:1759366009:Z0ayBRicmNNBrShcfPKXW6-oyLxXjUPejZmUazv1UC8/9880b5277d9b4c11 HTTP/1.1\r\nHost: mjzpo4ogjb.alambetvip.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12114\r\nOrigin: https://mjzpo4ogjb.alambetvip.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mjzpo4ogjb.alambetvip.site/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 02:18:11 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 0\r\ncf-ray: 9880b52ce95c4c11-OSL\r\nset-cookie: cf_clearance=6R5z4ByLBdfooIbPcImKNhdhRRfqjyZcVW5KUdi9lRk-1759371491-1.2.1.1-.MT1Vm8kIuAXyafuWBlRDE6PunRGAsUlpGLg6dYSBqSopsRCXU_WWE.XJGPHa0Ypge8AkSORO3Wsg87Qvh7RVwMr3hE7oksR1BiCTk0dRUgDBWqpvqZofBiSAYAa2HCv3EIDxCVqHf05.unuB1CoRZkkzRltIihwoef6ugZxwU5ZY69RyND5UEOrBNbqb6hljc09UdyLLDC3lnGhTofmZt4.WZ8b1ae9Cs6a0bhU830; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=alambetvip.site; Expires=Fri, 02 Oct 2026 02:18:11 GMT\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"mjzpo4ogjb.alambetvip.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/cdn-cgi/rum?","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mjzpo4ogjb.alambetvip.site/","date":"2025-10-02T02:18:11.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alambetvip.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 13:52:48 GMT","end":"Wed, 24 Dec 2025 14:52:43 GMT"},"fingerprint":{"sha1":"40:3B:83:4A:8A:E3:49:77:C7:F6:2F:D9:BA:D2:6D:D9:46:82:42:25","sha256":"8F:E0:DC:FA:F4:C7:02:A4:88:87:67:A1:81:82:41:91:E5:3A:6A:E7:DF:1E:BB:04:E6:0A:17:39:9F:00:0C:33"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: mjzpo4ogjb.alambetvip.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1174\r\nOrigin: https://mjzpo4ogjb.alambetvip.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mjzpo4ogjb.alambetvip.site/\r\nCookie: cf_clearance=6R5z4ByLBdfooIbPcImKNhdhRRfqjyZcVW5KUdi9lRk-1759371491-1.2.1.1-.MT1Vm8kIuAXyafuWBlRDE6PunRGAsUlpGLg6dYSBqSopsRCXU_WWE.XJGPHa0Ypge8AkSORO3Wsg87Qvh7RVwMr3hE7oksR1BiCTk0dRUgDBWqpvqZofBiSAYAa2HCv3EIDxCVqHf05.unuB1CoRZkkzRltIihwoef6ugZxwU5ZY69RyND5UEOrBNbqb6hljc09UdyLLDC3lnGhTofmZt4.WZ8b1ae9Cs6a0bhU830\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 02 Oct 2025 02:18:11 GMT\r\naccess-control-allow-origin: https://mjzpo4ogjb.alambetvip.site\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-ray: 9880b52d09644c11-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"mjzpo4ogjb.alambetvip.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-4J67Q8JM32\u0026cx=c\u0026gtm=4e59u1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mjzpo4ogjb.alambetvip.site/","date":"2025-10-02T02:18:11.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"DF:7E:8A:F9:1C:B5:DC:9E:90:E3:71:A7:92:85:2C:8F:2B:B4:42:8E","sha256":"3A:65:11:10:B9:58:2F:E1:BF:38:98:8D:2E:3E:A2:01:9D:C6:BE:69:5B:AD:F7:99:53:F9:AB:A6:6B:82:47:F1"}}},"request":{"raw":"GET /gtag/js?id=G-4J67Q8JM32\u0026cx=c\u0026gtm=4e59u1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mjzpo4ogjb.alambetvip.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 02 Oct 2025 02:18:11 GMT\r\nexpires: Thu, 02 Oct 2025 02:18:11 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 134455\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":397321,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"4d2fbf232f694bed8ade63bf161e3551","sha1":"a89952400a9ac079a3eb06ebff51b6fc98378bae","sha256":"1e49d232ffd7250ed4ce9c3138d58ad9b6987de68f6d745762602e9b1463c902","sha512":"5a6e789974f28d0c7a40876b2cf507e4af948fd8376a8085666b73efbd0bdad1e98e3e6e979c66999b51f3141c1e7156b74182d215de4563ad88d347b33dbf45","ssdeep":"6144:qEGXbRh8P3VDCII6JAhqLfZAn0E41+xBoc:ur3cVlI6JBFc","tlshash":"52841ace73d674265396e478903f018ba5bb28a2f44cc899f189dce42d74a9a4137f7c","first_seen":"2025-10-02T02:18:38.333808Z","last_seen":"2025-10-02T02:18:38.333808Z","times_seen":1,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-02T02:18:10.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alambetvip.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 13:52:48 GMT","end":"Wed, 24 Dec 2025 14:52:43 GMT"},"fingerprint":{"sha1":"40:3B:83:4A:8A:E3:49:77:C7:F6:2F:D9:BA:D2:6D:D9:46:82:42:25","sha256":"8F:E0:DC:FA:F4:C7:02:A4:88:87:67:A1:81:82:41:91:E5:3A:6A:E7:DF:1E:BB:04:E6:0A:17:39:9F:00:0C:33"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mjzpo4ogjb.alambetvip.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 02:18:11 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-encoding: gzip\r\nx-powered-by: Express\r\nvary: Accept-Encoding\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nsw: 371\r\nx-served-by: mjzpo4ogjb.alambetvip.site\r\ncf-cache-status: DYNAMIC\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfOrigin;dur=17,cfEdge;dur=637\r\nserver: cloudflare\r\ncf-ray: 9880b5277d9b4c11-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}],"data":{"size":117479,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (58764)","md5":"e4bd79d108ec11b730fa88bfcb9687d3","sha1":"1f12f15de58309f4a085f8d3c9a6f223933c140d","sha256":"c221574480739c1e3810240445ee7188a825db23133b8633a8a11ad5aae80f67","sha512":"71c24b6f38631a4e12fc8b2a2b3099c01ca221a7aa876e31699ec8a508543e3755569e200e5419c2aa34efcbc5583b21e96eff6b6b87260cba813833609a5e8f","ssdeep":"3072:Vmm6HDvDciJFAT4MpHK+H6/mNlqn3BC1cu:4mkc+7eRHYx3BJu","tlshash":"48b3f17b09a3af292932a4286b7b31022e308903c75fd885fefc5949cf46d81e5f6755","first_seen":"2025-10-02T02:18:38.334957Z","last_seen":"2025-10-02T02:18:38.334957Z","times_seen":1,"resource_available":false,"data":null}},"time_used":679,"timings":{"blocked":11,"dns":0,"connect":2,"send":0,"wait":657,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mjzpo4ogjb.alambetvip.site/","date":"2025-10-02T02:18:11.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 02:39:12 GMT","end":"Sat, 22 Nov 2025 03:39:06 GMT"},"fingerprint":{"sha1":"B4:6C:D2:16:CA:52:EE:BD:22:D7:B4:2C:64:FF:A5:EF:67:D8:E1:F8","sha256":"FF:3A:23:84:D6:B2:73:DF:50:6E:1A:45:A4:AB:03:37:0B:C4:4A:8E:82:12:99:10:80:A2:F7:FC:71:E3:BA:1D"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mjzpo4ogjb.alambetvip.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mjzpo4ogjb.alambetvip.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 02:18:11 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9880b52c6960b1b8-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-05-15T12:32:07.630711Z","times_seen":335624,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":80,"dns":0,"connect":1,"send":0,"wait":10,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mjzpo4ogjb.alambetvip.site/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"mjzpo4ogjb.alambetvip.site","domain":"alambetvip.site","tld":"site"},"ip":{"addr":"104.16.181.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mjzpo4ogjb.alambetvip.site/","date":"2025-10-02T02:18:11.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alambetvip.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 13:52:48 GMT","end":"Wed, 24 Dec 2025 14:52:43 GMT"},"fingerprint":{"sha1":"40:3B:83:4A:8A:E3:49:77:C7:F6:2F:D9:BA:D2:6D:D9:46:82:42:25","sha256":"8F:E0:DC:FA:F4:C7:02:A4:88:87:67:A1:81:82:41:91:E5:3A:6A:E7:DF:1E:BB:04:E6:0A:17:39:9F:00:0C:33"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: mjzpo4ogjb.alambetvip.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 02 Oct 2025 02:18:11 GMT\r\ncontent-length: 0\r\ncf-ray: 9880b52c99324c11-OSL\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/4687995f25e1/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9998,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"mjzpo4ogjb.alambetvip.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}