{"report_id":"6abf332a-9b27-4f40-a15f-905222b39997","version":6,"status":"done","tags":[],"date":"2025-12-02T08:02:44Z","url":{"schema":"http","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"172.67.208.69","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"title":"Поздравляем!","dom":{"size":22169,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (543)","md5":"872ac4937884c8b26f4487086d4e653b","sha1":"2a8235b2bb7f2e7eaa04b8cd04d4992ced7ff6c1","sha256":"7249c4846b772bf47cfe7d37d40b285b3e0c53f47156bb0ee048692f72324157","sha512":"4f2ed47ac5f968c2894e2774331d58b4c0f59f723cbf030dff03e2432882698c310f7d52153cfd1f0c54980784475ca7862c1ea458aea661d315a2fd04b2cdeb","ssdeep":"384:UpEhsWcpKgv0Vbg2ONz9UnKaPBr9xvpRHKaPBr9v/gwpRHKaPBr9qjFP9pRHKaP8:UpEzXOCPtPjPOLPoPMPd0PM5clMq","tlshash":"3ca2936286cd3c7a1113e0c7e8297b8e30ff0cbee9138611baff46a937d5d45a515928","dom_hash":"domhash94708e53afefe4e853e11ae88ca25680","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"172.67.208.69","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-06T08:02:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"turbodomain80.online","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-01","domain_rank":0,"first_seen":"2025-12-02T08:02:45.187038Z","last_seen":"2025-12-02T08:02:45.187038Z","alert_count":23,"request_count":23,"received_data":273693,"sent_data":12050,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-11-30T22:35:15.445479Z","alert_count":0,"request_count":1,"received_data":90487,"sent_data":409,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"638128bc505ea9c58e621e2ae25807fd","sha1":"c3118a4612de9b5b4a33fdd51b697d4c3df774bc","sha256":"9a1599ff7ae0068730b9202faa90d2d1cd395ad0b6419844681f128a262d20b0","sha512":"005dae629f2a603b2ec8fb9838403e4fba1852e3ecb1e16bcf14b7a2894bfbc61e3fb73e74c4f2b6e6ef4c28348a760cd057993c45b1878ae15a8cc6753cb689","ssdeep":"","tlshash":"390147a187890d8b7917e402ce29f92e103e36bf355b8c603c3c28957b8c17900fc5a5","size":740,"data":"","first_seen":"2025-09-20T21:31:54.167816Z","last_seen":"2025-12-02T08:02:48.997178Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T05:40:39.262006Z","times_seen":444715,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"11f12a4d16904f63af93974c3ac63526","sha1":"a683257fa767f58474410d2366f7265706c76100","sha256":"be6ff474435d510cacb847fd49c4ad752d729c7ac99fdfc82f2140be9a537744","sha512":"e180d0dda98eca00666e1ff1da15bbad32871d3cfabd979e9ef2d55ca349d75ae9189c53b7395cab21dfcef51ddb22afa7a3339b9d7824fbba5c9caeda053a22","ssdeep":"","tlshash":"1831d0518bac0486a217b1565615a75d0d3d41fa2cd74d263dfc888530ddc27e3fcab4","size":1513,"data":"","first_seen":"2023-05-04T09:21:41Z","last_seen":"2025-12-02T08:02:48.998111Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1e68c22932fee2a16592e5fc0ed01769","sha1":"b647379ab26f5b38629eebee172d4c1445a2d57e","sha256":"eae597cfed739aad823dd19a6da6c2bdaf5d27b969a31c8accfaaf4247c07891","sha512":"f19eaefb9e73ca5b4b9fca7f9e48b69c83766b1a780f2efc580a587cabad1a191e6e75ee375d5c8c429673396174a8c3880ee78fa5521cf50186bb41aec85305","ssdeep":"","tlshash":"01e0863feb4b0ad375616085876651835b72c4036d819c603d3f68617f15455c7fde68","size":412,"data":"","first_seen":"2023-05-04T09:21:41Z","last_seen":"2025-12-02T08:02:48.998578Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"dec7b0a25d7fd26b8fddbfe02a34abf4","sha1":"eb0eadf44b802dd82159383020287092e620a24c","sha256":"6050e30e8f675e7fcdf3b502ca78e74576a95e6f7e25e43e6d57f0b8d62c4313","sha512":"a350407029c4c1a247e54f6b471b439f8a247983fb30b3fb64259845c95e619dfb9924c962085930144a2ea814822a3a16c8702a106de88a9b5643cbe9c7df24","ssdeep":"","tlshash":"2d90043c47053170135300d55010c3d134fc4155dc4515153f3f15513343d0c4004400","size":41,"data":"","first_seen":"2023-03-14T08:27:08Z","last_seen":"2026-01-27T07:35:05.364341Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"43c8fc8862302d93b3958b44e5e7c133","sha1":"b5612c91662f929c7d051a5a315c6b881ff056c9","sha256":"5ac1284411c000ed91ebb15e5ccc1472ae2ae638b18c61f90fefda30b5add718","sha512":"dcf622d7905e694e1c0ece852ca3a0663a402bd8bfdd762ee77177ec2befb6a1edf24b60944652026cb9c197268370d0f22c2f0b51358fd8ec00c0f1b75a0ee0","ssdeep":"","tlshash":"7ea0027c830d9131061392195c14ca9019786576bc03a9453e1e7bc0e344d0742054c1","size":68,"data":"","first_seen":"2023-03-14T08:27:08Z","last_seen":"2026-01-27T07:35:05.364822Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"dee386963a958ebde570dbd4469d8bdc","sha1":"b69cfc44c16667155f772d6325f86d5cb8415195","sha256":"3d8ff3bc5a2a348d5eca91e97ce168eaaf400cba2f8fd25ef6d4eb3aa995c643","sha512":"c81a8117c2a1372a934f4f494ee6448e14723736fffbc65f548ee60a8a2175df840b6da2b5c5f4fedaada37496a78685d80a1b617d63b18adc12c908e0f54f22","ssdeep":"","tlshash":"bb80008000822230020020280830e2a8bab88320e8022208080b0a000080e080000a3e","size":27,"data":"","first_seen":"2023-03-14T08:27:08Z","last_seen":"2026-01-27T07:35:05.365335Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6569ed96abb2375e8d00db273b520cab","sha1":"a0716b7b8baf8ea8774d9d1367c64aed7539e9b9","sha256":"d17772b255d8f75ee7ddbd386615fe240a2f6822e2efdd8b74a40109b13f8ef0","sha512":"769045b07ca6c13096dff0cc9712c6a95678378b58b672a3d126767733047f5850a776167646f6d036c32ba9910057d3794e35dd0787fee4bde981576667d3d1","ssdeep":"","tlshash":"e2a00454074551340301101c1430d354757c4330d401111d351f07403340d05400053d","size":64,"data":"","first_seen":"2023-03-14T08:27:08Z","last_seen":"2026-01-27T07:35:05.366352Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6569ed96abb2375e8d00db273b520cab","sha1":"a0716b7b8baf8ea8774d9d1367c64aed7539e9b9","sha256":"d17772b255d8f75ee7ddbd386615fe240a2f6822e2efdd8b74a40109b13f8ef0","sha512":"769045b07ca6c13096dff0cc9712c6a95678378b58b672a3d126767733047f5850a776167646f6d036c32ba9910057d3794e35dd0787fee4bde981576667d3d1","ssdeep":"","tlshash":"e2a00454074551340301101c1430d354757c4330d401111d351f07403340d05400053d","size":64,"data":"","first_seen":"2023-03-14T08:27:08Z","last_seen":"2026-01-27T07:35:05.366352Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6569ed96abb2375e8d00db273b520cab","sha1":"a0716b7b8baf8ea8774d9d1367c64aed7539e9b9","sha256":"d17772b255d8f75ee7ddbd386615fe240a2f6822e2efdd8b74a40109b13f8ef0","sha512":"769045b07ca6c13096dff0cc9712c6a95678378b58b672a3d126767733047f5850a776167646f6d036c32ba9910057d3794e35dd0787fee4bde981576667d3d1","ssdeep":"","tlshash":"e2a00454074551340301101c1430d354757c4330d401111d351f07403340d05400053d","size":64,"data":"","first_seen":"2023-03-14T08:27:08Z","last_seen":"2026-01-27T07:35:05.366352Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/js/modal.js","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ecc9da308ca1678fa1485ec7b76cb59d","sha1":"76fc18a48e6b02c96b9394da090f7fcb202584c9","sha256":"1932d4d6a5bec137bb587c75b326c5894e7dd5b7f000077e36b1e865d59edda6","sha512":"6a8c6a0dc29dae00432275794072b96ea07abffce7ff97fb048de1cf7fbcffdb2a338b345569fabc7d62d9978f66f53b19f5c863d31a35159ae401daaeb4122f","ssdeep":"","tlshash":"e071df9838fe1264036fb57bb68b1c157a31c053a809a8607dbcbbd45ff682054fbad1","size":3796,"data":"","first_seen":"2024-08-19T20:39:57.300009Z","last_seen":"2025-12-02T08:02:48.983381Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d02347d71eb8495c4017210b89ceb400","sha1":"762433ee8b33f9a29ad43ec0e357f3fc570e75f7","sha256":"17b8be23f5ee2995259449ad69831d4a085c555ca28534aea17d17449a9c976a","sha512":"0c4560c345377ccc7ae73371b85d1e4855d7d7fbcb68667b20adc7da7c78a18168288b5bc72a76476c55fffe8123ff7daff18b6b978d915e3f5fdeecbec4b24a","ssdeep":"","tlshash":"198000e32a2228028880382e008203082a0020228020a82083380acf288803820b0032","size":29,"data":"","first_seen":"2023-04-10T16:22:19Z","last_seen":"2026-03-28T15:28:17.369919Z","times_seen":3366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/js/confetti.js","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d252f08091e7243fd80a07665739e270","sha1":"a77471e2544203125020ddfb17b6c669b54aa9b7","sha256":"3002f9679cbc1c2ac6f73024e762e9580835c7d510cf9be6d0b142ab351903de","sha512":"af6c547097a4b3cceb61d1a1c8506dfdcf71463a889b4bdbd04905541218e83faefbe8ae70ff6db07ba6d2aee8537a015cd30dc65d2328d011bfa2f67e190fbf","ssdeep":"","tlshash":"ef41349273b86c19a64751ad0f1f541c3420549d2f2bd0107632f34559ec0e6a53ff3a","size":2087,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-02-21T20:19:13.506624Z","times_seen":390,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6569ed96abb2375e8d00db273b520cab","sha1":"a0716b7b8baf8ea8774d9d1367c64aed7539e9b9","sha256":"d17772b255d8f75ee7ddbd386615fe240a2f6822e2efdd8b74a40109b13f8ef0","sha512":"769045b07ca6c13096dff0cc9712c6a95678378b58b672a3d126767733047f5850a776167646f6d036c32ba9910057d3794e35dd0787fee4bde981576667d3d1","ssdeep":"","tlshash":"e2a00454074551340301101c1430d354757c4330d401111d351f07403340d05400053d","size":64,"data":"","first_seen":"2023-03-14T08:27:08Z","last_seen":"2026-01-27T07:35:05.366352Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6569ed96abb2375e8d00db273b520cab","sha1":"a0716b7b8baf8ea8774d9d1367c64aed7539e9b9","sha256":"d17772b255d8f75ee7ddbd386615fe240a2f6822e2efdd8b74a40109b13f8ef0","sha512":"769045b07ca6c13096dff0cc9712c6a95678378b58b672a3d126767733047f5850a776167646f6d036c32ba9910057d3794e35dd0787fee4bde981576667d3d1","ssdeep":"","tlshash":"e2a00454074551340301101c1430d354757c4330d401111d351f07403340d05400053d","size":64,"data":"","first_seen":"2023-03-14T08:27:08Z","last_seen":"2026-01-27T07:35:05.366352Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6569ed96abb2375e8d00db273b520cab","sha1":"a0716b7b8baf8ea8774d9d1367c64aed7539e9b9","sha256":"d17772b255d8f75ee7ddbd386615fe240a2f6822e2efdd8b74a40109b13f8ef0","sha512":"769045b07ca6c13096dff0cc9712c6a95678378b58b672a3d126767733047f5850a776167646f6d036c32ba9910057d3794e35dd0787fee4bde981576667d3d1","ssdeep":"","tlshash":"e2a00454074551340301101c1430d354757c4330d401111d351f07403340d05400053d","size":64,"data":"","first_seen":"2023-03-14T08:27:08Z","last_seen":"2026-01-27T07:35:05.366352Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"aaf1ab536aa11e6fcaa2315da6f72259","sha1":"b9112a211f0a8eecadcc9f351102347e386e3122","sha256":"261fa4007c7cdf02d624977f7cc3194973e0999d78d68a55ed8b1fa7b05546e2","sha512":"38ffdf3bb1c5ce8069a9a6a1e85bfa91fbe6ceed6cd92c16bd7ffe53cc1e781e0b734faf24fb8ce79f106d90feec0643534974aebd342ce8ecfaffbae237e004","ssdeep":"","tlshash":"7d71f297f75518307a8ff57ba86f554c3a316113ac03ac00393c45ea3bb9991d4fba98","size":3633,"data":"","first_seen":"2024-08-19T20:39:57.32334Z","last_seen":"2025-12-02T08:02:49.002867Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b258208de717173fccc427b897b27958","sha1":"34ea1df734fb6aa682d6a5c13e78e38ded33eb86","sha256":"951ec584f2eea46f75575cb97e74dc54dadee98657a10596a2cbe4168246d6ac","sha512":"2816d5702133c224e13caa9e017523c2923545cc88768129530f2d981947297af9f37855709d556ce1e88ff62103f9c7e0ebe8f52f41c514e6b6e82805a168b5","ssdeep":"","tlshash":"36f059d4ebdd34ff823a30c4d88b51c8191d30f7981298a3b929822405c8edc93d0d5b","size":549,"data":"","first_seen":"2024-08-19T20:39:57.324102Z","last_seen":"2025-12-02T08:02:49.003844Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0d0131bdaefb840607d6c69a2aac5dff","sha1":"7f30fb9ebe58b014af9c133246e17297f457d4a4","sha256":"b08f4a0c04bf1ae922fbdf4e285448a4bc2e876115a141abdf62deeefb5b65b1","sha512":"41c993a3e8d824f548aab347875fabbd023fde470bdf74ab365ac04ddc6aea1890180fbae02025fd24b0317d8b65769ec17ca844b1b26a5571897b6cf43096d2","ssdeep":"","tlshash":"b4e068ef25b004714bb372b19ebfa914167f32cf2087604194b90581249578f674acc4","size":369,"data":"","first_seen":"2025-12-02T08:02:49.005055Z","last_seen":"2025-12-02T08:02:49.005055Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/js/scripts.js","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"65e04289362ddc59ffeb98111af77930","sha1":"f3091be46280d8b6c418f43efd3e3030dfb1416d","sha256":"9ad73cea868eb5e4bda8476e633833dcb19ff814342e1039ebcbb676415fa7ce","sha512":"b407250775e8e9e297c6313b1bdcbf127596b7090d0e7e1ab29c8053c277b074096b1181214b59433dea015fc8a17b6951634031e1e4497525aaaecf5e50477e","ssdeep":"96:X6+mkuT3i2wTqN1zaaaSJsGLRGlzyPj/XtkMTGN:Zle2waaaSLrLX3E","tlshash":"f991a782328a447d028623b7727f79086f7b507dfe5d111564b8bd2839e1e1b33ea9d0","size":4575,"data":"","first_seen":"2024-08-19T20:39:57.301411Z","last_seen":"2025-12-02T08:02:48.993423Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"2ec92fd1bccb333b67912d3d00691783","sha1":"064ee2b0754570915cf7ef15ce89bc80b1af961a","sha256":"0b13b6a2509b0698c71cc133326ba0d9b4c76c2f5e9fb3cf2fd07eee46bc99de","sha512":"a002bbb208cce986caf86505227f5aaa21c2ddd9e03b19e9b8242e0e219b376511c6f35fc1d1948515062ca5c7dd7525366ffb7eddb2c11070835f75778648e6","ssdeep":"","tlshash":"077000030aab0800000aa2e0ac20c28880b0000cac0320882220c020b00b0c022a08aa","size":23,"data":"","first_seen":"2025-12-02T08:02:49.006083Z","last_seen":"2025-12-02T08:02:49.006083Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"79c8119ec328a3f3e4eb73ed3aa5cc48","sha1":"be9959d04b28f78fe29195b6cc4c41ada18b740d","sha256":"3029d721ba8ccfae238fe2ec3ffc7f2d3b7dffa2f5d32f595ac8c859e2e99ea7","sha512":"9a35509695dc285299f0b7f7a45efe3916e67810abfd42da2448e1d9ba2bd1d89c2b1a61ce376395f2df7609b37ef96c930b337c924aa014526a308a94c9531d","ssdeep":"","tlshash":"244000000c000c0000003300000000c0003000000c0000000000c030f0000c00000030","size":7,"data":"","first_seen":"2023-03-09T22:17:29Z","last_seen":"2026-01-27T07:35:05.368499Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a85bc2d69a5453871a5732c1e4862427","sha1":"4e5efaad0fe9e8f1c3ca60e3c897ca33d76d7999","sha256":"ee29d4947e44ac102cfa765ad59e814fb932f75cf59fc5437b2c994f512710b5","sha512":"30312055eda68a566c30f133b82e5957a3f1bb825f7f293ce4e61b529db52f8782b1ca3aebea751ce4516da3286d60e413f9331620e950f3b41bc6c3b87ff452","ssdeep":"","tlshash":"d26000cf03000000000f0c0cc00c030000c003000300003cffc03000c00000c0330ff0","size":13,"data":"","first_seen":"2024-12-23T08:02:57.664186Z","last_seen":"2025-12-02T08:02:49.007962Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/sprite.png","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:23.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/sprite.png HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://turbodomain80.online/landers/ozon/css/main.css\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:23 GMT\r\ncontent-type: image/png\r\ncontent-length: 1688\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:14 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca52-698\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s6j8hTI2CaR2LrRU7Jb8rEMZdaq%2F%2BBOtJ9hLvIBYaQWcFjvdMtViIlA7Wn6Bo2%2FOLUfjOiEkNBKgBEyy2DCaWkVDc4QaW4wJi6FWYjT7td%2Bkowpg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3e9ad74e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1688,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 360, 8-bit colormap, non-interlaced","md5":"aad03737463aa556537bb7f389c63b0d","sha1":"ce66e06c100177343e07601a8d08c64cbbfcbf40","sha256":"37eb737c2d454b3ad7637228a7c8bebf3b327796f1cb74605e148b2165671ffa","sha512":"0796f47c51ac921916ff4f0fc170964a03002d6028967ec39e0fff24166e7ade7b5ee9e5830973899b65df0718d281eb938436e2b36241a788626dc1d2ab98d7","ssdeep":"","tlshash":"be311dff5260266ff7774db084206ecd3ae5450523735a6a1474717047c30fc5785047","first_seen":"2023-05-04T01:50:38Z","last_seen":"2026-03-28T15:28:17.347193Z","times_seen":1144,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/css/modal.css","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/css/modal.css HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:10 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ijf7CdSRV2bTM0n2QUaVoRXtxfGUIrk0HgrMyO3w5VcviikNQBEM9XASZK4WvE9WUE94U9EHxSumnnB9R5NKB34QP7EIr4QLxTltcqDCwIcoAEEm\"}]}\r\netag: W/\"691eca4e-79b\"\r\ncontent-encoding: br\r\ncf-ray: 9a794d3cad144e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1947,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"734545cfab281bc1f83dd38911e8395a","sha1":"abdfeb8f970b25e005035187dfd135a67feb9636","sha256":"aaafecf96f011246e805db6072c1d5c8186c98f891f90895ce87210cc4df1ef0","sha512":"bcabf23a8a42ca0a72c7bda673275c9004e6d67f154b590b569a437723384bad731bcfbdd9a8f3715f46504d09df11f84c89f2997768fd6438bbcb1f28461a8c","ssdeep":"","tlshash":"a64121a15f6e2104b55fc16a3961af4a53a95093d42ed93fbef5200c8fc82d4a4a3bc8","first_seen":"2024-08-19T20:39:57.299284Z","last_seen":"2025-12-02T08:02:48.981931Z","times_seen":10,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/5usr.jpg","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/5usr.jpg HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5340\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:12 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca50-14dc\"\r\naccept-ranges: bytes\r\nage: 6461\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jSn6i%2FXlfxpuIt2evCXxRBMhIBCYhO02prN2nQTNn9vfvzreoU784n2nnM1cFJOSrKpGBaJ8T5e6O1fAX%2B4dcsx%2BiVHn6HcUP2MKhFkr%2F%2FY1E%2Blx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cbd2f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5340,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, PhotometricInterpretation=RGB, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 50x50, components 3","md5":"1081cf5e5653fbbd3a58230658e2c03f","sha1":"63f17eea14a1e5d69bc3f693773908fdd05881fe","sha256":"74afbb40ee27adf2455d7c49c41fd32d22aebc0a4a524e8d03d80bb9641a09b5","sha512":"e23192d635150b111780aa5d98c852a4a9178e75955948421ec5cca18aa82eab9a2a6a951350a421f2263a1ec868958a9374bda1ace9c4f4a29c9a83b9187d40","ssdeep":"96:oXEnxTcaq3QzOn2tJybXDqpgHBgrSGrqC:wchq3Qan2tJiTqFrfz","tlshash":"00b13c172b42439be12f1a75245123775b9ee59c36953f123bdcc4d1ef20ce16248f8a","first_seen":"2023-05-04T09:21:41Z","last_seen":"2026-02-21T20:19:13.49134Z","times_seen":322,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/js/modal.js","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/js/modal.js HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:17 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TTR6ws%2Bhn6T90E2Kea3Dn5m9dcSpJQpyKNqKd4rUbamlnT%2FcYoNGbqg%2BqtaNJe2ht1GxaR0A0uqPD92fki2kq2zegDMiqe9HwbLqTjult0c4cA9N\"}]}\r\netag: W/\"691eca55-ed4\"\r\ncontent-encoding: br\r\ncf-ray: 9a794d3cad164e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3796,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"ecc9da308ca1678fa1485ec7b76cb59d","sha1":"76fc18a48e6b02c96b9394da090f7fcb202584c9","sha256":"1932d4d6a5bec137bb587c75b326c5894e7dd5b7f000077e36b1e865d59edda6","sha512":"6a8c6a0dc29dae00432275794072b96ea07abffce7ff97fb048de1cf7fbcffdb2a338b345569fabc7d62d9978f66f53b19f5c863d31a35159ae401daaeb4122f","ssdeep":"","tlshash":"e071df9838fe1264036fb57bb68b1c157a31c053a809a8607dbcbbd45ff682054fbad1","first_seen":"2024-08-19T20:39:57.300009Z","last_seen":"2025-12-02T08:02:48.983381Z","times_seen":13,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/favicon.ico","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:23.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 02 Dec 2025 08:02:23 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lsv9KDzUxDc798W1wj8OxJEmOvHC2zUB%2F9HD2DrDpln9TBaEFtBuh%2FORj9ASUko%2BeGouNJrk98ymbCQWl6NVVNmxlT7efq6h%2F14BpktX%2B1cFBjTk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9a794d3fee544e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8259bd2dc96b69fffb7c7e1f3411275e","sha1":"e945be7ea901f4a7cf170e184711c81bcd3527e6","sha256":"c375e42b6328de1880de1424a93267d573a1afa2ed37f72a35d8218f6880dd58","sha512":"b6c638e4421bf99ca1c8156247c5af6233e696f956f72cfccc88ac1521bc3d9c4ec6d2fc33e9ad78dd7eb95735543d9eea96dd5caa27878b8bc5c6a5a7dcb8c9","ssdeep":"","tlshash":"48c02b2d35137c4cc5a3317432c37080c0da833764ba41128440800331cf2a98ac7397","first_seen":"2025-05-03T23:55:22.499243Z","last_seen":"2026-04-03T23:36:47.794386Z","times_seen":17227,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/card.png","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/card.png HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 69869\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:12 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca50-110ed\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ITAxQJ0Zn9LtsLqh1dY%2FWgPFZDJp0zdkMclL8yxEv9zos%2FTBUW%2F9qI3mUA16WhYhdQQPLBJuk2LppRASUUlQlTiUPZ92peqQSeIu3zEHRzbBtlEn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cad214e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":69869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 282, 8-bit/color RGBA, non-interlaced","md5":"668d200fae2a45abe3c3db6aa4f3ec0f","sha1":"76e509b2bf92e239893c822e4361ebbb174ef30a","sha256":"8f58c40d8d4b7d17af723b24df1bcd8c729e415bea942dfdc7b9227af813f5c6","sha512":"eb157d4f2ed0c55b7f2512f2c0f483c91bf80b92f5b5f858601fcdb75188a089356217c5a2470fc7b7d8b050c4d54fa2b86a1567aae99b7a610564b5c72a51f0","ssdeep":"1536:fKr26X8YVH+OCQ39vjsIprYv0JJe5xjjCrYVMQ4xUm5fDaHH:SS6X8YVH+On9lrYcSfn5VixU0DaHH","tlshash":"bf63023f2129a9ddd49720bff1cc03dee640eaf2249a5092f771353dd446a2a7f550a4","first_seen":"2025-09-20T21:31:53.890533Z","last_seen":"2025-12-02T08:02:48.984378Z","times_seen":7,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/js/confetti.js","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/js/confetti.js HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:17 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oqSJ7Jrpn2CeP6kgIhb8GftyHaqXQQklyCgYbtey02J9jiazKbjeslluuMC3LgU2kirogKV%2F9JBCyxYJomUsbVQiEX2vVMjTIBDEMSGP9beQhYA4\"}]}\r\netag: W/\"691eca55-827\"\r\ncontent-encoding: br\r\ncf-ray: 9a794d3cbd414e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2087,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2087), with no line terminators","md5":"d252f08091e7243fd80a07665739e270","sha1":"a77471e2544203125020ddfb17b6c669b54aa9b7","sha256":"3002f9679cbc1c2ac6f73024e762e9580835c7d510cf9be6d0b142ab351903de","sha512":"af6c547097a4b3cceb61d1a1c8506dfdcf71463a889b4bdbd04905541218e83faefbe8ae70ff6db07ba6d2aee8537a015cd30dc65d2328d011bfa2f67e190fbf","ssdeep":"","tlshash":"ef41349273b86c19a64751ad0f1f541c3420549d2f2bd0107632f34559ec0e6a53ff3a","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-02-21T20:19:13.506624Z","times_seen":390,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/icon-mail.png","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:23.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/icon-mail.png HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://turbodomain80.online/landers/ozon/css/main.css\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:23 GMT\r\ncontent-type: image/png\r\ncontent-length: 279\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:13 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca51-117\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TEcAHgI77WsHa1vKridkbSPkXLORNX9uV1ombuGfN%2B4RVncF7rWjFSmvyQhld7p5ewCDzXMBLoryMLY2xOW9sP9SABw2Tlzq%2BhiX1tQPNyx9o1e1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3e8ac24e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":279,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 32, 8-bit colormap, non-interlaced","md5":"9835411adc549e17f7cfdc83a2e4aa42","sha1":"c90593f808c84297502be1bb7bd4a524fc74e5a7","sha256":"6314ac94872c76d8fba23bba062b0084de4902a7465c27e24c69f22329abf6dc","sha512":"b55f6ce987725393849648cde7ed65e6ba3342978aa7eceb851d9715d68986d0c46fdd9f7a63aea5f37230fd01a1507fc531e994351dd4a00d4bf5d4090968ea","ssdeep":"","tlshash":"78d02ec79a82acb0d8a8a7a2032b06a288010d7341a582249200ba240ab1890d4a22c6","first_seen":"2023-05-04T01:50:38Z","last_seen":"2026-03-28T15:28:17.342217Z","times_seen":1111,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/usrs2.jpg","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/usrs2.jpg HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 882\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:15 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca53-372\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZXItn1PfZe%2BxBJNosDJB52aH84HDJ%2BfqcMNef%2BO6fTe251VFz7w4tMT%2FmgnArcnKjOJ9ZN3rMWUPI%2FmIJVEVH7s5WlgdHe7ckgKpKVSJPBJM56X2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cad264e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":882,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 24x24, components 3","md5":"207da600a6688405aba5971926a253c6","sha1":"be25b2041157fbdff20e48d49e8063105c9e1f0a","sha256":"0cef7673d671be586ddb3eb27a367f1b260e900891d70509ca1cdc3fc04532ba","sha512":"7b3ba113fccd2907a574e9ff47480b72c3e10febe8b18d881a7c872bbb58442f145a51426cfb0cc8e7d8fe0113e5224d09c8c20c2619b7feafb9cef8b67465ab","ssdeep":"","tlshash":"161165770e00ca90cd1514b747a3471ba3cb5b5c65bf8f4e10e17cc5d5b9587380960d","first_seen":"2023-04-11T01:34:04Z","last_seen":"2026-03-28T15:28:17.351767Z","times_seen":893,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-02T08:02:22.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type= HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jzKRQt0NMZQ7oS6liWub%2FVNL3vR3JgFrptmfIR69xoIMqHkimXFka3LiWueYgco0866rHmnN1sGQbGQwYsla17%2F9LIYrQwWtxWwJdvaZv3D%2FS4wd\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: uclick=gm37qq3y; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Wed, 03 Dec 2025 08:02:22 GMT\nuclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Wed, 03 Dec 2025 08:02:22 GMT\r\ncf-ray: 9a794d3a6828b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}],"data":{"size":21394,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (391)","md5":"385b2f6e99bbd2cc281b3ff8a668fb24","sha1":"32e5736dcac57040c8cb026f14534f4a529849eb","sha256":"1c09cab0a80a051c44136f9ffa78e1b9934a03d1c45d78484590cd56d7c70fef","sha512":"df6901a50b0de871175dca8b2e5cc6b6a014de7cae3486d276db7c57b557ff06591f7449d23e5bc7e585c211d973b47892d8d6695b36bb3f2d6b84e60d47ea0c","ssdeep":"384:GaEgAWc0Kgv0Vzg2ON1U7KaPBr9JvpRbKaPBr97/gwpRbKaPBr9ijFP9pRbKaPBN:GaE1XOqPlPrPmHPIPUPdEPM5ceH","tlshash":"ffa2626186cd3c7b1113a0c7e82a7b8e34ff0c7ae9138611faff46a937d5d41a515928","first_seen":"2025-12-02T08:02:48.986852Z","last_seen":"2025-12-02T08:02:48.986852Z","times_seen":1,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":24,"dns":4,"connect":1,"send":0,"wait":99,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/usrs1.jpg","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/usrs1.jpg HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 995\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:15 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca53-3e3\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vOjZJddnoMa8EgjJ2vOCJSxRgiJRNSItezsqaK0Kx2ClvQFpcsMx%2BE8vuvemhY1rdGT4NiGp%2BLvOft3eeMX0roSUJHvpJxRdTV6a%2F2z6Hgc6L0%2BX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cad254e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":995,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 24x24, components 3","md5":"c9bf35932083d0f7709882c8aef8c1a0","sha1":"5c465b270a14ebbab5a66ddabd4387585df0f295","sha256":"0e3817ff1d2e1ed6dc399a22e4b49363f75d2a0a79eab5eb287a2d25efda80ae","sha512":"8f44903ed928a1eb643b36f64a099ba5a835dd57144613e194897c948bb73fa046336d6a6a7299f9944575f0d72bccdb361dc36cca47882edf21aef26cba3a60","ssdeep":"","tlshash":"8d11567b58b7b628ec90517915a4c00756093a67a70db75f00c585a2e9d30cffd8026d","first_seen":"2023-04-11T01:34:04Z","last_seen":"2026-03-28T15:28:17.337894Z","times_seen":888,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/6usr.jpeg","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/6usr.jpeg HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2030\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:12 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca50-7ee\"\r\naccept-ranges: bytes\r\nage: 6461\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WlHX15TJVqR%2FBRje2NRXfRa%2BPYYz3AgObb9%2Fv7ZdQJ0VG2kVen3R1L4%2BlVakuXvQHTN8kVZPKNhfd1XjUe%2BTN7PPI%2B3CNlNGkK%2BZNrEQyrg%2Fwtcb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cbd2d4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2030,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 90x90, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 50x50, components 3","md5":"efe3b9fce581745f7f1792fc7110df92","sha1":"a7379b3ac1062c146dbd821bc5e8476d1159f8fb","sha256":"f3ff12d57451974586a5bbf01232ff7143cc0c95ac8042eb35c1636f5432f96a","sha512":"d8df65edb0e087cfc99ac2b53e317ed9f36e716a5effd5addf81d849d270836d5bb9afdda615013a39fed1a424b2ecd349802fc473cbb2e6624d8b7a2f82dd86","ssdeep":"","tlshash":"8b41e8097b56c226fabaca7248a656833df26cd7a841078ffd3c1060df402d14ea9a04","first_seen":"2023-05-04T01:50:38Z","last_seen":"2026-03-28T15:28:17.365997Z","times_seen":463,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/msg-icons.png","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/msg-icons.png HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 2047\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:14 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca52-7ff\"\r\naccept-ranges: bytes\r\nage: 6461\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S%2BO%2B9%2BbFVaqWzBXom69r%2F%2BMjbNmtxZ1A9UL1DftLzhkMfKmEMlPnIcvO6U56HqfsPjLjlLNZtJmClg8nwXD8kbsIw6ivShbK1fZiLY2Xag33Vn%2B3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cbd3e4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2047,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 76 x 30, 8-bit colormap, non-interlaced","md5":"770d317bc385da31c2538c66c7ff9404","sha1":"2f9472649ba239b64423c99b995ee4d7be6b715e","sha256":"6092e790e8edcbe2cf814095a5efd7c1fc0317af4673855e4a9a2b0e0f694e93","sha512":"bb2b116a5f8f159c2b7221478648ffba48cd23ad8e166ee6293badcd620d900f7c02d080714e031191e473d4025c37464865e31ecb8ce4d1db7791fe3ffc7644","ssdeep":"","tlshash":"e6412a9809a114140dec0e0913f2388e321bfac67231ce5954d1b8fcda837df3444145","first_seen":"2023-04-11T01:34:04Z","last_seen":"2026-03-28T15:28:17.350436Z","times_seen":897,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/icon-menu.png","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:23.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/icon-menu.png HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://turbodomain80.online/landers/ozon/css/main.css\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:23 GMT\r\ncontent-type: image/png\r\ncontent-length: 156\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:13 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca51-9c\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7R%2BGt%2Btrb229RAEqq6RaEW4hxJXEh477vqrYQArHse7w9xh6N%2FP2gGet3NXV0tRonxGYoC16CHmOKn%2FBtsTeDyVCKbzFnzpLNQOw09KYMU%2FJI8P0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3e8abd4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":156,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 36, 4-bit colormap, non-interlaced","md5":"ab76dd7d2f4b9db14ed75a76107598ce","sha1":"ba50ae179973afebfccbb1fe8b4566d94b54a814","sha256":"2d19d22c105a43bfcd4dfc2271980939375ef21e09489c489bcfc9b94eb15bef","sha512":"b63718079fc41cf4080bdb05c7edf6e06a9ccf001b7179718c5072d61cbb64446ddd1559ed0cde342bdd4313662555ebdb924b1ed401ce98f47e6b7a5600e57d","ssdeep":"","tlshash":"a6c08ca266042c30c1ab0963016a80408d402c345e32839ab04a7420acf802e0198282","first_seen":"2023-05-04T01:50:38Z","last_seen":"2026-03-28T15:28:17.366561Z","times_seen":1116,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"86:F4:DF:07:D6:8D:EF:68:44:7A:73:C8:39:14:1A:2F:98:5E:A2:40","sha256":"A0:B7:4F:94:25:40:33:52:BC:F7:0A:E1:AD:30:BD:19:C3:E9:BB:25:0B:05:26:7C:F8:BB:F0:59:3B:E7:F2:8D"}}},"request":{"raw":"GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31017\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 30 Nov 2025 02:43:30 GMT\r\nexpires: Mon, 30 Nov 2026 02:43:30 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Wed, 10 Mar 2021 14:28:09 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 191932\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89501,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-04T05:40:39.262006Z","times_seen":444715,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":120,"dns":3,"connect":27,"send":0,"wait":28,"receive":29,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/2usr.jpeg","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/2usr.jpeg HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2477\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:11 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca4f-9ad\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ONrNyrnm%2B37oFBqMSLd7yy6G1%2BlzzcAanOEgmVuiY98n2ljDOOgPy%2BmvQ4FBHCAlkBIPDTJ5ldRMtQdRZ9PByOxJwc13MU4FqFshr7e1tWe29Ley\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cad294e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2477,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 50x50, components 3","md5":"ba6a9393f7aed8067c73893e0fd6d58a","sha1":"a77804ba8eeacd122d10c787c2c51744ea24cc45","sha256":"b5c2ba64961be768794dc78470de8eb688f01300f6adf317c3ab91d8ca93be92","sha512":"acc77b316af079d9f83744d3873e44618f10b735d15655897f300b54662df37ed521f54735f4368deae47091311073e756cfe4ed1a647343dd4fd30b05b8f4aa","ssdeep":"","tlshash":"b7511b29579663d0f85bc4baf5329f5395daeec92a9045031dd402d0dd13b60bc6bf0b","first_seen":"2023-05-04T01:50:38Z","last_seen":"2026-03-28T15:28:17.363446Z","times_seen":463,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/p-clip.png","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/p-clip.png HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 2445\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:14 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca52-98d\"\r\naccept-ranges: bytes\r\nage: 6461\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JDOv213o52nCLzLQ5YcRsteW9RrJZdAtiNHnrenAlG24wme12xH3nOLnbpg5HWqHl%2B65Fw6pllxERJl7a5J7c7KucwgWqLEIbKHNTgdXJwCzwklH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cbd394e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2445,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 59, 8-bit colormap, non-interlaced","md5":"0650d2120ba512d13badb739eb3bcb2f","sha1":"ca501dbce36ab62896b57c043b7690bfc1b7f0c3","sha256":"292ce5b88f14029a90f59f9ac004b7aeeb353b43637870ff4b19ddd0228ab4c4","sha512":"69c8278dc47567f5ba6880544e3ea27f00bfeaf4be91cc9f2544808207e2e35c52345f3b620c3b3df9f80739610aa5a15c9f219a13f75d76279a92bae2bd7ff7","ssdeep":"","tlshash":"bd513bed338b9daa53fea3d834ee49e000e95d94c24bd4f40804345957738ca4c5c370","first_seen":"2023-04-11T01:34:04Z","last_seen":"2026-03-28T15:28:17.354677Z","times_seen":912,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/koleso.png","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/koleso.png HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 99146\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:14 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca52-1834a\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6CjY96znJTcJlWjrQnJILf1ljMancI%2FLlgHOUQk5recJ6oQwlC61Gq82kzU9fBqL4ykhaP0qkAbrFbN9x%2FAN3Rixp1xxVGTPu5kZcS0PEDwExmvL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cad1e4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99146,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 380 x 380, 8-bit/color RGBA, non-interlaced","md5":"867206802705c8eaf96931cc01146784","sha1":"2fb8cfa35e5a489886dcbe708d72d4fb9c991b92","sha256":"113124a45ff03783d50917afd0f4a6a88b5c22084f2ff0260d835674dccb325c","sha512":"8f587f99c7d5b126fd45865ae577d35d2a0a1c5dd70b0c0250f6cd5594e66422348123e948fa98fc8ccf0cd016da6f28c0dd9b277e65acbec1af4f91e3b06f26","ssdeep":"1536:oqNlDy5qExoU+9PzjkX4G0lQPsI4AmG8SHRrOJoMb5TjswzTkifyxmT/5u7A0YRx:LDia9UoEPsf3kabds0kifDuU0ALys","tlshash":"eaa312c459ced86d3d918247d201ae06f4c640aca70952e973efb356cfc9ce98093e5b","first_seen":"2025-09-20T21:31:53.745567Z","last_seen":"2025-12-02T08:02:48.991893Z","times_seen":7,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/1usr.jpeg","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/1usr.jpeg HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1766\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:11 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca4f-6e6\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o2XmEBHuBSw44G4%2FaLGqL2QDobBhTtlzIpojZ3taCsY6x1BrtMlhIa%2Bos0sl73vGwl%2B8KUCJIliLCcs%2FmT0HLiKcQrV%2FLBOu763br8QYI7yb16NG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cad274e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1766,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 50x50, components 3","md5":"247a37f224ce7bd3447eb5387798a3c2","sha1":"7afe3d0ade794d9145daa8efd21f046a21b52a61","sha256":"85e95e640ae383597b7b68717342ed162cfffb2806dc509513225038ecd11f1b","sha512":"66cae93c3939a72e3a6a67ad5b86bd1640b5c16a175434523eb45f1334ff859a55b105be3612fa0fa2d6b20b7ab687b9efb1bce2992d5f26d17ab26f96a0eb47","ssdeep":"","tlshash":"8631da551bd6c331ed52cff79ee52387f28dd8827e5043062455c960df06599a38ca0c","first_seen":"2023-05-04T01:50:38Z","last_seen":"2026-03-28T15:28:17.343975Z","times_seen":464,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/js/scripts.js","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/js/scripts.js HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:17 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xAD5GALhEqtTbUSMlzjO6ZcRHi9yG5%2BPhYht7kj3qWhZiF1cQ6AahBXYwIZF5ElwqScA9sevpFCHho1r8XfPpzdMWdXk1GYHyHyoRgfRTS%2F8DIP%2F\"}]}\r\netag: W/\"691eca55-11df\"\r\ncontent-encoding: br\r\ncf-ray: 9a794d3ccd6c4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4575,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"65e04289362ddc59ffeb98111af77930","sha1":"f3091be46280d8b6c418f43efd3e3030dfb1416d","sha256":"9ad73cea868eb5e4bda8476e633833dcb19ff814342e1039ebcbb676415fa7ce","sha512":"b407250775e8e9e297c6313b1bdcbf127596b7090d0e7e1ab29c8053c277b074096b1181214b59433dea015fc8a17b6951634031e1e4497525aaaecf5e50477e","ssdeep":"96:X6+mkuT3i2wTqN1zaaaSJsGLRGlzyPj/XtkMTGN:Zle2waaaSLrLX3E","tlshash":"f991a782328a447d028623b7727f79086f7b507dfe5d111564b8bd2839e1e1b33ea9d0","first_seen":"2024-08-19T20:39:57.301411Z","last_seen":"2025-12-02T08:02:48.993423Z","times_seen":13,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/spin-btn.png","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:23.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/spin-btn.png HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://turbodomain80.online/landers/ozon/css/main.css\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:23 GMT\r\ncontent-type: image/png\r\ncontent-length: 2902\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:15 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca53-b56\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VPlk1bOMBviZF94yghc7yBr1zqoEKNcKOj6YcCKudQ4bdY7QCRxSZlQCc%2FS9%2F1Vm4q%2F2ehy6d2tTgt3IFB0XAGY5aM7OzHxTlGUWXXsSJxDsdWUI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3e8ac74e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2902,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 142 x 173, 8-bit colormap, non-interlaced","md5":"179983598c0105247ced371aa7a0c63d","sha1":"579afe76b9fcb3282783e0f0a13d14af7317b1c1","sha256":"35cc5a6a01986aaa5c716b507657218d84e871a2934964a9da0ef7cad8ce65b7","sha512":"45b71210d93dd84cdaa8ce870f7d902dc93ef1822d53bef5c793198ce8e9768b5758040925f38339ba8854c98069e5a3088546cf5fb3a4413102d19df1a875e7","ssdeep":"","tlshash":"f4514bc863d82902f9f5f6b768d85c1271b34d3b4840b3074da419322fcea2f598e95e","first_seen":"2023-05-04T01:50:38Z","last_seen":"2026-03-28T15:28:17.354091Z","times_seen":1156,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/css/main.css","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/css/main.css HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:10 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=inN8zZw%2BX7YyDEgko0cWjqSRXKwo8Y57hL6KGz3cwgLb6jRO%2BL2kBpA1r3yK9lPC5wAWdsLRv4bMDYgpUUXNxRqImrqO3A%2BVU89FghMm1Cca4wdl\"}]}\r\netag: W/\"691eca4e-5f78\"\r\ncontent-encoding: br\r\ncf-ray: 9a794d3cad0f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24440,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"9a8283e4c8e18971c4fb8220c282a6bd","sha1":"d99e40fb8e95c770a24b3ae5507f8e2d654f28a8","sha256":"9d5ff4c728060fd35cf18ca91fbd3803a254105fc518308c837fd1bd9ff5f1e3","sha512":"ecd4e86b0cff91ac20c017742e2acd3f6cef9b49234d63320a7ae1130627ca44891380fdce8d35576f7d0693dfbc6ad12e79afeb651855098afb0b6ea0016e5e","ssdeep":"192:0SBv7ElsIF37bBi51mGi51m1jmKWjmKZSH/pSH/9XFRzimJRMVoII4tbhvjzTryE:L+F3pFRuOP6v/VT93agr3F/FT5KTM","tlshash":"85b285a6aa931948b11fc5642bee0b2833388043550fddbe7bde345ccf869d851e6f49","first_seen":"2024-08-19T20:39:57.298153Z","last_seen":"2025-12-02T08:02:48.994461Z","times_seen":8,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/3usr.jpeg","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/3usr.jpeg HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1919\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:12 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca50-77f\"\r\naccept-ranges: bytes\r\nage: 6462\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Iwjxmkveg2Nkr%2B0Xk1XzfbAStDXImZpbYxEtKpPw7w%2BIzz84egL5GBZJEy3CfWN7WgDHW1lqVJQyLXZ5keMVKgrhmLLYWSeYO6gjJQ0LzbrTaNG%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cad2b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1919,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 90x90, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 50x50, components 3","md5":"7dc86a8cf36dc04ee989d08a7881001d","sha1":"399265b5d639a1dfcd41adc5e0b368f083597a0e","sha256":"d5626152be36c54393031dae3f5205f2e83dab82908325b94ea855e392d6da90","sha512":"b003566a7fb046db51d14bc42bd0c9629192f21d6832c7491bac2fdbaa54b1e18148a2a51db6c2a8250c9d40322c682a4c812893f1781b9e1f356a0c43628c09","ssdeep":"","tlshash":"c9411b1bd765d843e5d05f3e06e2c304bfd79d676540c397ba9902e1aee87d18c50b41","first_seen":"2023-05-04T01:50:38Z","last_seen":"2026-03-28T15:28:17.344507Z","times_seen":499,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"turbodomain80.online/landers/ozon/img/7usr.jpg","fqdn":"turbodomain80.online","domain":"turbodomain80.online","tld":"online"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://turbodomain80.online/click.php?key=xy9hf0dwuy6y9kz626gz\u0026visitor_id=1019630692276903937\u0026cost=0.000100\u0026zoneid=6146254\u0026campaignid=9822237\u0026bannerid=24337295\u0026user_activity=low\u0026zone_type=","date":"2025-12-02T08:02:22.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turbodomain80.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 01 Dec 2025 13:42:21 GMT","end":"Sun, 01 Mar 2026 14:41:05 GMT"},"fingerprint":{"sha1":"A5:C1:7D:F5:1C:DA:F1:EF:E8:4B:8D:96:48:EA:6C:CC:80:02:B9:FB","sha256":"C3:91:D2:C6:2C:F2:8D:E3:86:D3:E2:B2:EF:FA:93:65:3C:C4:E8:98:61:B0:50:AA:60:22:8F:73:6D:EC:50:59"}}},"request":{"raw":"GET /landers/ozon/img/7usr.jpg HTTP/1.1\r\nHost: turbodomain80.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uclick=gm37qq3y; uclickhash=gm37qq3y-gm37qq3y-dutw-0-dumy-hep23y-hep26o-e39dbd\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 02 Dec 2025 08:02:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5179\r\nserver: cloudflare\r\nlast-modified: Thu, 20 Nov 2025 07:59:12 GMT\r\npriority: u=4,i=?0\r\netag: \"691eca50-143b\"\r\naccept-ranges: bytes\r\nage: 6461\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NaVRMgDYgy47C73oTmhekiU3gypnWg4vtiQa3E%2Bwu7AlK57QGJ0FJHXQvpk1HdqD26qR%2F7wBgjUCy7JbTDevJZ%2BJXv%2BfW1ZHhc0afD%2Ff61qkUCpT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a794d3cbd324e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5179,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 90x90, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, PhotometricInterpretation=RGB, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 50x50, components 3","md5":"d068ddac944feab15bcd2b021dfd611a","sha1":"b9fc631ff86fe2b3620a0e2f99000213343f42cc","sha256":"55a71cf89cb84a3d35e79b3aa6a1eaa3ca0d67742e5a1c8f4f30b6650316bd3e","sha512":"a9b8c76c37d1a0ece2ab4389db411bd49a8a0a909ea8b5485545b265ea6ecfa04b3aede0c66bfcaab5516a24af28578c8665e8304fd924f8f642c0e862ab7ee0","ssdeep":"48:Yq2kuERACxEdSjvBT4qY7AkuYEc2TmyzkYJjptJ/Eektt9TGsN:YXEnxEdhqY7ruYEcwm0kSzJcHfTFN","tlshash":"1fb15c833f1403c3c55d51b914762576a7ced94df654b2063c9ee5a0eb903b98004aaf","first_seen":"2023-05-04T01:50:38Z","last_seen":"2026-03-28T15:28:17.352329Z","times_seen":498,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"turbodomain80.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}