{"report_id":"7f2c1db3-087d-44af-92cf-e998cd454d61","version":6,"status":"done","tags":[],"date":"2026-01-11T07:25:17Z","url":{"schema":"http","addr":"zenithra.vip/","fqdn":"zenithra.vip","domain":"zenithra.vip","tld":"vip"},"ip":{"addr":"172.67.182.42","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"zenithra.vip/","fqdn":"zenithra.vip","domain":"zenithra.vip","tld":"vip"},"title":"404 Not Found","dom":{"size":139,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"4e64a7315460c2add2300d36951d0f55","sha1":"1c7a9b8d1620126790949d3aa412999fd779f753","sha256":"cc72ac27d412af958f9fedec7b3f9da68281e667cc9331a2053022bc5d6aaa80","sha512":"ae1a5652ad4c72baedf250137853680a5d1db67f8f3c8334be380a898b234f912203566861fae66213452bcc083de177dee5d2831abea2d911f55dd6927126ed","ssdeep":"","tlshash":"1ec02b6e8181014da54010f00bc03254088d130a18e15621344c002a23c41a0cc062f8","dom_hash":"domhash708e23ff7118010b850548f2bb495d9b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zenithra.vip/","fqdn":"zenithra.vip","domain":"zenithra.vip","tld":"vip"},"ip":{"addr":"172.67.182.42","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-15T07:25:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-11","alert":"Sinkholed","trigger":"zenithra.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"zenithra.vip","ip":{"addr":"104.21.91.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-11","domain_rank":0,"first_seen":"2026-01-11T07:25:17.556009Z","last_seen":"2026-01-11T07:25:17.556009Z","alert_count":3,"request_count":3,"received_data":2617,"sent_data":1227,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"zenithra.vip/","fqdn":"zenithra.vip","domain":"zenithra.vip","tld":"vip"},"ip":{"addr":"104.21.91.243","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-11T07:24:55.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zenithra.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:27:53 GMT","end":"Thu, 09 Apr 2026 20:25:34 GMT"},"fingerprint":{"sha1":"9A:B5:0D:93:8D:D8:12:1A:30:ED:43:79:D6:04:9F:F7:FF:2D:8B:48","sha256":"E5:94:F0:AF:A8:42:78:28:21:E6:43:83:FD:06:31:EE:50:BF:1E:85:5C:84:14:F2:2C:38:52:74:44:9B:8F:2C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: zenithra.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 11 Jan 2026 07:24:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: sub_id_zenithra_vip=696350477c94e; expires=Mon, 12 Jan 2026 07:24:55 GMT; Max-Age=86400; path=/; secure; HttpOnly\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ujrJ6HG6awymmg%2FjoiqpQsYtugtqqxRZAQE%2F5lzjiAf51QYQFgsFaRlk1OAvEJoIth8I6iEad4fecEA6coqTx5aThuQ5oCLa%2FMo%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9bc2ad5d5da6569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"23f32966f3b7e035052278696ab51b30","sha1":"7595df7c9a15ba04274f83ab7964f2e02e6d9f7e","sha256":"1ff7cbb487ed51fada1493105b72ab2746ecbf9643a34fa0c1baa5a20f807350","sha512":"99eae7dd5ee73e44521d110f1c9a2f352c9f3316b68b64bb24dda14ffd43762e8e26f42fdff9c2d19931ce77ef67224e1cd05cfed85bb9a35b429535d1467f14","ssdeep":"","tlshash":"96c02bae85d1114da94031f00fc032640c8e138a38e2572138cc143e37c43b4cc073f8","first_seen":"2025-12-20T07:23:11.367655Z","last_seen":"2026-03-22T08:08:22.951947Z","times_seen":13,"resource_available":true,"data":null}},"time_used":346,"timings":{"blocked":34,"dns":15,"connect":1,"send":0,"wait":278,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-11","alert":"Sinkholed","trigger":"zenithra.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"zenithra.vip/","fqdn":"zenithra.vip","domain":"zenithra.vip","tld":"vip"},"ip":{"addr":"104.21.91.243","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-11T07:24:55.720Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: zenithra.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 11 Jan 2026 07:24:55 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nSet-Cookie: sub_id_zenithra_vip=69635047e9d15; expires=Mon, 12 Jan 2026 07:24:55 GMT; Max-Age=86400; path=/; secure; HttpOnly\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w6CDZxq7JP2sBqF1hrQbOt7PxUE2xP06gnZd%2Bchoi9JDw%2BSeiQ7gJAd1J9C6GopJu%2FCEauYBqn%2FOdoZM4ymP3QEL2l3%2BWocrPMUvRA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nContent-Encoding: gzip\r\nCF-RAY: 9bc2ad603e6e723c-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"23f32966f3b7e035052278696ab51b30","sha1":"7595df7c9a15ba04274f83ab7964f2e02e6d9f7e","sha256":"1ff7cbb487ed51fada1493105b72ab2746ecbf9643a34fa0c1baa5a20f807350","sha512":"99eae7dd5ee73e44521d110f1c9a2f352c9f3316b68b64bb24dda14ffd43762e8e26f42fdff9c2d19931ce77ef67224e1cd05cfed85bb9a35b429535d1467f14","ssdeep":"","tlshash":"96c02bae85d1114da94031f00fc032640c8e138a38e2572138cc143e37c43b4cc073f8","first_seen":"2025-12-20T07:23:11.367655Z","last_seen":"2026-03-22T08:08:22.951947Z","times_seen":13,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":273,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-11","alert":"Sinkholed","trigger":"zenithra.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"zenithra.vip/favicon.ico","fqdn":"zenithra.vip","domain":"zenithra.vip","tld":"vip"},"ip":{"addr":"104.21.91.243","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://zenithra.vip/","date":"2026-01-11T07:24:56.076Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: zenithra.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://zenithra.vip/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 11 Jan 2026 07:24:56 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nSet-Cookie: sub_id_zenithra_vip=696350484d4a2; expires=Mon, 12 Jan 2026 07:24:56 GMT; Max-Age=86400; path=/; secure; HttpOnly\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZYXb5FMC1iEdDzF04D3osDfeZX%2BII%2BNKiiERtwfYDzIK064ewIjwd73GzbQunXACSMbF%2BvviWYi7mq04qbmBk6euei8%2Fb%2FCZoChv1Q%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nContent-Encoding: gzip\r\nCF-RAY: 9bc2ad627a6c723c-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"23f32966f3b7e035052278696ab51b30","sha1":"7595df7c9a15ba04274f83ab7964f2e02e6d9f7e","sha256":"1ff7cbb487ed51fada1493105b72ab2746ecbf9643a34fa0c1baa5a20f807350","sha512":"99eae7dd5ee73e44521d110f1c9a2f352c9f3316b68b64bb24dda14ffd43762e8e26f42fdff9c2d19931ce77ef67224e1cd05cfed85bb9a35b429535d1467f14","ssdeep":"","tlshash":"96c02bae85d1114da94031f00fc032640c8e138a38e2572138cc143e37c43b4cc073f8","first_seen":"2025-12-20T07:23:11.367655Z","last_seen":"2026-03-22T08:08:22.951947Z","times_seen":13,"resource_available":true,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-11","alert":"Sinkholed","trigger":"zenithra.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}