{"report_id":"974048d9-713a-4c79-97e1-6ac85020cf6a","version":6,"status":"done","tags":[],"date":"2025-10-10T17:20:05Z","url":{"schema":"http","addr":"asgar78.art/","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"ip":{"addr":"104.16.181.227","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"asgar78.art/","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"title":"asgar78.art/"},"submit":{"url":{"schema":"http","addr":"asgar78.art/","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"ip":{"addr":"104.16.181.227","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-14T17:20:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"asgar78.art","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"asgar78.art","ip":{"addr":"104.16.180.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-25","domain_rank":0,"first_seen":"2025-10-10T17:20:05.341967Z","last_seen":"2025-10-10T17:20:05.341967Z","alert_count":5,"request_count":5,"received_data":139307,"sent_data":2425,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2025-10-05T22:13:51.058913Z","alert_count":0,"request_count":1,"received_data":20344,"sent_data":500,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"asgar78.art/","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"ip":{"addr":"104.16.180.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3f11e009d5dac0327d85c96eb370c414","sha1":"1a37971bc18ae5867f2123bfb10e6ba48e105dce","sha256":"269ae7b761046cb2eff5ac80c2e91a6cca18b0437ff323822bd54c07e7dbdb33","sha512":"af00fc7a813f8df8cb60853e7fe0a43e993405e17fc47b285e13da48d65d472647a57de137db6c020b581395e20ce5e7f92ed4298f552e0a4e4be6bfc76ea3db","ssdeep":"","tlshash":"fed0220113e58838026360fadfae6295292280473202de4b3d3c09c80fc29a482a05c0","size":218,"data":"","first_seen":"2025-09-28T06:52:00.185791Z","last_seen":"2025-10-24T11:55:57.230501Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asgar78.art/","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"ip":{"addr":"104.16.180.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4d3c8c126fcbb6a51e7ab699fec929dd","sha1":"2fcee68ef70a56a375001fb04055531bed5c7b26","sha256":"f888324a5cff424cde057818e1b7fbe9416af76a3dbc47c17f5433e16f936fa3","sha512":"53a60738d509a0585747be210a9286e36a3a2047cb3cf973b4ba6705ce353f6b4506ccddc202dcf9ea824df86b1088fef1a88b073ff9bca17eeecd3a20f74253","ssdeep":"","tlshash":"691104b53a2a1534d6c5418b31bee7a93e3250717e02d044c26ccc245d18ec314efcbe","size":921,"data":"","first_seen":"2025-10-10T17:20:10.094131Z","last_seen":"2025-10-10T17:20:10.094131Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"28170ab63032556ab6e24f0a9edc9c0a","sha1":"0ec7906dfe5f8ff9acb4a08352c95bfe4a5be2b6","sha256":"b5980e0eca923d23876a4f03ac7d3852a2aa3f7fa887fb3af51239778f186531","sha512":"84eec165ad11f61866eccd699be928760872c855fc3019d84c207714f03d574f78c9caf3bb79ffa9cb27ec09c08e7ae3601bda5c846241ab48e5f5d3c98fa72e","ssdeep":"","tlshash":"36d097e618b6883073c9024f71f3d396226220e07a21da0080c9cc1b1f20ed308b295c","size":236,"data":"","first_seen":"2025-10-10T17:20:10.109194Z","last_seen":"2025-10-10T17:20:10.109194Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-05-08T15:46:31.910972Z","times_seen":335089,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"asgar78.art/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"ip":{"addr":"104.16.180.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3f565fda4801a758d38db225a323a51f","sha1":"1318a2c0478a3b6273f919fc2107f43a015c9f09","sha256":"a4a1f63e80537313fea6ddf9b2dda4d150c32ba256b3f5508134265f01982582","sha512":"2931b20925d8b6fffed540a1607f24858ea6bc43cd6035cf67e455706fca03e21fbc9857cc6bcdd09ff37bd6ccc8e1376fcb5f273812a34dc8b1578a4e4599a3","ssdeep":"192:o+XAsTRwVldHXgtLAZWORc+RBNcAfo5GYheAcSTOVRlLr:auLAcOR5Moo5GYhDcSTqv","tlshash":"f622c98fbb0db46c03b51eb520a725cb9959cea9303e5c4e8530a5fc7d11e8a7449e8d","size":10080,"data":"","first_seen":"2025-10-10T13:44:51.002114Z","last_seen":"2025-10-22T11:06:43.636016Z","times_seen":734,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"asgar78.art/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"ip":{"addr":"104.16.180.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asgar78.art/","date":"2025-10-10T17:19:43.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asgar78.art","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 10:38:36 GMT","end":"Wed, 24 Dec 2025 11:38:26 GMT"},"fingerprint":{"sha1":"43:80:FB:34:6B:8E:68:58:C9:BD:CD:F0:4A:25:14:C7:10:A5:B4:90","sha256":"85:04:CE:56:F7:81:DF:D5:73:C8:BB:9F:BD:01:3E:1C:E2:10:CA:2C:EC:62:7E:A0:64:70:7A:CD:A3:05:48:E3"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: asgar78.art\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Fri, 10 Oct 2025 17:19:43 GMT\r\ncontent-length: 0\r\ncf-ray: 98c7c8c98b5dc759-OSL\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e9c9e9d67513/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10080,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T15:53:20.525245Z","times_seen":14844059,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"asgar78.art","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asgar78.art/cdn-cgi/rum?","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"ip":{"addr":"104.16.180.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://asgar78.art/","date":"2025-10-10T17:19:43.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asgar78.art","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 10:38:36 GMT","end":"Wed, 24 Dec 2025 11:38:26 GMT"},"fingerprint":{"sha1":"43:80:FB:34:6B:8E:68:58:C9:BD:CD:F0:4A:25:14:C7:10:A5:B4:90","sha256":"85:04:CE:56:F7:81:DF:D5:73:C8:BB:9F:BD:01:3E:1C:E2:10:CA:2C:EC:62:7E:A0:64:70:7A:CD:A3:05:48:E3"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: asgar78.art\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1153\r\nOrigin: https://asgar78.art\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asgar78.art/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Fri, 10 Oct 2025 17:19:43 GMT\r\naccess-control-allow-origin: https://asgar78.art\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-ray: 98c7c8c9abbec759-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T15:53:20.525245Z","times_seen":14844059,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"asgar78.art","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asgar78.art/cdn-cgi/challenge-platform/h/g/scripts/jsd/e9c9e9d67513/main.js?","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"ip":{"addr":"104.16.180.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asgar78.art/","date":"2025-10-10T17:19:43.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asgar78.art","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 10:38:36 GMT","end":"Wed, 24 Dec 2025 11:38:26 GMT"},"fingerprint":{"sha1":"43:80:FB:34:6B:8E:68:58:C9:BD:CD:F0:4A:25:14:C7:10:A5:B4:90","sha256":"85:04:CE:56:F7:81:DF:D5:73:C8:BB:9F:BD:01:3E:1C:E2:10:CA:2C:EC:62:7E:A0:64:70:7A:CD:A3:05:48:E3"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/e9c9e9d67513/main.js? HTTP/1.1\r\nHost: asgar78.art\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 17:19:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 98c7c8c9bbeec759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10080,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10080), with no line terminators","md5":"3f565fda4801a758d38db225a323a51f","sha1":"1318a2c0478a3b6273f919fc2107f43a015c9f09","sha256":"a4a1f63e80537313fea6ddf9b2dda4d150c32ba256b3f5508134265f01982582","sha512":"2931b20925d8b6fffed540a1607f24858ea6bc43cd6035cf67e455706fca03e21fbc9857cc6bcdd09ff37bd6ccc8e1376fcb5f273812a34dc8b1578a4e4599a3","ssdeep":"192:o+XAsTRwVldHXgtLAZWORc+RBNcAfo5GYheAcSTOVRlLr:auLAcOR5Moo5GYhDcSTqv","tlshash":"f622c98fbb0db46c03b51eb520a725cb9959cea9303e5c4e8530a5fc7d11e8a7449e8d","first_seen":"2025-10-10T13:44:51.002114Z","last_seen":"2025-10-22T11:06:43.636016Z","times_seen":734,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"asgar78.art","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asgar78.art/cdn-cgi/challenge-platform/h/g/jsd/r/0.31093954321451195:1760099306:PYl1JJi_a61rqQmhSomRc7mzq5WI4fFR_laoGfpN5iA/98c7c8c60b4fc759","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"ip":{"addr":"104.16.180.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://asgar78.art/","date":"2025-10-10T17:19:43.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asgar78.art","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 10:38:36 GMT","end":"Wed, 24 Dec 2025 11:38:26 GMT"},"fingerprint":{"sha1":"43:80:FB:34:6B:8E:68:58:C9:BD:CD:F0:4A:25:14:C7:10:A5:B4:90","sha256":"85:04:CE:56:F7:81:DF:D5:73:C8:BB:9F:BD:01:3E:1C:E2:10:CA:2C:EC:62:7E:A0:64:70:7A:CD:A3:05:48:E3"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/r/0.31093954321451195:1760099306:PYl1JJi_a61rqQmhSomRc7mzq5WI4fFR_laoGfpN5iA/98c7c8c60b4fc759 HTTP/1.1\r\nHost: asgar78.art\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12068\r\nOrigin: https://asgar78.art\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asgar78.art/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 17:19:43 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 0\r\ncf-ray: 98c7c8caee71c759-OSL\r\nset-cookie: cf_clearance=BNtgAQHlnpR30AzJ0mqfs9mXuZav.BV6CDUs8O4Aa.w-1760116783-1.2.1.1-hgPw8jdwjuW98sFGg2gC7.ZojRyFLn3SD4_PKeqTHp4vmYzomoWvUSeaU2xs6JZGtl7gFi.UaAGpsmoKTwlJrp5weTDrV85YtFqApLGnNQHD63gmfuol4Q9VC97ZNEftWHn8EVBa9.fkMGgtNRZqWB3Pe2TsJxHSN9ex48lqx1d3pe2v.meOg8Kyt024zgMpQwEd_ElhVvKN8NGE1nMXAp68evPsvAO2siKnY2U4n.8; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=asgar78.art; Expires=Sat, 10 Oct 2026 17:19:43 GMT\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T15:53:20.525245Z","times_seen":14844059,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"asgar78.art","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"asgar78.art/","fqdn":"asgar78.art","domain":"asgar78.art","tld":"art"},"ip":{"addr":"104.16.180.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T17:19:42.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"asgar78.art","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 10:38:36 GMT","end":"Wed, 24 Dec 2025 11:38:26 GMT"},"fingerprint":{"sha1":"43:80:FB:34:6B:8E:68:58:C9:BD:CD:F0:4A:25:14:C7:10:A5:B4:90","sha256":"85:04:CE:56:F7:81:DF:D5:73:C8:BB:9F:BD:01:3E:1C:E2:10:CA:2C:EC:62:7E:A0:64:70:7A:CD:A3:05:48:E3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: asgar78.art\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 17:19:43 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\ncache-control: public, max-age=0, no-cache, no-store, must-revalidate\r\nlast-modified: Fri, 01 Aug 2025 10:02:47 GMT\r\npragma: no-cache\r\nexpires: 0\r\nx-served-by: asgar78.art\r\ncf-cache-status: DYNAMIC\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfOrigin;dur=12,cfEdge;dur=233\r\nserver: cloudflare\r\ncf-ray: 98c7c8c60b4fc759-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":116935,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (59314)","md5":"21cfda92785aec747c2dca5157777383","sha1":"29f4c00b935213fb7917042c01cd1ac0ad34fbd0","sha256":"ab233347e7ef4cc5c2c1a0b5c5431111116ae0c72233e6fd5edd584539b5f2e8","sha512":"800e819185eac1d16deab6eb0f8d3bada742bb5eb31cfca3e7bd9f9c263963ce97cad2daaf653c2e732813513a385661fd7b7590b2d8d35e9833182fb19b9a4d","ssdeep":"3072:V7mIHDvDciJFAT4MpHK+H6/mNlqn3BC1za:tm+c+7eRHYx3Bea","tlshash":"d2b3017b09a3af192933a4286b3b25022e308903c75fd885fefc594acf46d81e5f6755","first_seen":"2025-10-10T17:20:10.059574Z","last_seen":"2025-10-10T17:20:10.059574Z","times_seen":1,"resource_available":false,"data":null}},"time_used":815,"timings":{"blocked":285,"dns":76,"connect":1,"send":0,"wait":246,"receive":0,"ssl":205},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"asgar78.art","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://asgar78.art/","date":"2025-10-10T17:19:43.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 02:39:12 GMT","end":"Sat, 22 Nov 2025 03:39:06 GMT"},"fingerprint":{"sha1":"B4:6C:D2:16:CA:52:EE:BD:22:D7:B4:2C:64:FF:A5:EF:67:D8:E1:F8","sha256":"FF:3A:23:84:D6:B2:73:DF:50:6E:1A:45:A4:AB:03:37:0B:C4:4A:8E:82:12:99:10:80:A2:F7:FC:71:E3:BA:1D"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://asgar78.art\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://asgar78.art/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 17:19:43 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 98c7c8c92c09568b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-05-08T15:46:31.910972Z","times_seen":335089,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":48,"dns":1,"connect":1,"send":0,"wait":15,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}