{"report_id":"8397c1f8-b123-4d86-b313-cd549c899013","version":6,"status":"done","tags":["phishing","rockstar","aitm"],"date":"2025-10-06T19:34:25Z","url":{"schema":"http","addr":"mycutebabyshopbd.com/hdghnc/e4214cf7d36a96c8d139cdd1e376f10e/ZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"mycutebabyshopbd.com","domain":"mycutebabyshopbd.com","tld":"com"},"ip":{"addr":"103.213.38.36","port":0,"asn":150142,"as":"Wolast Technologies","country":"Bangladesh","country_code":"BD"},"final":{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"title":"Continue Your Work"},"submit":{"url":{"schema":"http","addr":"mycutebabyshopbd.com/hdghnc/e4214cf7d36a96c8d139cdd1e376f10e/ZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"mycutebabyshopbd.com","domain":"mycutebabyshopbd.com","tld":"com"},"ip":{"addr":"103.213.38.36","port":0,"asn":150142,"as":"Wolast Technologies","country":"Bangladesh","country_code":"BD"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-10T19:34:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"ftp-east.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"aurevoe.life","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]},"summary":[{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-10-05T22:14:16.315625Z","alert_count":0,"request_count":10,"received_data":585722,"sent_data":7178,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ftp-east.nexoizaki.vip","ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-23","domain_rank":0,"first_seen":"2025-10-06T19:34:27.435645Z","last_seen":"2025-10-06T19:34:27.435645Z","alert_count":16,"request_count":8,"received_data":13165,"sent_data":5890,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-10-05T22:15:40.094389Z","alert_count":0,"request_count":1,"received_data":88322,"sent_data":447,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"aurevoe.life","ip":{"addr":"104.21.4.151","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-09-16T07:58:33.860518Z","last_seen":"2025-10-06T15:29:34.486132Z","alert_count":3,"request_count":2,"received_data":213559,"sent_data":1032,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"mycutebabyshopbd.com","ip":{"addr":"103.213.38.36","port":443,"asn":150142,"as":"Wolast Technologies","country":"Bangladesh","country_code":"BD"},"domain_registered":"2024-02-17","domain_rank":0,"first_seen":"2025-09-22T23:58:25.029317Z","last_seen":"2025-10-06T18:01:11.63486Z","alert_count":0,"request_count":1,"received_data":477,"sent_data":565,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.1.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"nexoizaki.vip","ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-23","domain_rank":0,"first_seen":"2025-10-06T15:29:31.912792Z","last_seen":"2025-10-06T15:29:31.912792Z","alert_count":2,"request_count":1,"received_data":718,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ff03fc8f0c3179fb4dcf4389f88a1c16","sha1":"05ff911d7ddf2d7c14b4316a87fd08f42c618f9f","sha256":"025229ec6bb50e915572750c5045d22c5fe16851fd077f1411f41b19aa1dfece","sha512":"4acb3551ec49556a2a64f4a47e480df29f611f67d0ef4b2474e90f7b86caed3dedb0b56eba12e577f1401d4d701c9a4f0898a06eee8f6d7dbe3b4b5283a854e8","ssdeep":"","tlshash":"4f60000000c000000000030cc00300003cc0003300fc0300c30c003000cf3cc0000000","size":14,"data":"","first_seen":"2024-12-12T23:50:40.182598Z","last_seen":"2026-04-06T08:09:53.420918Z","times_seen":248250,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e5f4a065ffdf2b32742f178720e82c52","sha1":"94ec1ed204a1da9900d11f8370d280c133e09a44","sha256":"2a895e0eafad6152dbe25baa37985d0fc65c6d12b611ab4162dbbe700abfa301","sha512":"7ba678ecf8bad792dfa0ecef59705d389eab6506fd8d15c78ff1c47e56c19a0fd9536c0c6324dc8609d12b2d62ac1df75d11b853cd1bcd01534d6ad8133a3635","ssdeep":"3:N/BKL1XEMZU:eL1UMq","tlshash":"515504c074f03070041cd500d35014557405450150150553705f04d437301044010540","size":1337359,"data":"","first_seen":"2025-10-06T19:34:30.105124Z","last_seen":"2025-10-06T19:34:30.105124Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-06T08:13:05.909137Z","times_seen":136878,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9f9c2610987ac6b9f73ea828de3eac99","sha1":"c6f41b62cbd3b359348cb70ad27d3d8f1e058b0f","sha256":"7f386c04d206e9b7651a102ed70f153a78bcca716fea93329b59cb69cd4291cf","sha512":"a313ec82fa1196166c87783ab7e30a91595994e0b3f88c427e912504e364fa07c7e3ac1aa353e8569077e2aad89a7c4aee43aa1cfe8b741d655b452b5df16024","ssdeep":"3:N/BKL1XEMWRV:eL1UMS","tlshash":"db5500c0b8a030b0082ceb02e2a0382eb80a0800202b0883b0ae0ae83bb02088020a80","size":1337359,"data":"","first_seen":"2025-10-06T19:34:30.109465Z","last_seen":"2025-10-06T19:34:30.109465Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"1048727b469739d27e50653b3ab80f26","sha1":"2a2b25243d21a3cc570080f009b263685092f867","sha256":"c293f7cc39d01819c2028768014807e86fdfeee3c40abb7e2353b355fe6ec91c","sha512":"50091e920107068470b855cb2d0128fa3e46ac8a592acf6ff890a60b3be1d804f49d7f0d7ff69b7b0f9b5fd780e4e6c95883051cb523adc0c68112c0bfbb0f85","ssdeep":"3:N/BKL1XEMmX:eL1UMmX","tlshash":"3e5504c0f4d03170041cd500d35014157405050070170443705d04d43f70104401054c","size":1337359,"data":"","first_seen":"2025-10-06T19:34:30.112452Z","last_seen":"2025-10-06T19:34:30.112452Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=98a798013c93b512\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1299adf0aec539b71dc861620e80af64","sha1":"5660135000b983659ef7010dae94e165b6ffb2a6","sha256":"ded76b7eb3804d7efbac46a2958f7d682efc32ba4af7148c06b57b17d2c17541","sha512":"29e430cb5091c794deadf957439fd079e706a185501f9b5561a4eb8ddb8feae3e96a5250a36b7db9db4c1ede09120516a7b07f9cfb33161f3da625469619afef","ssdeep":"1536:/ZmxiEf3mZmAzfDo2zZAo99zSL5I7E9bgoF7DbqnmD8xj2rlbVZ9SnIYKH0pSub:/Z4ukcDzk7DwPjuVlYKH09b","tlshash":"f5d3088a359eb6954326b029002737cfa1ae9c8c700c0c6da955d8ec7ce9f54f5e3db9","size":137774,"data":"","first_seen":"2025-10-06T19:34:30.071203Z","last_seen":"2025-10-06T19:34:30.071203Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ca897fb253cc8807c5aafc947eb02fb6","sha1":"25137d68712ada7d3ad424c80bc0d688a696f7bb","sha256":"57f9c536daa79c4d770534dbafbe2e7b2b2aa48b9eb2617b4e670b8a78a4a4ce","sha512":"187200763128b83b777932b28834f8a21adf5824c5b9f8635249168aaefcc2451885b26da07411ccd56a52146f9b8cc2524647ebf2df4c1474f80d219d893f64","ssdeep":"","tlshash":"d96000030c00cc300033000c0003003f30f00c3003cc300c033003f003c030c0000030","size":16,"data":"","first_seen":"2024-12-12T23:50:40.144885Z","last_seen":"2026-04-06T08:09:53.42038Z","times_seen":247125,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d19e83330444dea3f2d7e3d51d8b4e71","sha1":"7d4411c401da439522a37ded785f38628ef342c0","sha256":"928fe89db4535b073d834921cd19104bcddfb1993d5ed965888306e41a5961b0","sha512":"d0a0c0ea4d9504dc061b610915b01a25ade4863384bbb2d8814266c03108da36caaddaf3b5d960baedd38dbfc3d07ab8db1b49c5d0b39e3950ca6f14ee0c86c8","ssdeep":"1536:YTFoxK0UG/S1N+7cls9LBxJuchZO0Hh2GkRY:YTFoUqT9LBzfhZHYG7","tlshash":"50332a938a4024575c686e76f8edcb5f42e967c1c34a5b12c0b6ccde462f71826eb13c","size":54689,"data":"","first_seen":"2025-10-06T19:34:30.120314Z","last_seen":"2025-10-06T19:34:30.120314Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"7cbf37cd8a551c24fe416aff523b9475","sha1":"7ba2a848a47de602e0e9839fe6e17e2572134854","sha256":"c97894ad224821f7272f85fd93472b5bd871f43755957705f78dd416d049d042","sha512":"87d41f991901d1828e3826a2fa16ebde4d6ff1d582acec8e2fc6a968472895ea80114a6c167b378e7e88cc5fae82e541d77895aa0e4f55e5eed0eef76aca7153","ssdeep":"3:N/BKL1XEMkm:eL1UM9","tlshash":"1a5500c0b8e030b00828ea00e2a0282ebc0a0800202a08c3b8ae88e83b302088028a80","size":1337359,"data":"","first_seen":"2025-10-06T19:34:30.144889Z","last_seen":"2025-10-06T19:34:30.144889Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"210593d4f868ec598e71d0960d862f20","sha1":"5118ddc183653b84a131ba8e89f75fdc522aa238","sha256":"5743c640722924aa6974b1f602ad1abb67f4c5240cc4829ed64147cf0e6ecf83","sha512":"ba85c82d1e8080eea1b01a2ccb9dd83805b911ac5bc65ed0f2e942f67ddf38ff6b4d5369322fea9e4646525b69cdfdf5a1b35b29ec8e98613748bc09cfc95f80","ssdeep":"768:1C6jR2KMgasLUU6+9Db69qBuug2Uw5jOyhMVNY1EbV9tGcpfBgQfuWVuY8t:r2PgasLUU6+RxuX2bhNDt","tlshash":"17232a583256397227d980e1a17b63437326753ae94ccc50a423d976367cecad233fba","size":49421,"data":"","first_seen":"2025-10-03T17:34:33.785374Z","last_seen":"2025-10-09T20:11:58.603455Z","times_seen":5784,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"e01871d54efc0b97436553f0c35525ec","sha1":"6009167c976016d81497a29b6913c853444aa625","sha256":"aa340a78410da9a7e3df6ab4af9e58d0c8e1c629d4f2b257e9bf682429ccd682","sha512":"36655f6cc996edd80c73fad2bedf3090bc65027989c16d9001a01ed8c126b3a4637b9af51417b58ebc320f0fd68e6b65de8d86cfa4e4c0364f4d26d71a1520cb","ssdeep":"","tlshash":"d011309e772d70771325b7f5187a201a42b6b88860076a4d8851d1e8bc9dd84c04bf78","size":1103,"data":"","first_seen":"2025-10-06T19:20:19.290436Z","last_seen":"2025-10-06T20:38:57.594781Z","times_seen":182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"d3405ee71d3b775594ce91b919c5bf41","sha1":"4606af493fa39b875351773d31286987d6786a50","sha256":"71e8f4088c0c98a5ccde51f3c6e19dc8f3c74b5d727eaf48ebe207a48f4d85a6","sha512":"80411886e9a086344b480771604e27433698c93a73dccbf2e2927a54fa573a4a9278dcf6df4d0a741fa613e189d20f670de434b5df1fec2a1db966b554d39c74","ssdeep":"3:N/BKL1XEMiwn:eL1UMFn","tlshash":"b85504c0f45030700414d500d15015157c150400101d0443705d44d437341044130540","size":1337359,"data":"","first_seen":"2025-10-06T19:34:30.154508Z","last_seen":"2025-10-06T19:34:30.154508Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c1e3b73b9dc1b79cfec1b44055c59375","sha1":"ad283b833b3caaa3c80e25b92485444b70b2d819","sha256":"0de9406cb43bbc50f30e6bf0ba5778906b2bcaefbfe3f90196534ef3eaae5e6f","sha512":"57eef20d6e9171c7925f17f54793ab349b3458773a20908a7b0b7c936d2f7f0fed39e91851d361b7bb476ae448ef458193e6bfccb7222200a74a8d491602aba6","ssdeep":"","tlshash":"0ff059bd766d342090b3212f562b56c68e3c95149847b3a0232905030ebdd0a0351f15","size":467,"data":"","first_seen":"2025-10-06T15:29:40.260283Z","last_seen":"2025-10-07T18:43:35.02834Z","times_seen":696,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a0eb44bdf7a9862e13e33679d1510284","sha1":"279eb215cb46ebbffcd8549bde4ba47ac38b7476","sha256":"454ab97028de17bbb00c9dc1b2ffa34ae1b4f3a898c559134aef94a3550cd02e","sha512":"54999e1cabb84dc1f415df72c10e6d575e2ebd6f5ea61d3d1ccf2ff5ae7f70f11a90653e2cf23d745995c81ba39f53b5f781a01f4e41315f9f1a8cd4953c67fc","ssdeep":"","tlshash":"4e71e987bc74cde662dd6768d6a4775e347112d4401494b1ba8284083b3faabc2aad88","size":3571,"data":"","first_seen":"2025-10-06T19:34:30.158819Z","last_seen":"2025-10-06T19:34:30.158819Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"2352fbff432b1a8c2a5df40767432d90","sha1":"f4d9b0ca1d0954c1c36568ad85b9cd9e54c923a6","sha256":"95d16c536f6ce726668b1fdaad9fe956e6187c8a76f77353eac32668a4d34c5b","sha512":"7a32fdad352c0d7de19531e4a7e38e88669f64bcb98ff66159c1cf0c31de8cd1573cd25408a36fb6710a604f9620937fa053a6bc7f229c28b6731618aeca6132","ssdeep":"3:N/BKL1XEMb:eL1UMb","tlshash":"c15504c0745034700414d510d15014177445050014170443705d0cd437305047010740","size":1337359,"data":"","first_seen":"2025-10-06T19:34:30.161143Z","last_seen":"2025-10-06T19:34:30.161143Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"33ff6022e88df59f8dfc9eb546435e9c","sha1":"7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4","sha256":"a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a","sha512":"99820974c649620d8dfd487054edee4863ca41025de5a87fcd6fddfafbecb53668799fdde6f7b809112fec178b18f28a9ff8e190d298aff5a29c6795ad639c25","ssdeep":"","tlshash":"0c600000c0303003000f3000f00000033cc000f0cccc3003030c00f000c000c0cc000c","size":14,"data":"","first_seen":"2024-12-12T23:50:40.556614Z","last_seen":"2026-04-06T08:09:53.407827Z","times_seen":249465,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"30b26e2ae3f2310546203b61eb5db91d","sha1":"e043a02536d38a85672820fc225c351f2c1a6a9f","sha256":"67a387e8ffef3c3a570ee060a35354a8ba7dfc406baf57571abaf346fd93497a","sha512":"1656a30105cb1496f7ec1d55808d38b141b3be434d8d7be9246cca6df403c557af0f95e9a4cdb3c3f7278c8477d1c1c9e3df0b6f083921a6bf2d5c654de04878","ssdeep":"","tlshash":"9ab0124026a23800d3539034684b8804f008034220d80804645e63302f4001a85bb5a8","size":87,"data":"","first_seen":"2025-06-09T02:52:19.530399Z","last_seen":"2026-04-03T13:26:10.063865Z","times_seen":3923,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/UbDcMUlbA/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d27eff7463bb8a720b9e942b066c5168","sha1":"dbd37eec58122a82bc99107c722a4d092eebe975","sha256":"edbb5a74c077f9ce29847f6e30e354d336a65b6e544b32ad50526857f64ed071","sha512":"f8a71e662694a4f88b38721d30404047489aa04fd2795c21b247f5014a14878f9ee0dea05138c66d5067c3ea6f09b1ec5a33327264b0445610464ec8e708ecf0","ssdeep":"","tlshash":"06a0110abca2022008ba223e030a0b083020a0002c2020020008a8302820e280a22e08","size":71,"data":"","first_seen":"2025-10-03T18:50:54.870613Z","last_seen":"2025-10-08T15:43:46.294454Z","times_seen":952,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"4536efb0cb802395ec351635c5681ec5","sha1":"e418e5e92852f0562116971bb62a74f432505697","sha256":"3ec9505a35056771eabfa90d78a9ec7663b012258e2472baf95a52845315e269","sha512":"8f4840eb0238b3f815a45a229dbb06597f97438f6da770be8b135705622ecda6e9d7efa8b22f7692563701705ab3e85e27241d5a8b35215a47630c8f2c1240d7","ssdeep":"3:N/BKL1XEMrT:eL1UMH","tlshash":"c95504c0745030700414d500d1d0151774050500101704c3715d04d437311044110540","size":1337359,"data":"","first_seen":"2025-10-06T19:34:30.16577Z","last_seen":"2025-10-06T19:34:30.16577Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-06T08:09:53.333074Z","times_seen":667688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f47389d2f1abd47dbebeef3e2d3ae8a7","sha1":"dde5aa75f9a647e73d3e2d3fdda68898f850f72d","sha256":"30893b81b3c71cdbd5cf34b54fb52f8eef50b27d8a3f2498a28d2b89bd987fda","sha512":"3524a8ed2b83fe9d62a0708424707959d6cc8e89a918407da7c46540b5982fea9230792acffc47517cf5d009231375b00d5ec2ff5689bfb74ea6a3c926653318","ssdeep":"","tlshash":"56b0028869e5a404e21975a5495fd144f12cc802148a0515658885515f114294167868","size":94,"data":"","first_seen":"2024-12-12T23:50:40.522517Z","last_seen":"2026-04-06T08:09:53.415419Z","times_seen":246665,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","size":39,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-06T08:11:35.013399Z","times_seen":752996,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d1a26f3351b52d2c6de14e7f0f043078","sha1":"54be0b5729f1d7ddd39152eb2ac2b303acea694b","sha256":"f2ab95aef4f9aaa232622eedaa2524d8188867d4e6cb33e04de9b2dc4d7feeef","sha512":"5c135283bda78c581f0b8c74dc35bf04c84cc3e32046dcae2625199dd0857b2268922a665f62228111bf7cf81cba0fec9c0f10d413a2092b69d84b7155c0297d","ssdeep":"1536:aLeRcjwNpsZ20ZkpYV4NNSrYz+f8NOmppovXI1XdelcRnc9lUKB/rXJ66h67uJTc:EFtRY16+PyGTFoUqT9LBzfhZHYGu","tlshash":"1ff3d5b6cbe722274532dee6b6e5836f62f81248c7451100b6ad42ec67ded043b9fc58","size":159069,"data":"","first_seen":"2025-10-06T19:34:30.170015Z","last_seen":"2025-10-06T19:34:30.170015Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ftp-east.nexoizaki.vip/UbDcMUlbA/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:01.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftp-east.nexoizaki.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-sskh1xtDWycmwXFa' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nreferrer-policy: same-origin\r\ndocument-policy: js-profiling\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a798013c93b512-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27339,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (27339), with no line terminators","md5":"c7d3af2b5fab21cf2fa86e4a542bfef7","sha1":"0f649a6bf8c720dbbf1b5710bbff197b1cbd2459","sha256":"d91b14e20e000f5b1cf193c03c50a1daccd7d99c551f941105095c91d286c820","sha512":"1cb72b40335fb423ffb8de53f8dcd790ab640d880da317c912981cab730e956891d1bb069d188e0a99629f5d09a949f177b4a9ce6c64fba14d87954749582a2b","ssdeep":"384:kA6U+qdB83E29aJC6tHzSk1b2xdLVSmda3mDI9FBrF5s5ewCiVYYejPCdC:zdGrkHzlJUdLV9da3m8fiVcCg","tlshash":"26c2a7038a501b7e7453872da3e1b5c9b3387a025f56b1b7f15052a48f4e6af3b53b0a","first_seen":"2025-10-06T19:34:30.060407Z","last_seen":"2025-10-06T19:34:30.060407Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/UbDcMUlbA/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T19:34:00.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /UbDcMUlbA/ HTTP/1.1\r\nHost: ftp-east.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nexoizaki.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: PHP/7.4.33\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E7TTK3cHppz5wfqgbNqccQqOShlLeaBFExPngU4Mz%2FsESv9VA1hVER1wT0HzsI7KqCD%2FDzxqrWzmnlQBEb97Eowc%2F0Vcl8m4ToAmWOOIM3K3AwdqIMk%3D\"}]}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nset-cookie: PHPSESSID=e62jq97dv5id3o0ggt6poie5nc; Path=/\r\ndate: Mon, 06 Oct 2025 19:34:01 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98a798001c03b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2485,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"6c5c9ae86b225202ae37fd865e088053","sha1":"27e9713ca211e606570a5dfcf19760719c62a98b","sha256":"645ccbeeb065c3d37cb78da8f745cf2e76dcb1619dba13bc01d8c52aeaace840","sha512":"ce5fa0704b42fd185c71d5cafc492019444f533ee71f183706fb59f30bf12a49a8587908b35dc1c04371c77686f79494c59f28a72ff2e4c7a9f8aff15c6dfdd7","ssdeep":"","tlshash":"4851211bea0055496033d3b9e7a35358e92a952793034459bbcc72638fb054c8bd3fd8","first_seen":"2025-10-06T19:34:30.064801Z","last_seen":"2025-10-07T15:29:22.705726Z","times_seen":8,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"ftp-east.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/98a798013c93b512/1759779241386/QcSgHwzY5DSV0Up","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T19:34:02.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/d/98a798013c93b512/1759779241386/QcSgHwzY5DSV0Up HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 240\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a798069a2cb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":240,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 8 x 43, 8-bit/color RGBA, non-interlaced","md5":"3a06fdbc8e86f45f88091f989ed40ff2","sha1":"886c47e6d3117f62f60ee11fc8be8d1a8f9a3980","sha256":"bc9361d9d28f8c83ca063138c72099df9d7cf34f9895ac6529eb9315774e6d64","sha512":"6f3802541ec5022271e4176954ac6d92ef821f4d9bf5d82f5e60cdfad33d2d5977c41248b3915821a3631332768972da77e711a443f29e60ec0febcbcea5ad3b","ssdeep":"","tlshash":"17d05ee852f9b9d28d8fb9b1390eedc3b93082d0060c267ad100ff9f0231c48407019c","first_seen":"2025-05-27T16:57:14.962298Z","last_seen":"2026-04-02T14:07:36.942244Z","times_seen":115,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/,DQo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjI0IiB2aWV3Qm94PSIwIDAgMjQgMjQiPjxwYXRoIGQ9Ik0xOCwxMS41Nzh2Ljg0NEg3LjYxN2wzLjkyMSwzLjkyOC0uNTk0LjU5NEw2LDEybDQuOTQ0LTQuOTQ0LjU5NC41OTRMNy42MTcsMTEuNTc4WiIgZmlsbD0iIzQwNDA0MCIvPjxwYXRoIGQ9Ik0xMC45NDQsNy4wNTZsLjU5NC41OTRMNy42MTcsMTEuNTc4SDE4di44NDRINy42MTdsMy45MjEsMy45MjgtLjU5NC41OTRMNiwxMmw0Ljk0NC00Ljk0NG0wLS4xNDEtLjA3MS4wN0w1LjkyOSwxMS45MjksNS44NTgsMTJsLjA3MS4wNzEsNC45NDQsNC45NDQuMDcxLjA3LjA3MS0uMDcuNTk0LS41OTUuMDcxLS4wNy0uMDcxLS4wNzFMNy44NTgsMTIuNTIySDE4LjFWMTEuNDc4SDcuODU4bDMuNzUxLTMuNzU3LjA3MS0uMDcxLS4wNzEtLjA3LS41OTQtLjU5NS0uMDcxLS4wN1oiIGZpbGw9IiM0MDQwNDAiLz48L3N2Zz4NCg","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:07.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/,DQo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjI0IiB2aWV3Qm94PSIwIDAgMjQgMjQiPjxwYXRoIGQ9Ik0xOCwxMS41Nzh2Ljg0NEg3LjYxN2wzLjkyMSwzLjkyOC0uNTk0LjU5NEw2LDEybDQuOTQ0LTQuOTQ0LjU5NC41OTRMNy42MTcsMTEuNTc4WiIgZmlsbD0iIzQwNDA0MCIvPjxwYXRoIGQ9Ik0xMC45NDQsNy4wNTZsLjU5NC41OTRMNy42MTcsMTEuNTc4SDE4di44NDRINy42MTdsMy45MjEsMy45MjgtLjU5NC41OTRMNiwxMmw0Ljk0NC00Ljk0NG0wLS4xNDEtLjA3MS4wN0w1LjkyOSwxMS45MjksNS44NTgsMTJsLjA3MS4wNzEsNC45NDQsNC45NDQuMDcxLjA3LjA3MS0uMDcuNTk0LS41OTUuMDcxLS4wNy0uMDcxLS4wNzFMNy44NTgsMTIuNTIySDE4LjFWMTEuNDc4SDcuODU4bDMuNzUxLTMuNzU3LjA3MS0uMDcxLS4wNzEtLjA3LS41OTQtLjU5NS0uMDcxLS4wN1oiIGZpbGw9IiM0MDQwNDAiLz48L3N2Zz4NCg HTTP/1.1\r\nHost: ftp-east.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/\r\nCookie: PHPSESSID=e62jq97dv5id3o0ggt6poie5nc\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"ftp-east.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1947667151:1759777902:g2wYExdT4FN7znSVPVmmKbmNTQa7Iilt32VlwAaCz8M/98a798013c93b512/i1IJN9QT1ZF9mRK96F4n5LLMyyyVd9rDnZrcSlXyFEQ-1759779241-1.2.1.1-lmnPO3I09bxnfm76rh1..m7B4i2s6kK04t2yJBEw0O9Tg3MaMqSMcTU6K1LZTm8d","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T19:34:02.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1947667151:1759777902:g2wYExdT4FN7znSVPVmmKbmNTQa7Iilt32VlwAaCz8M/98a798013c93b512/i1IJN9QT1ZF9mRK96F4n5LLMyyyVd9rDnZrcSlXyFEQ-1759779241-1.2.1.1-lmnPO3I09bxnfm76rh1..m7B4i2s6kK04t2yJBEw0O9Tg3MaMqSMcTU6K1LZTm8d HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\ncf-chl: i1IJN9QT1ZF9mRK96F4n5LLMyyyVd9rDnZrcSlXyFEQ-1759779241-1.2.1.1-lmnPO3I09bxnfm76rh1..m7B4i2s6kK04t2yJBEw0O9Tg3MaMqSMcTU6K1LZTm8d\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 34412\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:02 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: ahJbuRnMzDDNRF+bz8wjAWy4xsttjvlsmHBWKLZYELVC1T4oK305pJjY4iYBFiuJ$9SGLBP2r8IZexSpQvvbKfQ==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a79809fdabb512-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29100,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (29100), with no line terminators","md5":"87e232bbc2aa98a99edeecb0f5631606","sha1":"6321b349f8a57d42fa44e2c97da07fd3c52a38e2","sha256":"ae386622d587b17511b70ba43649b06486dbd260a72651cfe50b3e76473863be","sha512":"70407e98a2f48b5732678dd807853d94ae358f44b26951e0ed5929356361b5f5948813af8c6713a41fc49c7a121deebe8c982e6216832c826cc40741e6da3a09","ssdeep":"768:y/JH5UpREvdley6YfBbZ+q/7T8mJ6qg8EH8w3SGXKf:yxazEllehqT4mJ6t8EH8sA","tlshash":"97d2e11f1731ac7b18b1e189266181069f40433f386ec8a7ae935ef2707ae57dd65734","first_seen":"2025-10-06T19:34:30.069315Z","last_seen":"2025-10-06T19:34:30.069315Z","times_seen":1,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=98a798013c93b512\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T19:34:01.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=98a798013c93b512\u0026lang=auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a798017cc7b512-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":137774,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1299adf0aec539b71dc861620e80af64","sha1":"5660135000b983659ef7010dae94e165b6ffb2a6","sha256":"ded76b7eb3804d7efbac46a2958f7d682efc32ba4af7148c06b57b17d2c17541","sha512":"29e430cb5091c794deadf957439fd079e706a185501f9b5561a4eb8ddb8feae3e96a5250a36b7db9db4c1ede09120516a7b07f9cfb33161f3da625469619afef","ssdeep":"1536:/ZmxiEf3mZmAzfDo2zZAo99zSL5I7E9bgoF7DbqnmD8xj2rlbVZ9SnIYKH0pSub:/Z4ukcDzk7DwPjuVlYKH09b","tlshash":"f5d3088a359eb6954326b029002737cfa1ae9c8c700c0c6da955d8ec7ce9f54f5e3db9","first_seen":"2025-10-06T19:34:30.071203Z","last_seen":"2025-10-06T19:34:30.071203Z","times_seen":1,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1947667151:1759777902:g2wYExdT4FN7znSVPVmmKbmNTQa7Iilt32VlwAaCz8M/98a798013c93b512/i1IJN9QT1ZF9mRK96F4n5LLMyyyVd9rDnZrcSlXyFEQ-1759779241-1.2.1.1-lmnPO3I09bxnfm76rh1..m7B4i2s6kK04t2yJBEw0O9Tg3MaMqSMcTU6K1LZTm8d","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T19:34:01.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1947667151:1759777902:g2wYExdT4FN7znSVPVmmKbmNTQa7Iilt32VlwAaCz8M/98a798013c93b512/i1IJN9QT1ZF9mRK96F4n5LLMyyyVd9rDnZrcSlXyFEQ-1759779241-1.2.1.1-lmnPO3I09bxnfm76rh1..m7B4i2s6kK04t2yJBEw0O9Tg3MaMqSMcTU6K1LZTm8d HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\ncf-chl: i1IJN9QT1ZF9mRK96F4n5LLMyyyVd9rDnZrcSlXyFEQ-1759779241-1.2.1.1-lmnPO3I09bxnfm76rh1..m7B4i2s6kK04t2yJBEw0O9Tg3MaMqSMcTU6K1LZTm8d\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3682\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:01 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: 6/N7s1XNWwt2ysSqZq5gjzwb24tu+gI5BMBMVaTyNVqbjfip5xQA2bJRmGGMRFS7OSwti60SnEE2X9f63JMewei+2en3XrFSQsha2/gXiPAD0euo3zhXLmcZGSy0xVCeAKwhsJICQ5QV/IOt7nAVHvX08E7EI73ZrD873Ez+x+p7T8rJaehgiJDYRtP8Lg+Yfht13lDeI8GDvOvTDtTkSmOUZctiE6vEXrS+PzgiLEp7Vhy9e8J/ato/9SsrTOhoaO/BZHzLhjTP+1ipDP5xR1ACA8EdQQYAArdxY0NYVKAhC6lzr9OTvvYRMt/7gRWyfa9QzTxOE15RTRxSJzYgk5T/kxk7w2UPFjmqwNVM3bGVcS6WMJboAv0HEy47Vlcqm+vy40ALxE4iqYt7KCubm0S5idZknoiWq2btti8+bzjhdDkvvH2GXeHPxRJZyKziSq4ryM4fAA2xn6gstPdl2YCmjg2eiVY4sFB0DsF+30jm2v0ATv3Idk7VDwa1EjCe44Y3mgUyB/jHHjnadBKanRgyoGl90ntwHA77TAVliVuOHkNEsYnuQ9Y6LSYdiskrTUe669mQ9LzxFBHcfKW/BIpnXXqglr+e3JTQfQBNDwTwK71AqZsVTWTJQLogo1PSTe5QS6Dts89XEsCEMF/2o6dBENzpl6DlGmkBgK8hgNjC0URajm14M7iTpbBSxQ3j4FnjZ9gcWnlh++oDxOsZnJDpsNfQ9nP37Xy0IEJ/DCfzdCvj3IRvuq2WYe+OMc0InUsf5nr7d83rQHK2dPUmsw==$QuJqcYe2B02UUKHa9d4C7Q==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a798028dfab512-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":278684,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a5b502d50e5e0ed2cb1016b6fac5953d","sha1":"0df08f3f07471459138291f337c94a601692a6c1","sha256":"74f693c3a02a979c9664a02d62c9d6228dff36d23b31de1bc910d4bb71f3e90a","sha512":"6432e948a17cea6ebe5a4b109fd3335a31e05cf650a3cada9782bb99db2502e389b8986253e9597bea0c9e26dd30933a727c3340fe0c405cc66e88f84e4b7429","ssdeep":"6144:L/jX8BQNJqMqdZD0brBv4ZbxYOnQfeTl3k+QcnHfh:LzUQNwM+ZD0GZbxnfHtnHp","tlshash":"725412b3399e1eaf0626cb1f76b1140b5fd0aac7081295749fdf2a9fa50ec448e70d46","first_seen":"2025-10-06T19:34:30.072788Z","last_seen":"2025-10-06T19:34:30.072788Z","times_seen":1,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":109,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T19:34:05.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/ HTTP/1.1\r\nHost: ftp-east.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ftp-east.nexoizaki.vip/UbDcMUlbA/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=e62jq97dv5id3o0ggt6poie5nc\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: PHP/7.4.33\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Oibms6La4Kzq91zOSuwVe0DMR71lUq0Y3LNA%2BfzXDRbcinwqu2iSyVRmUn45lH0M3wELo0ZoTeUcMu9V5jQAl08p%2Bxf1TcsOH9q4mt33yKbN319k7%2Bo%3D\"}]}\r\ndate: Mon, 06 Oct 2025 19:34:05 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98a7981ad98eb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1355,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (465), with CRLF line terminators","md5":"fd5a5b5a7a3a57d0e201ac36f1b67865","sha1":"8e9629a5d0de32b2111cf3c0ebb9ec2dab3a8af2","sha256":"0ff432addcd7160790ef126407d83243239bcd09cba70da5b79f7b99137220af","sha512":"55578c8ed757dc671055df893f6996d7f99878baca300526d7b8215b4ab025c51beff0007e274bf055fa8de0a5672b444d229a4855c88e9cc966d884bf40c45a","ssdeep":"","tlshash":"2c21337d764a143ca1731225313b7a89cf7cc805c61b65a1761c254f4af99494bc7f98","first_seen":"2025-10-06T15:29:40.250957Z","last_seen":"2025-10-07T18:43:34.674164Z","times_seen":696,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"ftp-east.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/,","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:07.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/, HTTP/1.1\r\nHost: ftp-east.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/\r\nCookie: PHPSESSID=e62jq97dv5id3o0ggt6poie5nc\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\ndate: Mon, 06 Oct 2025 19:34:07 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L5l7bub4EfBm6pB%2FL9AWpc8Zekie6VBye6EYFtWla7RBj4UdzXLh%2FXA1gWhKjaJE40N1iPoPsLGYsDTGAAjBE%2BJme%2BXuTiWF%2BFxePXiYhVEnIhYnpWQ%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 98a798298c55b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-04-06T07:48:19.994588Z","times_seen":20561,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"ftp-east.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/98a798013c93b512/1759779241387/8d6b17cbc20517864a2ea261e574f4bdd10e66665b3f5ecad949ee3b25119a5b/HaEhfOuMBtxTQod","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T19:34:02.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/pat/98a798013c93b512/1759779241387/8d6b17cbc20517864a2ea261e574f4bdd10e66665b3f5ecad949ee3b25119a5b/HaEhfOuMBtxTQod HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Mon, 06 Oct 2025 19:34:02 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 1\r\nwww-authenticate: PrivateToken challenge=\"AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gjWsXy8IFF4ZKLqJh5XT0vdEOZmZbP17K2UnuOyURmlsAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAoFIsigelmhXUt6a6_SuiwmGJGiWqNd5uWsROJZcRkDAo_EOBPL1_ry6An2m9fdtqjmXDnKjE5RHUtvxYClzhWJDpdpTc8m5A7rD1uuS1FrisIdOGpqsc7HG_MBrEdLWqA_T5vMDhv1P3tB0bPWSfqXRN9n9zxc4Rxb6Pxv6Dcq-G9TVlf6PmUSXUEu4B90bcMGL86UfB48E6nfmDQnlgTVd4CNq5oJD0Twnw5TWE0GjBEy1Pgol7LZ4JwH16TLVOte1SEqk-AnTVkNZjPrfDCLrmQDVwRz1A-YwfEtvRMvtfalMQavfdnIInPVcNT6iaLPzstlU6Z4d3pomklYNrVwIDAQAB\", max-age=20, PrivateToken challenge=\"AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tII1rF8vCBReGSi6iYeV09L3RDmZmWz9eytlJ7jslEZpbABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsN8Swq-3M489JXPD6LLyBf2SfiJc0Xqr2BB1TtMc73IxJwY7MTmwLaSOM6Vf9lM4QY68VxSEP3EMeTDhl1VfcSotq73IHev2GmApMZuRZUeFsWjbmFoXJX3QzDMGbnekPWozxur7IfcTNS0mptjXEccYigUpweaOduu4-I6O8MMQOkSVBOGEv9pKCWTqzW_ec0FLB71x1FvRN8_O2roG-knj6szl8rifUPzKFyqWHH2gYTmOrkgkdxfELtNACnTvjT-F_FhC051Q-DgVk3kv64wBMcOCY6RQlBmisyUogDi9i3oZgbMTNr7hsV5N8L2VK0Bs8Guu_IT-fnCeJLqcKwIDAQAB\", max-age=20, PrivateToken challenge=\"AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tII1rF8vCBReGSi6iYeV09L3RDmZmWz9eytlJ7jslEZpbABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA7LC_wzumB6AtzdsCSGuXYRRivNP9CAcc8aWoc-EkCUz3WTew_U70jo_KYUuj0o8QQk-dcYEEX9GZaLIfDUWTD2mE7VHJEp7Rsq3xTBbZq2XPsGCBgYQ4JlwnV3if77rSHX49sS1yJGBsELJIQdUhj8w2GH7YllRZhzWO0wWOxUGShREKS3puEM-9UU3st1PzZ3xEIY21HzA8UuKiSLK02j-5JLQIzcw2PAK2ICumsF7WgAwbsW44bWkhE4_lWKs5SMyoVCf3EM5lsGFUUSbt1m2ShA0j2mNNhe_R_OL-BSEEWjIytpSe3OTNMjOd6nkEArOZsc4z6PSkLsVQIbeY5wIDAQAB\", max-age=20\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a798074ae5b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"ff44570aca8241914870afbc310cdb85","sha1":"58668e7669fd564d99db5d581fcdb6a5618440b5","sha256":"6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5","sha512":"3c266c0035de59eab2a0dd31b3dcb4a9dd157b310289e5db9ab4f8c2fddb7433466d48f25da7ad735a1cb8f2935aa612ad1f62f0efcece3933ba9979082e2304","ssdeep":"","tlshash":"c700000000000003c00000300000003000000000000000000003000000000000000000","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:09:53.324732Z","times_seen":400892,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ftp-east.nexoizaki.vip/UbDcMUlbA/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:01.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /turnstile/v0/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftp-east.nexoizaki.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 06 Oct 2025 19:34:01 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public\r\ncross-origin-resource-policy: cross-origin\r\nlocation: /turnstile/v0/b/16f9cd2f90a6/api.js\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 98a79800e8bc56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49421,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":14,"dns":3,"connect":3,"send":0,"wait":15,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/16f9cd2f90a6/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ftp-east.nexoizaki.vip/UbDcMUlbA/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:01.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /turnstile/v0/b/16f9cd2f90a6/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ftp-east.nexoizaki.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nlast-modified: Fri, 03 Oct 2025 12:00:37 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 98a7980108d756aa-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49421,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (49420)","md5":"210593d4f868ec598e71d0960d862f20","sha1":"5118ddc183653b84a131ba8e89f75fdc522aa238","sha256":"5743c640722924aa6974b1f602ad1abb67f4c5240cc4829ed64147cf0e6ecf83","sha512":"ba85c82d1e8080eea1b01a2ccb9dd83805b911ac5bc65ed0f2e942f67ddf38ff6b4d5369322fea9e4646525b69cdfdf5a1b35b29ec8e98613748bc09cfc95f80","ssdeep":"768:1C6jR2KMgasLUU6+9Db69qBuug2Uw5jOyhMVNY1EbV9tGcpfBgQfuWVuY8t:r2PgasLUU6+RxuX2bhNDt","tlshash":"17232a583256397227d980e1a17b63437326753ae94ccc50a423d976367cecad233fba","first_seen":"2025-10-03T17:34:33.785374Z","last_seen":"2025-10-09T20:11:58.603455Z","times_seen":5784,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/favicon.ico","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ftp-east.nexoizaki.vip/UbDcMUlbA/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:01.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ftp-east.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftp-east.nexoizaki.vip/UbDcMUlbA/\r\nCookie: PHPSESSID=e62jq97dv5id3o0ggt6poie5nc\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\ndate: Mon, 06 Oct 2025 19:34:01 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sPAzcR2mIMGYcb099T2mgRRJkwynzrKktQ5hIggEnfaVG%2FcjV%2F8KOIHtMnkLXkJ9rgo0iD8cE45gjNRmEuZ9sb5kxCGsstSWNIEk7Tw%2Bklgq0Ia6RfA%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 98a798013c3fb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-04-06T07:48:19.994588Z","times_seen":20561,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"ftp-east.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T19:34:01.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 86\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a798016cc0b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced","md5":"70c202196187ab3c11b4e094c20c6de1","sha1":"9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863","sha256":"6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643","sha512":"7e6168e40cce79239fc00a05381e1e95ca3534905d3fc1467973927f317b7f12b6f3e76960d5202c40046618b51e0895082e22338b1b9971038fa0ba158117e4","ssdeep":"","tlshash":"4ea022f3b2203c3eeb2a2333022e8030f83020b803828e0c000eec332a20208c0ca2c2","first_seen":"2025-05-13T14:11:45.873663Z","last_seen":"2026-04-03T11:40:49.866694Z","times_seen":265776,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1947667151:1759777902:g2wYExdT4FN7znSVPVmmKbmNTQa7Iilt32VlwAaCz8M/98a798013c93b512/i1IJN9QT1ZF9mRK96F4n5LLMyyyVd9rDnZrcSlXyFEQ-1759779241-1.2.1.1-lmnPO3I09bxnfm76rh1..m7B4i2s6kK04t2yJBEw0O9Tg3MaMqSMcTU6K1LZTm8d","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.95.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T19:34:04.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1947667151:1759777902:g2wYExdT4FN7znSVPVmmKbmNTQa7Iilt32VlwAaCz8M/98a798013c93b512/i1IJN9QT1ZF9mRK96F4n5LLMyyyVd9rDnZrcSlXyFEQ-1759779241-1.2.1.1-lmnPO3I09bxnfm76rh1..m7B4i2s6kK04t2yJBEw0O9Tg3MaMqSMcTU6K1LZTm8d HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/wuyag/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\ncf-chl: i1IJN9QT1ZF9mRK96F4n5LLMyyyVd9rDnZrcSlXyFEQ-1759779241-1.2.1.1-lmnPO3I09bxnfm76rh1..m7B4i2s6kK04t2yJBEw0O9Tg3MaMqSMcTU6K1LZTm8d\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 43948\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncf-chl-out: gvmxrZhILnMfVPOyZneDiuBKAGajT2hxDdmGAW+iyBjgUAP0CliUyyU3iReO4pNhGWBPL3CnJm6zXNocgodqMYXhn6nAW7z2MPP9dR4kVic=$DFe3kMHTXbt8lLi/vY/Mtw==\r\ncf-chl-out-s: B92Xd513DODr/xwURB4e2QxPl2ESyvaaQD/3rMTjdSfKYiw8/eqVSXoS8iVaZlHR/ffmlI0ISbRIJb4oHEaVSq2HP0mWlkXTY/eWPegvhbjx8A1MTFEqmmRoWBDYA/heUvUacBBAeaeHOr3+a3xkUA95romv3O2h5rXf7UMEa49IP2R2U5CRh1vGdswdfhdsFZVrDrdapla2xi5pI1/uyi8lQnz29ZfNdWK/NZSLanjRYVcDcE+biCLILYrBvD+JngXrquHu0jvwtTMLzTg7OiRAqKqOinR4OyOL+TXqrSre/sPbujYmLehR4Js7xkclVkD3II5gzqkNjCeRrVpu/j5PlmEVwPoDtV9jWmHkBJyhjeFhG4P9hwN8idTOp2cG3Y3I1aWDLXrTnmp5raqiTbzGkXHuJ1Wd+DJXegxX6Al6h1Ge1ziWtHYQXm98k1L/Zs2I26yGXBg66upU2F1TIQ/buhmRrucwKsrSzI2JQpfWrocZ1AW0GbGcGZ/iK/eXsyKH1TyIjaLndFDom6mIYpDbAzB0NqrjfNtQEBf6q4Av94K4t5UkMRtReCyX7AZa8tdMFTWotM3V9Omz2QirlvXMjbgxYT2nuWE9Tu4IJdOU5yp3jUFoFQ4gMK8eM67lSXlpJjVK6eOMbK9BnbEq+QWVKNvhocpkpVoQaVgTN0iILHMlrRvvHwpDgFqQjkohoU8gBC/eBOVAZDj18LUYhKl6BC0Q9z50/k64mx0F66sBU9PsqeMRntYNasBKOz2d9ypsfkpGmvHvZvBYPbqceH9YVhFdJbiP6kFlnvt7DamuU2BAEiB9/t//xCYeKhMM8jQBpYAb/1lbUkzgKGn/yyk0gm669iXS/4qDFF/GXnjaUZ7RnMmsXsDpW12Ucg9Ojt3z9grd6s7AT9l3YUNDAyG1dZ5TQxNRQ6x6f0V+b1gwxAIpRpAj3Xii63Uw7BhxVwoQi95FXdbcN71rbTZDlLTtouSfSDzG9kPLvH/t5m7tqyWTRCXzAhhcLUgHX2OZdld3FaewDJCj32U9kIweAMCQ0yzvCv21yudlUYOtmbVbeta3zRaq8BvZXztuVwHZiAhT28nThDYUvzTzttV/ajNvljROiQCfH4AT5ZCYmwRh0eOLXgPJHCDOGFkbniSADbKmMye9gxl97C2CrfX33uNAE7ENA6ssgX/yDl0cCEaDi/C2eiFPVjU3+vyyqafpXsU0Tg45grg3bEp8xxlFcAT+KYpSkzWUFxh53OEnyrhNtEME9AqPu9RgvA5aMj/EAghyEFdbFz0dfArLyja0c85JWs2Q2UdcyCNtU0G/GMJWHgr32A6HaIw/3c6hW7qb$Ldy16395ToiBEm/xYCGpPA==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a798193d4cb512-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4872,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (4872), with no line terminators","md5":"3a71f2157d1d74074bd054cee7e6d448","sha1":"f09f3e2c41a3d4ab48ae28e383b76515fe552055","sha256":"e5ae2fc82c0def830b94dcc3937ceacd40ec393341cdb42b41c406f2905cdb9c","sha512":"474f3dc1c9455ff474a536067dbfd5b9a5b5774a9c5ea91ed095fee647b8b21eabed0eb1e45a8fcb3fdf6b6197840345dd58a29d6b34b4b922745ec77f84261a","ssdeep":"96:iDvJ5Jq0p6pI1gdi69gW0b/9FLLgipP7m1yX76xXudAQux/qO1mS/Iwpnt0Z:iV5JP0pFR9gl8ipPK1m+YdAn71mYnGZ","tlshash":"fda1aefd64bcd00a41da81328811580cf5f6ab31dae8d3e654f5af87ea5e9b044f4c0e","first_seen":"2025-10-06T19:34:30.083694Z","last_seen":"2025-10-06T19:34:30.083694Z","times_seen":1,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/favicon.ico","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:05.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ftp-east.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/\r\nCookie: PHPSESSID=e62jq97dv5id3o0ggt6poie5nc\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\ndate: Mon, 06 Oct 2025 19:34:05 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=meKGPZYNFqYXO8X0U9h9l4NPyb6nNiM7goUOg%2BAOYEs3dMDzlHa6EdowSfZr0PBcOHgo%2B83KHeD%2ByKYk7Kho%2FpctmOhdGTPlaJAa8YI6XrEATIe2N%2BE%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 98a7981bc9c3b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-04-06T07:48:19.994588Z","times_seen":20561,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"ftp-east.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:07.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/jquery@3.7.1/dist/jquery.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftp-east.nexoizaki.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 3.7.1\r\nx-jsd-version-type: version\r\netag: W/\"155ed-7khZLR//lS/PBs4LZm7UeFSTr9w\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Mon, 06 Oct 2025 19:34:07 GMT\r\nage: 1102424\r\nx-served-by: cache-fra-etou8220132-FRA, cache-osl6545-OSL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 31402\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-06T08:13:05.909137Z","times_seen":136878,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":14,"dns":4,"connect":3,"send":0,"wait":4,"receive":1,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurevoe.life/6850496549.php","fqdn":"aurevoe.life","domain":"aurevoe.life","tld":"life"},"ip":{"addr":"104.21.4.151","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:07.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurevoe.life","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Sep 2025 20:35:56 GMT","end":"Fri, 05 Dec 2025 21:34:14 GMT"},"fingerprint":{"sha1":"04:1F:45:84:92:EC:CB:A7:83:39:22:94:68:AE:78:CD:24:23:74:F4","sha256":"6C:37:F7:52:85:C4:94:CD:F6:83:0E:E4:E4:1B:1D:03:8B:E1:6B:40:F8:01:FE:DE:1E:D1:36:73:B8:DE:76:AC"}}},"request":{"raw":"POST /6850496549.php HTTP/1.1\r\nHost: aurevoe.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: 117\r\nOrigin: https://ftp-east.nexoizaki.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftp-east.nexoizaki.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/7.4.33\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gx0%2B3ZTLY8CaYAMQiEc8fZmD9Ly9tdp00QwaPZ9uV0fv54x3OpCly4OP3Tp86XPvPeRdLdFUy8TImUNZr%2FfJG9%2F8UnIpg3nq9So%3D\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 98a79829ee8056a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":39,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"fe67d69457fbd5df8ba8b3d68642885f","sha1":"8004abca3c296f05b94d7fb7febbaa92b802c053","sha256":"aa979fc95d56082b4df7cb9bb513a4a17000126594330aabdc1ad733f6d61cdb","sha512":"47664fb0d84744d9a964d134ea2fcc2ab00ddf51bbdcca55219b2eb5916172b8c36fcf54d0895f45b66a7611e546043ab2ca51b7a4fe2499e802abc2bcd3b4c8","ssdeep":"","tlshash":"78900441c4044c010717444131051d517d451d1455514f0107515445744571047c1717","first_seen":"2025-10-06T19:34:30.094474Z","last_seen":"2025-10-06T19:34:30.094474Z","times_seen":1,"resource_available":false,"data":null}},"time_used":784,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":784,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"aurevoe.life","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycutebabyshopbd.com/hdghnc/e4214cf7d36a96c8d139cdd1e376f10e/ZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"mycutebabyshopbd.com","domain":"mycutebabyshopbd.com","tld":"com"},"ip":{"addr":"103.213.38.36","port":443,"asn":150142,"as":"Wolast Technologies","country":"Bangladesh","country_code":"BD"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T19:34:00.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycutebabyshopbd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 23:21:10 GMT","end":"Mon, 22 Dec 2025 23:21:09 GMT"},"fingerprint":{"sha1":"B9:90:1A:CC:06:23:D9:8D:37:EF:5B:0B:C9:C9:D9:92:C7:95:C3:C8","sha256":"BE:62:24:73:46:F0:F5:51:E0:FD:58:9B:68:84:E3:76:3F:C8:EC:13:E5:11:E5:0A:E2:B0:A2:23:DB:3A:B7:F1"}}},"request":{"raw":"GET /hdghnc/e4214cf7d36a96c8d139cdd1e376f10e/ZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA== HTTP/1.1\r\nHost: mycutebabyshopbd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 06 Oct 2025 18:44:10 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nx-powered-by: PHP/8.1.28\r\nrefresh: 0; url=https://nexoizaki.vip/UbDcMUlbA/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==\r\nalt-svc: h3=\":444\"; ma=2592000, h3-29=\":444\"; ma=2592000, h3-Q050=\":444\"; ma=2592000, h3-Q046=\":444\"; ma=2592000, h3-Q043=\":444\"; ma=2592000, quic=\":444\"; ma=2592000; v=\"43,46\"\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.1.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":1217,"timings":{"blocked":461,"dns":0,"connect":228,"send":0,"wait":295,"receive":0,"ssl":232},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurevoe.life//","fqdn":"aurevoe.life","domain":"aurevoe.life","tld":"life"},"ip":{"addr":"104.21.4.151","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:05.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurevoe.life","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Sep 2025 20:35:56 GMT","end":"Fri, 05 Dec 2025 21:34:14 GMT"},"fingerprint":{"sha1":"04:1F:45:84:92:EC:CB:A7:83:39:22:94:68:AE:78:CD:24:23:74:F4","sha256":"6C:37:F7:52:85:C4:94:CD:F6:83:0E:E4:E4:1B:1D:03:8B:E1:6B:40:F8:01:FE:DE:1E:D1:36:73:B8:DE:76:AC"}}},"request":{"raw":"GET // HTTP/1.1\r\nHost: aurevoe.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ftp-east.nexoizaki.vip/\r\nOrigin: https://ftp-east.nexoizaki.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:07 GMT\r\ncontent-type: application/json\r\ncontent-length: 68214\r\nx-powered-by: PHP/7.4.33\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m8QKd2umiaY6DmqQHe8jiGrE7gdz7BO4tUz5zV0CwVMcyNbQqFuMoL1prgkBRUyNOPgsKmvbjPXhbyT6xDUtmCxezwIvM4PYd%2Fs%3D\"}]}\r\ncf-ray: 98a7981b5d3a56a9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":212096,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a6e0d7f95be96ce1a7426635f5aef886","sha1":"54dfb99505d6b833cf208363d7f8531cc57221a0","sha256":"d10b894a6e18c333c01f91950675f0e48d19ded860e0e79fe3b483fe9dc3562d","sha512":"4dbfd28153e598c54f7385b7306ad4b48aee6e747223522a205964ae8e8dc0b749db1c439ebe6a5a8646909e5c22b307a8c76ac60354dce5963600773bd8c0b8","ssdeep":"6144:yfnFyo9qwWpX3qEGyXiiZGAhLTJW9kCNvYyY0kd:unijDSvYyYVd","tlshash":"bd245d54d685e7fbc3694d6908f50d1c7a00db23a05c3e9b740793eb887aaaa857f4f0","first_seen":"2025-10-06T19:34:30.097079Z","last_seen":"2025-10-06T19:34:30.097079Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2315,"timings":{"blocked":34,"dns":0,"connect":2,"send":0,"wait":2171,"receive":76,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"aurevoe.life","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/,","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","date":"2025-10-06T19:34:07.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/, HTTP/1.1\r\nHost: ftp-east.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftp-east.nexoizaki.vip/cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/\r\nCookie: PHPSESSID=e62jq97dv5id3o0ggt6poie5nc\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"ftp-east.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"nexoizaki.vip/UbDcMUlbA/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T19:34:00.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /UbDcMUlbA/ HTTP/1.1\r\nHost: nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 19:34:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/7.4.33\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mFIS84F0Wh9XDJsTEFAttreDvVxpIldQdbay7CE8%2FDLG6W0FAvQeONVFeyrTjg3o5A%2BCaPuus2akUv%2BDTcvlBm9Bi9pL2t1lhlIJ\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 98a797ff6c3a5696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with no line terminators","md5":"3892a70de6cc198e00ccea2da6c70d9b","sha1":"0142137d08d89522f3176c50c1f920aee9182950","sha256":"e930fcfdf17ee6bbd4bc47b8a1bc20f9dd94261a6044ab7d970b9accf10e3337","sha512":"c2e3f59b5b8d103d36c4bcdb451f4715cedeb1629770fab8f01cd6a0677d5b65d08a0bce75b908d023ccedfd620b64ed80d064e10ebe1c45fac7daf20cd77a32","ssdeep":"","tlshash":"85b092db8a48c69022e260438723b9ae682211cd5989a08250401942a2183aea91fc89","first_seen":"2025-10-06T19:34:30.099192Z","last_seen":"2025-10-06T19:34:30.099192Z","times_seen":1,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":40,"dns":1,"connect":2,"send":0,"wait":41,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"ftp-east.nexoizaki.vip/UbDcMUlbA/#XZGFuYS5tY2NsYXlAc2x1cnBtYWlsLm5ldA==","fqdn":"ftp-east.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"104.21.93.107","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T19:34:05.061Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"POST /UbDcMUlbA/ HTTP/1.1\r\nHost: ftp-east.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1008\r\nOrigin: https://ftp-east.nexoizaki.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ftp-east.nexoizaki.vip/UbDcMUlbA/\r\nCookie: PHPSESSID=e62jq97dv5id3o0ggt6poie5nc\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nlocation: /cd34312b2a51b00aec-84c8a51e9d7a1-1c1f43bf59a1e628-6442c431df3ffbbf83-93c78ea5650a-4a76c3c37ff818-f3e602bd73672/\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OmXrfmbNFg3OvV3BVh%2FXGMko4UpwhCu7dDTy9M1s%2FkqWCRUDTdJopSSUosFUUM6YlC8TNAb3%2FFw9UoTRN7%2BzeoM5D4xUeAPDyawffuulwOEFuV%2Bn%2BMo%3D\"}]}\r\ndate: Mon, 06 Oct 2025 19:34:05 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98a798199930b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1355,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T08:11:44.873372Z","times_seen":13414019,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"ftp-east.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}}]}