{"report_id":"54669244-bd01-4c1a-8f92-620e461bd658","version":6,"status":"done","tags":[],"date":"2026-01-06T14:21:14Z","url":{"schema":"http","addr":"zilliqastake.icu","fqdn":"zilliqastake.icu","domain":"zilliqastake.icu","tld":"icu"},"ip":{"addr":"82.29.199.222","port":0,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"zilliqastake.icu/","fqdn":"zilliqastake.icu","domain":"zilliqastake.icu","tld":"icu"},"title":"Zilliqa | Scalable, Secure \u0026 EVM-Compatible Blockchain for Institutions","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zilliqastake.icu","fqdn":"zilliqastake.icu","domain":"zilliqastake.icu","tld":"icu"},"ip":{"addr":"82.29.199.222","port":0,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-10T14:21:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-06T14:20:47Z","timestamp":1767709247,"ip_dst":{"addr":"82.29.199.222","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":48058,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-01-06T14:20:47.196130+0000\",\"flow_id\":767055829536159,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.30\",\"src_port\":48058,\"dest_ip\":\"82.29.199.222\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"zilliqastake.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3939,\"start\":\"2026-01-06T14:20:46.986527+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"zilliqastake.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"zilliqastake.icu","ip":{"addr":"82.29.199.222","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"domain_registered":"2025-12-29","domain_rank":0,"first_seen":"2026-01-06T14:21:15.841138Z","last_seen":"2026-01-06T14:21:15.841138Z","alert_count":4,"request_count":4,"received_data":7464996,"sent_data":1946,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"PHP:8.3.17","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"zilliqastake.icu/http-10.35.11.js","fqdn":"zilliqastake.icu","domain":"zilliqastake.icu","tld":"icu"},"ip":{"addr":"82.29.199.222","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"4538a5aed5c7b38d42811ddbe1edfc1a","sha1":"1d8d8e309cb3f731e4507ece9beede5a8a2a8b65","sha256":"07f65ebef24563feab15498b99c4ca8a65b5ae3be26ca3237310510c0f82c18c","sha512":"2f4b2daff7396d2e7676a1998b09992e64e7a747fe5e51e4a2a7f97fbe44d5f5d64a0cbab17b2a67e4c8da678c34447a89e40e1d0ff7a180c7fd1df55d03dfc9","ssdeep":"768:JvuoNcOQFm+IxkJQmx+942C9R97A3NFD4zUcHTps5eD77QcnZNjqYUb4iz8ck6Ov:0m3kY42C2dFMHfZN6ZfTbOV","tlshash":"59935fd5990be0e58e1120dde437e815e4284a23ceadf1a3ba6cdec1745df62c48b17b","size":89925,"data":"","first_seen":"2026-01-06T14:21:19.153135Z","last_seen":"2026-01-06T14:21:19.153135Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zilliqastake.icu/c738664b-7fab-4098-849c-8ade39c1a678","fqdn":"zilliqastake.icu","domain":"zilliqastake.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"7df73988252e4e56e97ba60a379b1adb","sha1":"71fcb419a05752a6816ec8cb8d6ff66f2b286575","sha256":"795b58fa3e79ac5f0fe3f40fd1a8780febc568757a02fb88cece17317ec0a0d3","sha512":"76bbb9908159d4a89749d84c7cfc019cebaecb2a738e68d09f3e7194cd362e8991548472274377a2b829abdeccdd6a077443dca3c4c9f205ccf78d4a3568702e","ssdeep":"768:FVX6Xl2NCM1idz41CAr7cC2Iq5a87XZUXfl2rsi14UcCs+Wl4:FVLCl","tlshash":"6ca333131cbe346b048f4b63f5295e47af5ffa43da16624cb2bc26852fb7d56c982204","size":107243,"data":"","first_seen":"2025-12-16T18:55:46.047375Z","last_seen":"2026-05-31T12:20:22.044756Z","times_seen":452,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zilliqastake.icu/bb302eba-219b-42f6-abb8-1b127cd88abc","fqdn":"zilliqastake.icu","domain":"zilliqastake.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec26a722169cb2cef03353fcf8dd144a","sha1":"6eec6673abcde3d29547796a38361256d9efde1c","sha256":"01861fcd47bc63bb7be76c480bad4c6cc987c8996ab0e023a4e692b68c94b05c","sha512":"c885e5d94bd96fa4a573524356e0ca7398b1489f5a39fc1120cf7f4e469950630ad3e9f48dd0392acd36da390c27a4be1e81da943d1d9ecd48890d1691e416cf","ssdeep":"6144:Ufg7z90bnvLZqnWTI9esVTMuyEvtzXNglxQP92L:VzBe6kEdOxQoL","tlshash":"bf740980b261b07247da24e10477540af339e96c744a40acf6a8d8fb7dbd589957ff38","size":357754,"data":"","first_seen":"2025-07-12T22:38:09.13306Z","last_seen":"2026-05-13T03:42:14.185593Z","times_seen":5084,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"zilliqastake.icu/","fqdn":"zilliqastake.icu","domain":"zilliqastake.icu","tld":"icu"},"ip":{"addr":"82.29.199.222","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T14:20:46.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zilliqastake.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 07:21:16 GMT","end":"Sun, 29 Mar 2026 07:21:15 GMT"},"fingerprint":{"sha1":"B3:33:72:8B:87:AE:E7:55:E3:4A:33:25:01:87:D5:2D:8B:B5:40:20","sha256":"24:87:62:69:0C:7B:4F:9A:41:A2:57:BA:32:65:55:54:32:CB:1D:02:7B:6C:73:84:C3:91:FD:3E:B5:43:1B:66"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zilliqastake.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Sat, 27 Dec 2025 17:52:49 GMT\r\netag: \"2ea824-69501cf1-37d102d92207de3;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1996878\r\ndate: Tue, 06 Jan 2026 14:20:47 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":3057700,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (64731)","md5":"c921a284a56f8a89a0ee92e31e78a6ea","sha1":"3288353cb36ae84c8a06dfcfe947313793e5e261","sha256":"eb82f9d3e3d85debc3a9c733556bf187807d119a80ade72ccdf7b8464984a889","sha512":"b84cfc31e74ead1840e232a3390bf280e6f241481b84409dc92083643d9f39e61735f0a67dd75b0e6e252b5fd814afae9b5fe535c935d6590b7e94e21d66dfbb","ssdeep":"12288:j5YM20pYnKuNyryk5YMX0pYnKuWyryh5YMU0pYnKuLyry4:dLBYfNgyKLkYfWgyfLXYfLgy4","tlshash":"d4257d7231d06628f82f1afb559cd22867069002e9d376e7f7468719e8cbf9a0771d2c","first_seen":"2026-01-06T14:21:19.150888Z","last_seen":"2026-01-06T14:21:19.150888Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1447,"timings":{"blocked":299,"dns":85,"connect":103,"send":0,"wait":102,"receive":746,"ssl":109},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"zilliqastake.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zilliqastake.icu/http-10.35.11.js","fqdn":"zilliqastake.icu","domain":"zilliqastake.icu","tld":"icu"},"ip":{"addr":"82.29.199.222","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://zilliqastake.icu/","date":"2026-01-06T14:20:47.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zilliqastake.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 07:21:16 GMT","end":"Sun, 29 Mar 2026 07:21:15 GMT"},"fingerprint":{"sha1":"B3:33:72:8B:87:AE:E7:55:E3:4A:33:25:01:87:D5:2D:8B:B5:40:20","sha256":"24:87:62:69:0C:7B:4F:9A:41:A2:57:BA:32:65:55:54:32:CB:1D:02:7B:6C:73:84:C3:91:FD:3E:B5:43:1B:66"}}},"request":{"raw":"GET /http-10.35.11.js HTTP/1.1\r\nHost: zilliqastake.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zilliqastake.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 13 Jan 2026 14:20:47 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Sat, 27 Dec 2025 17:52:33 GMT\r\netag: \"15f45-69501ce1-ae58ad37b1bee79;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 21182\r\ndate: Tue, 06 Jan 2026 14:20:47 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":89925,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4538a5aed5c7b38d42811ddbe1edfc1a","sha1":"1d8d8e309cb3f731e4507ece9beede5a8a2a8b65","sha256":"07f65ebef24563feab15498b99c4ca8a65b5ae3be26ca3237310510c0f82c18c","sha512":"2f4b2daff7396d2e7676a1998b09992e64e7a747fe5e51e4a2a7f97fbe44d5f5d64a0cbab17b2a67e4c8da678c34447a89e40e1d0ff7a180c7fd1df55d03dfc9","ssdeep":"768:JvuoNcOQFm+IxkJQmx+942C9R97A3NFD4zUcHTps5eD77QcnZNjqYUb4iz8ck6Ov:0m3kY42C2dFMHfZN6ZfTbOV","tlshash":"59935fd5990be0e58e1120dde437e815e4284a23ceadf1a3ba6cdec1745df62c48b17b","first_seen":"2026-01-06T14:21:19.153135Z","last_seen":"2026-01-06T14:21:19.153135Z","times_seen":1,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"zilliqastake.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zilliqastake.icu/secureproxy?e=jscdn/getFile","fqdn":"zilliqastake.icu","domain":"zilliqastake.icu","tld":"icu"},"ip":{"addr":"82.29.199.222","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://zilliqastake.icu/","date":"2026-01-06T14:20:47.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zilliqastake.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 07:21:16 GMT","end":"Sun, 29 Mar 2026 07:21:15 GMT"},"fingerprint":{"sha1":"B3:33:72:8B:87:AE:E7:55:E3:4A:33:25:01:87:D5:2D:8B:B5:40:20","sha256":"24:87:62:69:0C:7B:4F:9A:41:A2:57:BA:32:65:55:54:32:CB:1D:02:7B:6C:73:84:C3:91:FD:3E:B5:43:1B:66"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: zilliqastake.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zilliqastake.icu/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://zilliqastake.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"nnxak7qfgtfbioqu5och\"}"}},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\nlast-modified: Tue, 22 Apr 2025 07:41:12 GMT\r\netag: \"119f-68074818-a4a1e4a34258f678;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1626\r\ndate: Tue, 06 Jan 2026 14:20:47 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Bootstrap:3.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":4511,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (371)","md5":"b16e9097fc7d3af8ebfcfce7aba0a42d","sha1":"2af3c8408b8445fe81d9a7c8d7cc8e8a05bf80f5","sha256":"e7db95c97a5d45787cc3e40cbcb93b748fefc65bc14e162c746e37f979861729","sha512":"53a7a2c276fbc5159231c162eb863504448515f1a078832b81f1bffeedb1c82932810b66748fd4111d1b8fb866622a5cc63e79e497227b611c90886ba45d3f3b","ssdeep":"96:tr+ulojsBwJG8YqVcqHL/GSrrLc1VhrJuzeK:tyoasBwJG8nVjaSeVhrJgeK","tlshash":"0891f88f25f381452603c99037f9b61499554007f685eca8bdee9228cfc4b8a41e3bdc","first_seen":"2025-04-22T08:45:29.599713Z","last_seen":"2026-06-07T19:38:42.408977Z","times_seen":33775,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"zilliqastake.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zilliqastake.icu/secureproxy.php?e=jscdn/getFile","fqdn":"zilliqastake.icu","domain":"zilliqastake.icu","tld":"icu"},"ip":{"addr":"82.29.199.222","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://zilliqastake.icu/","date":"2026-01-06T14:20:48.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zilliqastake.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 07:21:16 GMT","end":"Sun, 29 Mar 2026 07:21:15 GMT"},"fingerprint":{"sha1":"B3:33:72:8B:87:AE:E7:55:E3:4A:33:25:01:87:D5:2D:8B:B5:40:20","sha256":"24:87:62:69:0C:7B:4F:9A:41:A2:57:BA:32:65:55:54:32:CB:1D:02:7B:6C:73:84:C3:91:FD:3E:B5:43:1B:66"}}},"request":{"raw":"POST /secureproxy.php?e=jscdn/getFile HTTP/1.1\r\nHost: zilliqastake.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://zilliqastake.icu/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://zilliqastake.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"nnxak7qfgtfbioqu5och\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: PHP/8.3.17\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\ncontent-type: application/javascript\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 13 Jan 2026 14:20:49 GMT\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 06 Jan 2026 14:20:49 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.17","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":4310838,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f3b5ea29c453ae40cda3055cdade5466","sha1":"a440feee20ef978b2a64faa803db88119c86c8db","sha256":"565cd1fd46dbf5c7326f0e7a444174c0652f10bdd2e4a03e9616b5a53b434dfa","sha512":"93606606a7cc25a4cf0bc569f11e6c901dd7c53dd37177b652acf56fcb3d425820ba97236b2721efbe6cd42dd5f45c258511f11e7962162e12ec0fbb69af5536","ssdeep":"24576:FfLN4PcnXRAaKoZit/DhcH8QyBI7gtMgklz7uSI:ppxnu/wc/Dhe8jXtolOSI","tlshash":"692512cfd486a4c16325d162f6d7ae9ead7d005e6fda0a3e3a44bcc0b54726803d4e63","first_seen":"2026-01-06T14:21:19.155566Z","last_seen":"2026-01-06T14:21:19.155566Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1516,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":801,"receive":714,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"zilliqastake.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}