{"report_id":"a7f751b7-ad44-4a67-8451-d341f0578a30","version":6,"status":"done","tags":[],"date":"2025-12-23T06:17:01Z","url":{"schema":"http","addr":"xaztl.com","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"xaztl.com/","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"title":"高清视频在线观看免费大全，海量热门资源每日更新-国产影视精品推荐频道","dom":{"size":109418,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (63522)","md5":"34fd81e949efc379b3040c8e0fc47202","sha1":"b3f5d1b10e03af8399e3206c97715443b65f91c2","sha256":"0d0780c10e137042661aff782597b52d002aea05890ef834b8f9a49ecb8f28a2","sha512":"ab98b337f868b33e15cc3245f7f02ae6785d0f08c4cbe3dd0f0415e3b5376624048b5fe72060c743fb0081d4048ff1a3565d8c8a1a1eeadd6e64fe2a351b62fc","ssdeep":"768:p1eJL6J79ONAU2TP2CL1HVjdh2QM5QYXv3z6KttljTME+r8dYVvr:vpn5r","tlshash":"65b3423443150d2da11742a4f2a0773da0eee2c9ea0b951db1bc41b267c7c9dadbf2d8","dom_hash":"domhasha083a21168ec9425c5e31db363dfecbc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"xaztl.com","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-27T06:17:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-23T06:16:38Z","timestamp":1766470598,"ip_dst":{"addr":"104.18.38.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.17","port":42506,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)","source":"{\"timestamp\":\"2025-12-23T06:16:38.713222+0000\",\"flow_id\":318393236769268,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":42506,\"dest_ip\":\"104.18.38.10\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050130,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"ecmnulquvpwnhuahbege.supabase.co\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":934,\"bytes_toclient\":3521,\"start\":\"2025-12-23T06:16:38.707060+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"ecmnulquvpwnhuahbege.supabase.co","ip":{"addr":"104.18.38.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-01-11","domain_rank":0,"first_seen":"2025-11-23T16:09:39.258969Z","last_seen":"2025-12-20T17:11:32.76945Z","alert_count":0,"request_count":1,"received_data":1079,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"xaztl.com","ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":57,"request_count":57,"received_data":1764538,"sent_data":24131,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2025-12-22T01:25:11.24726Z","alert_count":0,"request_count":2,"received_data":30877,"sent_data":1357,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"xaztl.com/","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-03T20:31:04.691626Z","times_seen":102044,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-03T20:31:04.691626Z","times_seen":102044,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?be7f1bed0ea34802e76071d00ab820d3","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"617d7302321098e74378c7e76acb6fbe","sha1":"685bb0fce25fbeff8173a8f6b4efc6ac6fd89c40","sha256":"ec8747c8b558b11dc2f275c123aa6682b67e83d35eabe48b754e501adc2e375e","sha512":"37077c2dac46684cf9da4d7155d8950b8e9caae9335a309c764a54582e1633dab0ff6703e412d64d8384aea6152db4049fde866a21ef739b707cec2ecc7d5e2d","ssdeep":"384:XFHJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:XFH4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"3ad2d9a9b282713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29895,"data":"","first_seen":"2025-12-23T06:17:11.791888Z","last_seen":"2025-12-23T06:17:11.791888Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"df25daf8039a90dec4409f23193bde1e","sha1":"cb9665d3953bbc743785a4808a88b8dbb12eeb13","sha256":"22776864ede94581c498fbbd3feaa367587de0c27113378f29536cce89d3f226","sha512":"37ad7c1275bb7675254b216c574b63209667713eb7b9a0360f1b426d58583b6c97a7be2a5ddb5c191e057f9136ff462317588d5798c63bd16b5b804361f15ecb","ssdeep":"","tlshash":"94f02bdea349cca538db7f7db612361861dd0d39ac9d849c8da4540515e593701f11cf","size":560,"data":"","first_seen":"2025-12-23T06:17:11.796234Z","last_seen":"2025-12-23T06:17:11.796234Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4fdcc5fb462eef4d912d2ca1367b906","sha1":"838ae9324c28a78ec3b992161200213656a2c9d7","sha256":"fe6f98f480ccb24d7f182a6d19af475817336f83591dfb28bd79a0b4289e77da","sha512":"ddfdfe42a2d2377efc39cd790a704288b7a036bd857ee3303b466774b692fa69ad946637ba5ed25e53fcedcd8cf43fc7e2828ad54415e8775240e0b3e29cb13a","ssdeep":"","tlshash":"dbd0971f6c181c3823a6043c11bbea4cf0b2508c707de001c0ccec008974eda083e7c8","size":254,"data":"","first_seen":"2025-12-23T06:17:11.796948Z","last_seen":"2026-03-08T23:29:22.458831Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"93695a00f651f5e42c7943c33aa72b93","sha1":"75d2a241e8460c8bdc497471e7743b13755c4ecb","sha256":"e379212d226257a9aabb3316a3862442becb6bee2cdcd1cc750be683b121eb8a","sha512":"0044fa6dc299c53e71482f2a4c3d8ee95f1fa5590a9da76dcf6a1f88abc4a01f2c5eafb488546fa622e854ce79f9c81f891d0eaa0fb52734019b92512ab81afa","ssdeep":"","tlshash":"78d0970f3c401c782fa910ba103ef6ccf062110ca092c91284cde486ae30eee08296cc","size":241,"data":"","first_seen":"2025-11-28T19:43:38.662665Z","last_seen":"2026-03-23T15:35:45.093176Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ecmnulquvpwnhuahbege.supabase.co/functions/v1/serve-ad?id=113fb970-23a3-49f2-bdd6-169e3b5a90d3","fqdn":"ecmnulquvpwnhuahbege.supabase.co","domain":"ecmnulquvpwnhuahbege.supabase.co","tld":"supabase.co"},"ip":{"addr":"104.18.38.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"550c512dac7b084bd6b8b0dd2f7e181a","sha1":"59b6f57aedec8a890c70b4446766614db7b6ac02","sha256":"a978151a1e004a0ef8e5d9a0bd67e38663594c444be7cb3bc44da12de175ee4b","sha512":"112643936c4c5627f5328084ad0f50ee8d02b318e809d296113df7cbb1d867d7ba4824ee327fd918792794c1f56b9751b4f80b9d1f5d80ea25052b1ee9136a1c","ssdeep":"","tlshash":"a970000300003030c00f00c00c0033c3c033000c300000c000ff00c0cc00033c0300c3","size":21,"data":"","first_seen":"2025-11-23T16:09:51.634119Z","last_seen":"2026-01-27T03:44:38.665203Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/assets/index-Biu8F5Xw.js","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f371f306a10f1ed676c034305bfe8cf","sha1":"6dfda1838873723987fcc78a71b8a1492e49d885","sha256":"9ee8bafc931ac979797e737c09418eb0e50dfb33a2bb20ee8e2fba25159746c3","sha512":"f8a42efa8fc7a89fe3ac4c447f9839edc2279fc6125356ba01d2fa25c022c3952a928f32e7b64347cb3fabeb574bbcb4c6506899a37fe7cbc60c9d1704bbc603","ssdeep":"12288:tvIPoqnx2Osu17G3tTZIbnpP/aQhxgRoYnrgJLc6m8:tv/qnx2hdtlIbpKQhxgRoYnrULc6m8","tlshash":"eaf46cd832aa946a97d145d5507b421273387d0a740cc4acfa3dfcdb2e65906b0bbfb8","size":738930,"data":"","first_seen":"2025-12-23T06:17:11.79911Z","last_seen":"2025-12-23T06:17:11.79911Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"xaztl.com/2.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /2.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"0bb22f89d977c544434578522e06d445-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH48S4DBG9MYD2RWGX70\r\ncontent-length: 19659\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UTm%2FHNPuY4N5xC3Pl%2BZvIINrN%2FHjiSTNKmA56S4%2Bw4%2BIagH7XnMP04b5qyqz1%2Bvcg904aS7AC2FQnvcy5TnaCzYAzcVriN0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb3fbb8a569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19659,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"b047e965088a1da09808c616dd2e501e","sha1":"206a50cb2431fbb4ef2155275c5fccd6c1a9940a","sha256":"aa04cd02434fea105036f220ffe4518a642aa3aedef11239cdc5ffa16301dd9f","sha512":"9bd5f716b6f29e58e4f7e493e461211400101cd7bb7cee3979dd4eea3beae678cdfad87b57bb300f68bb967181c94cd426923314624a3dc00f343750656f3d07","ssdeep":"384:9b3dcP8toh33nc8ejS9oXIsvtkRCk36+7zEBwp8EJjV4bVdJ4x1xycmI:ZyP8oHcHW9etkUk3H7zEBET4jJ4xfyc5","tlshash":"ca92d0410965cd65fda512be5abcca6d87294e5c04cab952673c304b4c20bf90c6d4bf","first_seen":"2025-10-21T09:00:55.127398Z","last_seen":"2026-04-03T13:50:18.747557Z","times_seen":73,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":410,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/3.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /3.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"d6155e55117f4a90204547ab046734fd-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH41PNHGXB1BQEA8EPT2\r\ncontent-length: 24376\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=grhnSv5wso%2Bo6CJVODP3%2BiHzSkE%2FNPoFK3PkSCIKCpi9hgzf%2Btlx0xocGDoqbGpQEVS6zKVm7eUoV02UAxDdfEc7FbWtTrg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb3fbb8b569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24376,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"4c1fd4cc1a7fd1321bd497c3fb2eddb8","sha1":"b43a8d88837a99a9479ae8b5b2240d2152fb5e20","sha256":"b04b9bde2fd532c72b260ad92fd0b78e520def3f0694a2ba402f87655323956f","sha512":"88fc9f91404bbe6844c44872b61873de49f2a189df6e9c9e62726f259fb0ef9072bb887c3bce492c8b6f3e036124d0f0eb4ac64b8d9ef32f59d6bc4cc03ec11e","ssdeep":"384:m1zLDYG2xI00NsJk8IO9oFt9V+fOQMtMTu6gtKznNeUt2Y8Thxm2oLBW9ULt:S8xQNsJkdO9oZVH2u6tYUt2Jy49K","tlshash":"91b2e113584ddc54d8b969ff2fc4798b30816e32436ae2216fccd9898b71c580ed99f9","first_seen":"2025-10-21T09:00:55.134494Z","last_seen":"2026-04-03T13:50:18.716155Z","times_seen":76,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/32.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /32.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/26.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /26.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"850928374dcff80ade30e0ef30719de5-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH1KSNZY8H978VYCBDQJ\r\ncontent-length: 23590\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=euCwAjJXInr3%2BDMQUS7AMW75cOeAlqnu%2BtzNvsuovR3PEccpzpWSjDcgDz%2BRtYF%2BY0LnOaOKxHCCkh50w7aHRS9KdUBm9Gc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb416bab569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23590,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"8923d65b376d4636047697bcf33ce2ff","sha1":"3784af588fc8a8ca004c7f46ca4ff4b1dc5d6b25","sha256":"b562b17cb1a60109ba32a734f9d57c5c64c326121c72bbbb828823ac8192c303","sha512":"aea1aa009c6e431f77e57c539d8fa3f138c735134e81a7d495ff6338c8a7ef0d0d8f1ab3b8f38fc729282452cfd31286bf553442b8a7ee2fc742bf05bf4ed5d3","ssdeep":"384:zyw06VZ8S7477JeJ21TKAh19XpEh4as+GymdOq2bHOorjcL+hdKeqar0PJSjLxCH:z90qDy7Jy21uAhbXlam5kqe/coFqJP3H","tlshash":"01b2e0752fe8b1eac2358531aa52b2328074ce01b69fd6253c74ec51b4f3e1a24b4937","first_seen":"2025-10-26T02:11:47.791176Z","last_seen":"2026-04-03T13:50:18.734045Z","times_seen":33,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/28.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /28.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/15.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /15.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"883bdcd75d69f6b992d1d2aa7149fa38-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH4HYW9XCSAJHQBTZWD3\r\ncontent-length: 45155\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FAK6yVlRdesgKyUdNNSHSNS3fasMD2g5grt0dYeG0MOMNhmxQec3W1QgOw9P8BblvUn1y6MvC9w0a2LlxbKABssZkQG61Gs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb417bae569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45155,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"2af49b06a7faf90fc84bc3552de9920c","sha1":"11bc4a2833b747ebc7967786694c88d9b19c60d7","sha256":"906c3b548a6404e89f6f2d2f9185ce2c023ef40f46ae5e8b4f5aca069c0d458c","sha512":"4f764b7a5a315a7aa23259ade576547b9323fcd279b6b7cd13be107c79dd7fce441ede353d86985cc8da80b214a190159e1958303159ec3cec58910e9457de67","ssdeep":"768:QKD943irgzN8ueYsLeNn7kweQO4e9A6e9/9e24RQ6GDMGSuRpf/BgzMTOY2:5D9VrgzOJxeGwZO4YmFeRRQ6GEuvCVD","tlshash":"d113025157ec25ade22cb2f1bd816738e7b4b55cc50232dda1a4649293c4ec3b1f164f","first_seen":"2025-10-26T02:11:47.768603Z","last_seen":"2026-04-03T10:23:16.339059Z","times_seen":59,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/16.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /16.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"ca0b54f703bd5d0f8c6605e0e5eeb60a-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH2JZ3HW2RPP7B3X64WZ\r\ncontent-length: 34226\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sUmrkrzIRZNeFFxL%2FmL4erYR1vAvrcWzO5%2BWwq00Di7rLbHPfqAVm8L2Gw2qYOjPolmAUxZcHMM64reaE%2FRlTLfNokdhIkc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb418bb6569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34226,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"51fb75a25da3d210c98b974c1a982ccd","sha1":"9c8251f381e401eb14af4be1540fde91f51d04ec","sha256":"b49092c61bb2e56b7e886340f21e39f17fb13eea11e77bb06c41a8f88d43a784","sha512":"24a3f1d6e097ad506046642406fd5a06a7803bb17f2ead8b54b0c2ffa8c6b4b09802e15996b7f18440d4eb396c920c0ca8018556ed9e442fe5acf83653a679d9","ssdeep":"768:F66ullW+9R3vCtbZaYOlXuBTw5Q/gZKhVmnGdmdXn5xYgQ7PaJz:F67DvCbZaYm+65KCKhEnGEBAA","tlshash":"b5e2f1789f77c04af3ac96fbb7fc1309a8f6659e481d20cc5aac4912c877642ca06dd4","first_seen":"2025-10-26T02:11:47.787317Z","last_seen":"2026-04-03T10:23:16.371999Z","times_seen":55,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/9.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /9.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"da2f10deee4ec5db7f383fa3a791a763-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMHDFW170K456RQZ2GFMC\r\ncontent-length: 24661\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zrfQmE6xKjOg0uRbzNtHOUnFaaVUWBeqsFnH9YW8Q0NOP95zp9n0oqi%2B3iIqUEBlxdic14E881olTvDWuApMf0%2Fk2hzWoNQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb419bbb569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24661,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"b4d049f4eabda031c38aa7793e823db0","sha1":"07dd01affa0bb1807697851b94aac5d88c7a007b","sha256":"f0cdd086f039475a16b9671f9328dfc05b5a45b32f4e67203ea1158bfd84f902","sha512":"f017c2d817600559addcbd11e40fca273e4e96cd84bb5157b7c696c922dc8d606e7b972b2b128ce2afa84f61ccd75a8384043311de7c876872de25b5bb3a763d","ssdeep":"384:Pkd0ej7U91TOpVNLhCFGRkB1+XpHd+rSkYk5mc658CxdYMIjFT95wng:PkKeVLiYP6hiVyTvkg","tlshash":"10b2d02aa3ab4425cd5dc03169fe3ec14571ec2d82f148f7858087b6974ea8d1a6d3f2","first_seen":"2025-10-26T02:11:47.775103Z","last_seen":"2026-04-03T10:23:16.330282Z","times_seen":64,"resource_available":false,"data":null}},"time_used":365,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/17.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /17.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"26b8753b2d56b528df50b6e84c3b6b65-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMHA56BPRNSBHACS55HBT\r\ncontent-length: 23218\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5aoHJq6YUIESjQgFMTdA8PUH4QEs%2FK7gO5azlG1J3F%2BYbgkFoT%2BMjjqoc36eFdXrJQe8UbWpShSOvHMwkp4udT5Z3%2B%2FxwiM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb41abbe569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23218,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"3ede6763fc0931c0111969eccff1bc70","sha1":"f44227f486a23640fc629c6093b52667b2a92d1b","sha256":"a512b9fd7ba82692398281fe5d92dd58cdf8575436b00fa2e427b36c7308a2ad","sha512":"97eb6316bfbf6ab5ee2cb6602222120bbbb63490cb027d21f49838fa03ea00b31cb2abc474de05a3df1d4e61de0562d4d20abe616f6fa5f9555fe1d6520f61ee","ssdeep":"384:DDNfrMGudjVuz288JxdMlOOM40j/kxeqcZ7qASkwOr:DDx9udjVuedMlzKQxez7JSknr","tlshash":"2fa2d09013771d17e33681742286ca236d12995274caefffed522d228c3ef162bdd688","first_seen":"2025-11-02T13:19:49.31524Z","last_seen":"2026-04-03T13:50:18.748523Z","times_seen":49,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/27.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /27.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"7192ac0080c085f6e1f86cdd85dc3ac5-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH5MPR26JS0P6SM3B3C7\r\ncontent-length: 28164\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WfXGfjj0qnYvo0PY9eMAj9eqTpbTFIHHGQYavviV18UXrhGdFVy%2BBsC0YAgh0bIU3MPa18cfstN3R3X2P%2BidY8%2Be7tvnaCU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb418bb2569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28164,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x744, components 3","md5":"efac1c096921664cf624b0dedf234c17","sha1":"893f420dcb02950eb64ac656a3248ff5f03de5c8","sha256":"4f823e18a213497351c4f733f0273408610e625c5da72096261df1ed44f7e185","sha512":"587ddd87b5236bfe2ce53dd4274be81c346edbe838c0d56a65804aa85d98665b32903e89805a6f80d10b6460259302fe755c89b8e4d64d2e3d73126800c31527","ssdeep":"768:Z+l4ktMlbsRS4STjmySGfKlP4vQIsPsN3qYW2D:Xvlb0yNjKWYQN3qYWe","tlshash":"edc2e0c2b32d8214e39f3618f4960a7c11dc3a0a4e9b59f0c9977416bc982eec5de5ce","first_seen":"2025-11-02T13:19:49.3534Z","last_seen":"2026-03-23T15:35:45.070757Z","times_seen":32,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/23.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /23.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/33.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /33.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"cbbbd3df951a35868d3dc8f96d6f6754-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMHA7FC3BKM5RRHCA32P0\r\ncontent-length: 42198\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k%2FGzro1Gzd2qzzfBiVdqwoqjl7qtlub3q3n56inBKFUT5HTxC0y4PV4LQbwDdgJtXTAvf%2BdqcAZjWLtgIZ2Pz9GJihFae%2FI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb41abc0569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42198,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x739, components 3","md5":"f4b822e282eef666232a7c8da9a4b51c","sha1":"f04c0fb41ee9ccda518b8d9566531c28236c8d34","sha256":"d5cc0e49df144ea3438b01c3ab52b123e1f4440e98723bb35a27c34567556b6d","sha512":"f7c6f095d9a8fdb99a0b871f31db3d5146f9b631dd3c9aee5735db10c33d8373b00270188dd7cd4a7e20a979f62f0eb72b4b58837b7c3085f37c1933fa458a83","ssdeep":"768:rrVy0OdoJLNWAn7N3RIzVQOXsIzA+yoSQuPNawYr:rrVy0OdikI7EU5ZQMTu","tlshash":"f613f16db3841951c2da20f3f5944da0cfb7a59a4dd13e8bc1069fa46881ed4fd8a3c2","first_seen":"2025-11-04T07:48:16.517928Z","last_seen":"2026-03-23T15:35:45.088107Z","times_seen":24,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/10.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /10.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/19.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /19.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/6.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /6.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"a5c2192cbc285ca4f5bcb5e0ceef7e48-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH4H2PX2P1TT7N6T5S2V\r\ncontent-length: 35034\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gkcn%2FT4iIqO3QkT4SMDoUk4rMXdjh%2FjGexdH79OVBgWtk0fZNe5weS8XJMFNR%2BzbrIq%2BwwiUv1pwagr69xhCHGYfrErJrlA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb415ba6569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":35034,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"96053ef0124383416b928d037dbd12ec","sha1":"700d679026ce38443a1de6e8984f08a4162489af","sha256":"21fbf4f8b483bf8ff1efbe13e6b9021bdf7d55f25869eb88b13889dde71ec693","sha512":"8cb925bdc82c6bd166146f191c48e91062bbe8df1701ac4f7309328568a1193dbf14b909db4a20ef28a2e559c9dd5d507ed1e5f573142a1fae409b1c5a1803bc","ssdeep":"768:ggNGF1hsX67Vg1kgsF8GseanrFFi12ZwqamEnZIkQz9FDDjZAM:ggwb3ZEkbS3ean5Fi13mEnK7hFXjp","tlshash":"b4f2f136dd8ce8b9f3b636f4c5c6b170aae41107ed46a51ea612c6d1319513e47b07c0","first_seen":"2025-10-21T09:00:55.144058Z","last_seen":"2026-04-03T13:50:18.718644Z","times_seen":70,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/32.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /32.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"64e37fe52df2dce1d8146e4f2f7740fb-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH6RG5FPY1X9YTR44H07\r\ncontent-length: 39824\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SiK3T7Y7mB5m3L1Yg0NQxPmJyJeWQ8v54gn2iNdEWixVrMwLyK5h4vh3K86%2FJQmZVnSJtsP6ZakQUE3wlQjLwSMQEN7wXEc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb419bba569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39824,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x744, components 3","md5":"b7878732aace6b2dee82deb6ff3c1bc7","sha1":"8da0e45533459f015a44c2356ca21eefefd3d742","sha256":"d738a2f97b9db18f7f379ff1952037edbd270a6f6bc19b2a014760223336cd6b","sha512":"f121ad6ced7a703a54159caa1c4b158f755d33f53d8d1338ea1151bc3ae402f024d5ebacecbfbdfa6e2c6b8ba2bcee076c58c3d92ce14108eeedcec971c263f4","ssdeep":"768:gfJt/juMXJIEVQmvXNHGEFQwmPwR39nCOEhyN75B6wfDdjQI:Mhh5r7XNmE7v3VEhy3BjJjj","tlshash":"c803f2160761dbe38006a61f92043fcae44a735172eb1bffc621bca7907778516f809b","first_seen":"2025-10-26T02:11:47.795094Z","last_seen":"2026-03-16T07:04:41.037932Z","times_seen":23,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/13.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /13.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"8ae4b12057097bda40b4cfadb87103ea-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH8M95JCXNR00TRWT6BX\r\ncontent-length: 28577\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1QvgMJ%2FWzDJmEYD7RJRH4DTQhQPkX%2FT2KGu1d38Bm9MgjSjTWBec0UZP2oyiD%2FWQ0tOL47k8RNCbXyN0qDf6EgXKWIEZRlU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb41abbd569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":28577,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"4a4d1abd4e7dd24899fd301172bd5931","sha1":"967be622ec47329cb70a3ccd90604189d51c83b7","sha256":"6c8fbca333c2cadac86dd47fe5c4fbef6373abc52d0a12bf48439944aef21325","sha512":"cc72f018f9ce5fa71160f654718c62b65ebf891eece8269a69020e4c7ec91bee6f9a8d70ea8232e178578b164f84b37a3eb686524ee816e0c6f87e12cbfa47e6","ssdeep":"768:TNrR3F/pSqKXlYi/YFFmh6jjY5yhsZ9XRG9D:9rRSqKVYi/YFFmh6jjYk89Xu","tlshash":"1ad2e1d3bb5e6786b2578d28d16d23833738e4661d4fab3a910935206c4707b1f20fba","first_seen":"2025-11-02T13:19:49.347145Z","last_seen":"2026-04-03T10:23:16.350586Z","times_seen":57,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=98E57CF752003DA6\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1905859327\u0026si=be7f1bed0ea34802e76071d00ab820d3\u0026v=1.3.2\u0026lv=1\u0026sn=40210\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fxaztl.com%2F\u0026tt=%E9%AB%98%E6%B8%85%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%85%8D%E8%B4%B9%E5%A4%A7%E5%85%A8%EF%BC%8C%E6%B5%B7%E9%87%8F%E7%83%AD%E9%97%A8%E8%B5%84%E6%BA%90%E6%AF%8F%E6%97%A5%E6%9B%B4%E6%96%B0-%E5%9B%BD%E4%BA%A7%E5%BD%B1%E8%A7%86%E7%B2%BE%E5%93%81%E6%8E%A8%E8%8D%90%E9%A2%91%E9%81%93","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=98E57CF752003DA6\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1905859327\u0026si=be7f1bed0ea34802e76071d00ab820d3\u0026v=1.3.2\u0026lv=1\u0026sn=40210\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fxaztl.com%2F\u0026tt=%E9%AB%98%E6%B8%85%E8%A7%86%E9%A2%91%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%85%8D%E8%B4%B9%E5%A4%A7%E5%85%A8%EF%BC%8C%E6%B5%B7%E9%87%8F%E7%83%AD%E9%97%A8%E8%B5%84%E6%BA%90%E6%AF%8F%E6%97%A5%E6%9B%B4%E6%96%B0-%E5%9B%BD%E4%BA%A7%E5%BD%B1%E8%A7%86%E7%B2%BE%E5%93%81%E6%8E%A8%E8%8D%90%E9%A2%91%E9%81%93 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Tue, 23 Dec 2025 06:16:40 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=F551524C326914F9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-03T20:31:04.607762Z","times_seen":326388,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/assets/index-Biu8F5Xw.js","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:38.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /assets/index-Biu8F5Xw.js HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"201525ba30a6632beb85f17dcac72e0c-ssl-df\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KD4XMGAW1KSY2248R19MB0QB\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FPl9s0PrYXxqA%2FVkTa%2FacuB4e0SK%2Bos22DIK8AjTDXJmX081YwiPY2jAiINLrXubUwosv2O92ooel0a5vMk76zkwUY6BNms%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b25bb39fb57569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":738930,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (37534)","md5":"5ec74522c085bcf20c95ee81a97b0b7e","sha1":"9676bf10447245db8a948f0c27e9f6b3bbd8d889","sha256":"214cda07f93ef049b7b925b6eba475ec11c692e0e9ec8e98a4dc21d532d40c46","sha512":"0f0c4ae3f00e89fe900b74f6212bcc7b2e900a5aad4b30dd2b92ec6b2b247c3a6bddea3aa29a4d7dd0e27464d3e966a33f0b29b935511e76106a074d8161d388","ssdeep":"12288:tvIPoqnx2Osu17G3tTZIbnpP/aQhxgRoYnrgJLc6mr:tv/qnx2hdtlIbpKQhxgRoYnrULc6mr","tlshash":"82f46cd832aa956697d155d5603b421273387d0a740cc4acfa3dfcdb2e65806b0bbfb8","first_seen":"2025-12-23T06:17:11.768766Z","last_seen":"2025-12-23T06:17:11.768766Z","times_seen":1,"resource_available":false,"data":null}},"time_used":824,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":415,"receive":409,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/27.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /27.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/24.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /24.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/11.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /11.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"3faedac2011492e162f7d34bdfb46e04-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH4D3SR5FSDVJKFY5HPB\r\ncontent-length: 24414\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q2ip0DL5G0T472lkZc%2BOAVJjexqFGTloGtNsb2BWqDOyTbNSPx%2Fm5BJCSQAofiairw5atbIVpBV%2BxSJSjwypfz%2FtsjXAV3Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb417bad569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24414,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x734, components 3","md5":"8724a89ba0a2a6ed560144d9f3c90c25","sha1":"d69217397efbe5d1eb9bbd0777c15b84d90d508e","sha256":"d268e795f3c87816013159515d17deab4ca3bea267a538933c9bb16ecad0916c","sha512":"41f8bfd47d96683df343274aa883744ff07fd45e4e2557c50ef44763df3f4365669aeb0dc641d3c5cbfccfd3d2084ebca555e0d9640152e889d96c74c92662b6","ssdeep":"384:7n0OmuJophhvhsPdQPcxDHwunZ3PU8P6Fm2+5pRsWinK2/9GtoL1dHm/+fbG1V7/:7QGophhvhsK2HwaB1y0oPmObSV7Bl","tlshash":"57b2d024d2f74850ef306b66421f07da361d2a5ed26252fa8716987c26ff9c45583c8e","first_seen":"2025-10-21T09:00:55.161718Z","last_seen":"2026-04-03T10:23:16.359596Z","times_seen":62,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/20.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /20.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 57472\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"1bc17100335aff7529d20fda6a2dd4ce-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH5128E6CVNZP75J398P\r\ncontent-length: 30943\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vr2r%2FjWzhfN30EaGzwPFSonOh9gjQomsKkL555IroWE10L%2FdgjNIojCakwrF%2Fa4nAmt97W3FVKwDCo847oHY8f9OdBkqPCY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb418bb7569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":30943,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"04ff2b4e831c7cedfaee94476ad8875b","sha1":"32f0cdec2e322e708a59e8f5fda083599e58093d","sha256":"7100a38f21817a075fa655b3bc657a53d369547d6d03ffdd945c5ebeee14bed3","sha512":"a5f38c2bfca66f77d99f8f077f482f073baf1b0b07934fff448a406a73e4969cbb942cbd14ead26b2f66e6950d8ab8bcdd9031c52212e62f3885172cc725ba00","ssdeep":"768:Mvl1nFj91llOm5bZkFhEFZdkncL+qYnPsUgJdTq:ylxVTllj5bZM+FZqncL+qgE3q","tlshash":"5fd2f24946c6e761f65c0b39d97f60f6a7058f83462af1473288778c0fab6588fe1481","first_seen":"2025-11-02T13:19:49.367455Z","last_seen":"2026-04-03T13:50:18.739504Z","times_seen":45,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/24.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /24.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"9bf2b21eec4945b3cea6b83e168d02c0-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH4Y3K42QEYFA7CZB5ZV\r\ncontent-length: 21626\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tYDqchHL5Pv6SiOyg6Q3bMagRyL4YAscbRVTtTg2vVNhhahPPVwOczqheqeIFk5CzSreIJvx%2Bl3tIOCZvezw7uVlYKUuCDc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb418bb8569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21626,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x725, components 3","md5":"437c4f5c8e45fd0b324f3c0d6f1d637e","sha1":"b48ecdab0686dcb4809d7cfff860343e8f457fce","sha256":"55d51a4c47fb9b989bb66b0bd8cbdb3310c031807338e8d00e78f754b1876173","sha512":"0d34a6e0dd59436553918c37b6c408a4a1dbe72d6f6ac4389cd5b96a03638e999aecbc9cb59f069af3f8f0f3cc2ed2fb14ddf5d02ab9c8e3b5e798613ce73bdb","ssdeep":"384:QSK04rKsuCx/QcJKA3qlzsQ7QzzZTo9ok0vclVXJbAtMLiWgbjsHOW:QJ04QCFe/mlzzIN0vclVatSgbjsuW","tlshash":"a0a2e1934bb41abccd4c0371faea4bbb075e762e071607d52a90b555a1e3dc0bb404e9","first_seen":"2025-11-02T13:19:49.360539Z","last_seen":"2026-03-22T01:00:16.528563Z","times_seen":40,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/14.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /14.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"f450402fd24e0f465d8972bb61682514-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH4XEP9BW51080E7M3T9\r\ncontent-length: 32512\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=700n8PeSIhky00ciTznDKFpw%2FcWWkm%2BKOloFptRNSquMpz3WHWMAbXdXBozDYN%2FtboO9vnfs8O652Sizujnd7pyB5C0dSCU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb416ba8569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32512,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x731, components 3","md5":"81f03d12aa9b60d6ab51bcf9fc3296d6","sha1":"1cb263cedb44b8f9d83577254bf0175f32f15956","sha256":"a46883d95bc03cf7e661d0099a4c7c91ea30149070624c001b4bb535c62915a3","sha512":"c84b88749913d84f4af70314ca557fb99deab451b13e5bf34cbb3c01af3d36ed8f4cd75815b8daa131e42baf3606d43ccc519017eac139c79258158408f80dd3","ssdeep":"768:D7yzjEHNRi6RmejS30oZpagrE4VxIEahZWyIgmIC:vgEhRO30oZ1rnxXahZW3","tlshash":"3de2010a60721c5003de293ad9dd80a8e70982011d96776eac5b0c5bc7749bfffe954f","first_seen":"2025-10-21T09:00:55.153426Z","last_seen":"2026-04-03T10:23:16.353017Z","times_seen":56,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/16.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /16.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/23.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /23.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"68306a7d7bb91fbfd7946b2b65a9172e-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH21VYHGNV58WXBBZCKG\r\ncontent-length: 22084\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7%2F%2B8WrtgQz%2BX8O2Cibo6jAslthsOMCDB1JVfyUlYv6Dnb%2BENgyS%2FfJryTBgf9RabqvK2oFkzwpM5Ip9kKy70L0ZjOuwAFug%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb417bb0569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22084,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x733, components 3","md5":"971c3a3d92d3d933225b698d52d11d59","sha1":"3c5be70a63ed2cc138e70d27af2922373c3f69dd","sha256":"bad2175b76f86f59a72e7fafb360837dffd361493eb21f133ac871910f0ef4dd","sha512":"ed1cfa270c3ecbf1802a2b82d60954ccdaf9abb97981a78ed26584e43b0b5e881e2594f1b34e59c66dde9f6c44d38b4d116b0389d8b2660854acfd0580663a10","ssdeep":"384:scb11UY5FfSsp98FnYGone5AMoreSw55Wm2F4k37L6UvtJGKVRoqHx:Bb1RRGoneyZavkreU35VRoSx","tlshash":"b8a2d039ddf8d799e445813c0184ea754b593890530d29db4cb8862e372b6c73eefa85","first_seen":"2025-10-21T09:00:55.173217Z","last_seen":"2026-03-23T15:35:45.084977Z","times_seen":41,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/21.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /21.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"86cf81ef43a8ae57ed2b60e9423eb93e-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMHPR5R4AMRNBKS05N0AK\r\ncontent-length: 20947\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0kQ9ivd5iT6a2Yxty46ynKBErNqNkKT%2FsPTdR8V%2FzPVgzp5EJRIU4kNIn6YCt%2F3TUvOMcT1BSt9n9ulyRxwCGjzq19Iu4PE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb41abbc569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":20947,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"08323566ae7d668bfa413ddbdfa8d5ef","sha1":"49e79603a5b434efe722abfdc143e13860070ed3","sha256":"a75f896b209ef1a1eba27036dafc7c5d85525a5014fd83d678d0d26ce0e5b80c","sha512":"548a948e0c30412043d92b7ae6c0715961b6c80737325dffd773c9bf283b1cae3f80ecd221e9bdaad52b4ac12026c070ef490a7d6e6690869ceec621077e9912","ssdeep":"384:w5ypVZXIs7JKHRMXstOn+vCU7OmQtUwQ3edpWjsUKd0vCvW05ojnzWGPnhJw3bHD:QypHZKy8lKUSPs+UjWMfh+cI","tlshash":"6e92e1feb708f207ee572afec4605b42b0fc9a11b77185c8cfc9ec612554e0a686ca55","first_seen":"2025-10-21T09:00:55.121907Z","last_seen":"2026-03-21T11:41:49.711384Z","times_seen":47,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":590,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/14.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /14.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/22.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /22.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/20.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /20.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/31.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /31.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"9ced0893854d26f774f55eb64562bec1-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH5S01JNRTPGJCZF6K1J\r\ncontent-length: 34594\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6tqhJARkoE8pe7HuDdeRWdNdKAjGzpT4Co2ZDGjXLQ%2BzaRrlH9nC9o00MUIfCKcM1ZCDlm%2FIfWg0EZId68YFNMtkctl8hts%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb418bb3569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34594,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"071cd4c590665249d9ca3dab9432701a","sha1":"6f62ced86b7116f7cc1be59ecbac09492d9c7546","sha256":"319f9284752dd5e748db6927598850d58d6af32b8033c0ed8612ea0ddb31c8f8","sha512":"ee610e37cdbcd80ad29a026a96bfa0f84d8f1259d030e102112958839f3e0ff7f5b99f71c6e6c8ced7228e1b05507d11ed209ba7ed165c7a388162a59ac19fc2","ssdeep":"768:aAuyUbeP9DO2FL/zZQxLtFs963anYXP/KpJR2Eb:aA13P9i2F3ZQBt6MXP/mBb","tlshash":"42f2f29e8150d841da699f2d2ba05f0190b4fb4006ba45e3e5ef1811ef161e237fbae6","first_seen":"2025-11-04T10:22:13.262768Z","last_seen":"2026-03-24T04:55:36.088264Z","times_seen":21,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/11.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /11.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/12.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /12.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/10.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /10.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"f70f96c7413d6776556af4888aa8a64b-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH4VXFPWMF9319VC9AV6\r\ncontent-length: 35922\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kQM2aK3pUcMHIkasSyNn%2FJRP9aI4lrlkFnd71uOQzTuZAbfO5oe1hfTDVNZ%2FuPPuzu5EthPg2BJMLRABgMHJjBNK%2FmXLxro%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb415ba7569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35922,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"2a3148e611d35f8f015a33c942a58907","sha1":"fcb0aa1726b5a6650c74b98ab7d3ad8e4c514de3","sha256":"a9015c4e67b7b55ab36d506fa96d6bc14931855c3556ba192245af90c7fa0bc3","sha512":"3c356a1f197295f8eefb214330e6abdbd8cdb914139ace0a1a59900db3ad2a3810a10b601cc6678184fd92600154b65333e00a93a999e2787bf8b510f9014ee1","ssdeep":"768:Gc9RoEiuGGMGLwEnkt2gPuVkA+Tezo0DYXcf/MQNUL3/fjmq6:GcpiuuGpnkt2DnEezoq0XLzmq6","tlshash":"09f2f1a02acf7702d64158f555160f8cb76f59b8bcc4109f40a42cb7cfe6e78e9b2642","first_seen":"2025-10-26T02:11:47.783131Z","last_seen":"2026-04-03T10:23:16.44015Z","times_seen":66,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/8.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /8.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"f121e454c7ee9dcbeb3ece9f2557cd79-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH48FFMEGTMKW1CCN5VT\r\ncontent-length: 26305\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MGLJBBuFhap1wt2j7KkEDLw3SeS%2BqbIRa86sOic%2FwYSwNXQ3GFMht5FJuahYBi0cm3%2Fp%2F5cwu57RAGxzG6RZlJ1Hu5k%2BEO4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb418bb4569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26305,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"9c3fb377e87a07f40622c36fe4e7f987","sha1":"c3e88b3918ffb7c0a217e5678d3a8c1575e874f5","sha256":"259027187620c96ebcf1e2868ac6bb672acfe7d946c3279da753af4c491b0c3c","sha512":"9c04d4130f53ef04314ed750af48379f1ec0a9d920472d00423fa46f577c259b27310442ba592b54cb849bd4eb91420b7857d628c5e8e5ceb52923ae511dd3c7","ssdeep":"384:dDGWy8Phw0jlkW3TDJ48V6l3fy6wpdsV2ZnKSJ4p+QFhMvyQio8k5c4q3NMk:5GEPhw+3TDS8VLIUZKSUnMKQioh5cr2k","tlshash":"84c2e118ea5dd9efd7a4f735cde92b19d3428f2242cbca1d509284389d537f834852c9","first_seen":"2025-10-21T09:00:55.146944Z","last_seen":"2026-04-03T10:23:16.33472Z","times_seen":70,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/12.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /12.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"609d543cebbab30f4bc69b4e1b719fc7-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH4V7HEFRPPATWZGEPQ9\r\ncontent-length: 31551\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y6TmdQJvCPeGA1o%2B%2BISIfiFjI7vIZomOj1kGXPa088LyvUWSD1PchOvk63KLvGkLE2kbfmOE9Dw6wTu12peraV4f5ze2r%2BQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb418bb5569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31551,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"09d3a3522e1cbf8a506544bf5456a16c","sha1":"a5399f71718f6f28c09f0757aa18d9a05834e42a","sha256":"56e0f549a12bd5e212465aa356ba746663b504234cfa03d72373e68179a146eb","sha512":"e83a226ad498d6bd106832fd172d5ae3d2f22df021ab51d91a9786480c5bacc83bcfde6741b6fdc43245f989f3e4688f88cd2da06cf4424a52bbfdc66541c744","ssdeep":"768:+etVM8vftjHRIXmJEVANxpgcGum4BizUjlsajoctrhb:+eH9tjHN9TGum4BiIlrZ","tlshash":"f6e2f2bee0415910d11395656195f3cc8cf72b3ebb41d189fb625b60c314afaabc684f","first_seen":"2025-10-26T02:11:47.784589Z","last_seen":"2026-04-03T10:23:16.426092Z","times_seen":59,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/assets/index-BVLnqO0C.css","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:38.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /assets/index-BVLnqO0C.css HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Tue, 23 Dec 2025 06:16:38 GMT\r\netag: \"cf89ae121adc5c1efbbafe9572ea4b86-ssl-df\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KD4XMG53CCJ02S0S0E9J0JNQ\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GINMa%2BfSZ1b9xPtwyhmxvRz9ymTeGnT6bvMlsC9AQaqaIsxFoEkzG1wsL6FzxckbfpjS9wegaF9gpTEyb%2BAm4iGMeCsFXJ4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b25bb39fb58569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21765,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (21764)","md5":"0f362879bb2e5b99eb74bb041d1eeaec","sha1":"ff7b010345fb99c2d9ec7bdad68d7fb62a83e78b","sha256":"9f62799b790c2ff14d73eec5119f9380a34f98f2369c94ac61a232d752694d7e","sha512":"9720d1130cda84ee10eaae81244e8ee9ede5500c8e5d19d8090367f2547752726a651e5802d41c4e7fd8aac14ce6a6df79b458f13058fde60d641e0e1fb938b6","ssdeep":"192:O9JyW9JyyxwOeVMTQ3gB6pS2tDIncgadMkFIGsX/hrGsfyvlOVsff9:kwnMTQ3gB6lAcb6X/hr4B","tlshash":"ada2856a5a60103f7c13a1e5c6d5b56df62af0d0df3e56beac8611007be63f64c9b900","first_seen":"2025-12-23T06:17:11.779396Z","last_seen":"2025-12-23T06:17:11.779396Z","times_seen":1,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":103,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/5.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /5.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/26.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /26.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/7.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /7.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/15.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /15.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/18.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /18.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"eff8784543f65ee821c4180f92a53e98-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH4V2GKJCVMTAVPXVED0\r\ncontent-length: 35122\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0AXYWKNKcbWFxxszFts3eNSjoOFwsx0qwSJKGIuIGSnz4%2Fu4E6pdGI%2FRZ2OD%2BZJcVppCDsltxiWt%2ByuR1WXjoJC8Q16AUlY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb416ba9569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35122,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"2ab5990a44198068ee4a84949321244e","sha1":"e2577d1cc24fe2baec3ee4c5c16b08660c8314af","sha256":"9ec444ced011de319502bb82efb60169002269f59c67dfc2d8156f70c9516c96","sha512":"0f6c354e282ff519f8171d0ba8ac85768356da9cadecb650f84fc229df9a25d8c8ef44c9542d19ccdc3d7c113965d1352b5f22c2225b1e8b508c8d85c7cf205d","ssdeep":"768:rdPztAtjDXLZqbE9ecMt7JMX9Y//jPJ1EUFbNY5WPrjTvV:rqsbE9fMt7JUYrJyoJYAPbV","tlshash":"1df2f15c3b9199e293f500f464835025538dc0f3948e6b2eb5d106f9e8feaf68854f8b","first_seen":"2025-11-02T13:19:49.358604Z","last_seen":"2026-04-03T13:50:18.749077Z","times_seen":53,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/28.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /28.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"511f6205816018bd670076ae9fff7f78-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH52Y1HWHG37DMFD08AM\r\ncontent-length: 40714\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=639igcOmo08t%2F9B3v5giUV%2FtmU%2FqB0amYbx9qDWl%2F4wJgkTnwH7B1DIT2%2Bog07i%2FmoRYyfdDvCeInsMdIgKcbjYabnjDpx4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb419bb9569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40714,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x742, components 3","md5":"485bfa72961bc7db5b54d5c02f0847eb","sha1":"a7990ce4c5590aeb6dbc005ecbb61cdc29b98902","sha256":"4e44c66839c2a177270e93ffbc72db14966d104de64ddff55b8abb218cbe39d2","sha512":"2cf5a8804e65b23d438c4413322a90dbff6902ee5760d29a15f30087e25c2b8922169d88fe370648291197c28fa8712ed311398d760641c90db94437a2e93f65","ssdeep":"768:x178A8hY+aPqIxyslZ9J9FXzIea/2FCH0y8S8PMLknkkGHg:586+aPjksl7tXzIeK2kD82kkkGHg","tlshash":"3903f1a6c6af53cfe2c5fbef16b586e421816d414a17c5906721c649e03d89a38edb30","first_seen":"2025-10-26T02:11:47.771075Z","last_seen":"2026-03-24T04:55:36.088816Z","times_seen":31,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/25.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /25.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"a568466f46ef3654dc3199d91b095257-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMHA6HX71VGZF983JENV9\r\ncontent-length: 18432\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o16K2mIc6%2BmfOowQVyBYugqPVVNym%2B%2Bu4mVSu6LnBqvYkf5PBCzSpttZYUugaCtziHd2RfrAoIhjRqY2FxomVUXKii%2F6DNs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb41abbf569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18432,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"f237169cc7d0be9fb3fb6962640bb460","sha1":"5bf1674fde858c727063da240e8c889a62caf04d","sha256":"cbff13ab0581cec0cedca7b231e539e17a349b3e081665fab1d1c1f86df577d9","sha512":"e0f22b0557d4ca4626e7dd980b62db7fc8be2fbb5f92b3fa7bb8b67b6e805857e04349437fca5859f55e696036fc9526ddb8cb874c3e28bb4d99c9e72de81fba","ssdeep":"384:O0CJNb1wOuQ6kloHovE1UnTxAwi4AnPYTURGmj6ZG80/FBX8:JCvb6DklXvEyTuP4AnPYTUIM809K","tlshash":"4a82d0890bb66d38d200487df2bd2f09b1604f256cd01bee3bda85bd9d566b80b814de","first_seen":"2025-11-02T13:19:49.337686Z","last_seen":"2026-04-03T10:23:16.354857Z","times_seen":30,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/4.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /4.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"78728b501b5aba442a7f2ab9a9694ea7-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH0RTV80Z17DQBRX6D0G\r\ncontent-length: 35012\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AVcohreyieEp4rU6qXM8NG%2BqJV8ABlWAypezGs7tqjciOFH491Zq0TC8S9IHVr68JhCl9uJEyaLEIbeSSw%2BLIvp5ovaA4Y4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb3fcb8c569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35012,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"3d104b8512114e0cb36bb81532d4d3d9","sha1":"6f08ebaf873e9084d1d77d0d52efce8ce99d1dc0","sha256":"766f7531e0a898ea2018b1e78f15c9243e0e4d9e05bf84aed4ad89eb130f73bb","sha512":"763e256974764444a5d40382e089b777abab5fc1a91815f3557df893b663f178e451adf179006c9430ca26407ca32cff76fa8c37e3039f69dad0d408d5114d20","ssdeep":"768:9RZ81wE9nyvPLDaUsjdacthazHsZzQGs+uGfKdENET3sEb2+:9R+2E1ynLDdydvhLZzQGs19dWrEP","tlshash":"6af2e16c87fb8ff3f84b6c64d1f4d0f9920479ab648e6378358484532787ac54a21987","first_seen":"2025-10-21T09:00:55.141097Z","last_seen":"2026-04-03T13:50:18.717486Z","times_seen":72,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/6.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /6.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/5.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /5.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"528e333e8d2c2dbaccad004a0c2beaa8-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH4DNC3SBZ70B1V05PVG\r\ncontent-length: 24936\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0yswP%2B1uS7WYkY2elKRDnaN1exyJAaeRDn2E3hp3pWwEqSm%2FytWA8AXNGCsO7%2BflS4J52PdLHDQo8MgKtB01pnBg1krBydg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb415ba5569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24936,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x751, components 3","md5":"00e1a0b301529fd948a60b92e0b709f5","sha1":"89e4d69d291d3b7608ac0bb7b72a43419bfe273f","sha256":"c19be3076f4fcbd97c66147350090e01f9e6da68980c71acd5fa10cec98f46b3","sha512":"d1290fe4ea6c2b78a3cd4f989073a86f069c5bc1bb476b813bdd59e21617fe1072c3f59b45bb7ef2ab225ef25aadf2eeeb5859a8c39c350942d24dd53cdf2628","ssdeep":"384:kj+qykArWNNrJnmL6dDoTfOJSv9GfVfyWvkjcTpBR51DEdf8CJDlT+PL/5PraSDR:mJyjCn+yD6GioR51AN86T4NPrlDnwzLO","tlshash":"fbb2e137c387c060fbf089b568ad2231a8979e297647537936ebc8a78ed25817246c46","first_seen":"2025-10-21T09:00:55.159103Z","last_seen":"2026-04-03T13:50:18.75498Z","times_seen":72,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/7.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /7.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\netag: \"61ba27b9b2099bcad4bc6d909686814a-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH092914RGARFAHPAFYE\r\ncontent-length: 35738\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wuNKCEQy3jMPW4jk5XRoz0pKNag%2Bq7uoYgE0XHrqqNEYDuyJ1JQXxoHkglLWQd6qSFLKJwGeoPYiJa3VVx3J9G%2FJwLluwsQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb417bac569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":35738,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"c285d385c0560b4d3e98543f19d3fb26","sha1":"bb526dcd2a83c18c81384ab7a5ca4735b196af16","sha256":"6c6a14472f906ce8384ec75b3470978ab63fd54addfccac089e49e8b0c64d0bc","sha512":"b3922437a597e201308f009b19074aa6c7c1614c10f7d035f55767bbe5245b6e8a6892e43f3fa1cd45edce06ffe4b99be1faf9e569bb22f20715b7672f52cfd4","ssdeep":"768:7SgAmck/T9ZIemdRspgwCDKqFKVqQj7hQtzl33dUeRCAns6AcmmJJdNG:vT//xKemdRshpqMj7h4N3GWs7cmmJnNG","tlshash":"d9f2e12ea3f1c26cb12313acb6c0c37b39755397478351fa76b902157413d9679c9a8b","first_seen":"2025-10-21T09:00:55.130871Z","last_seen":"2026-04-03T10:23:16.438384Z","times_seen":74,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/19.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /19.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"4a4b8d7ac1e1a0d1f3f01f7876785fb1-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH5JWA028BB4A4V0AKCS\r\ncontent-length: 41312\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H8w8DojYVyXXV7%2BAbb%2BIXp6Ea9xT%2Fcu0p6QfXgGyYV4F3T3FvnbtHMkbZDfZMRFl45RWM7OW8L2%2BzhpIwG4L1XjXIgFfgdU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb417baf569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":41312,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"c2f5121a4658e3937d5f36622c565691","sha1":"c48e76d3b5a20f7783ef8c3bb9a754192efd7070","sha256":"c44a367e881afe2498db78a60b443c72a2e2d00517eacf458796563fde9a9304","sha512":"e86866930995cd1f4d88c34ea44419735b763aec276034f3ca79b1995e4ccc5ecbd5d4ff72d1322a218a98036adabd42629be5239236e93abdebcf652190e984","ssdeep":"768:DnZ4DK9g7YCS7gXuYpMk0ZbdeQeH0eDWPeo4gypi1bzc7xq7YtY5g:DqDvnSkXYIQeH0eiW/41bzcxqo/","tlshash":"7e03f1f27ee242d5fa10f6265b29107dae821f8dc43d62fc74ad944cbf62094b6845ec","first_seen":"2025-11-02T13:19:49.321227Z","last_seen":"2026-03-24T04:55:36.083727Z","times_seen":48,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/vite.svg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /vite.svg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nCookie: Hm_lvt_be7f1bed0ea34802e76071d00ab820d3=1766470600; Hm_lpvt_be7f1bed0ea34802e76071d00ab820d3=1766470600; HMACCOUNT=98E57CF752003DA6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\npriority: u=6,i=?0\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F1B0lnY%2BZOCI3iIDfsGwEJUxCEXu8h3B%2FTq7L2E77vowaZNRXG0eJSRxZD6DqcmQX0uWarNVwP1t64taG74K3r0tMmAd64A%3D\"}]}\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KD4XMHT3GKCW4ECWB533M8RS\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\ncf-ray: 9b25bb452bcb569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2037,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (441)","md5":"917acdca757ccf68194dfc9500eee136","sha1":"5d6de2aed482f7bbf68a1789640584cd019ca3ad","sha256":"b02755bb1589281362d3ab674a1c6295d5a20a33343102e4e69a77d87cc941fd","sha512":"36d5aaf6b984f0eca518ba9ed0b5be8dd139483165554d88ec63921363c32e78cb9c649f5fb2b93b4c82455230b16eeae857d4e4cfbbb7f61fd807de4f99f3c9","ssdeep":"","tlshash":"96412f2b9e944819435441761df4eb7ca123fbc8634dd601b0ee906a4b55feb0c97b8a","first_seen":"2025-12-23T06:17:11.791054Z","last_seen":"2025-12-23T06:17:11.791054Z","times_seen":1,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?be7f1bed0ea34802e76071d00ab820d3","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?be7f1bed0ea34802e76071d00ab820d3 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11289\r\nContent-Type: application/javascript\r\nDate: Tue, 23 Dec 2025 06:16:40 GMT\r\nEtag: 1ff8c0c466a4fbc37f2960bd51dc1c9e\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=98E57CF752003DA6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29895,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (619)","md5":"617d7302321098e74378c7e76acb6fbe","sha1":"685bb0fce25fbeff8173a8f6b4efc6ac6fd89c40","sha256":"ec8747c8b558b11dc2f275c123aa6682b67e83d35eabe48b754e501adc2e375e","sha512":"37077c2dac46684cf9da4d7155d8950b8e9caae9335a309c764a54582e1633dab0ff6703e412d64d8384aea6152db4049fde866a21ef739b707cec2ecc7d5e2d","ssdeep":"384:XFHJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:XFH4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"3ad2d9a9b282713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-12-23T06:17:11.791888Z","last_seen":"2025-12-23T06:17:11.791888Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1875,"timings":{"blocked":777,"dns":1,"connect":254,"send":0,"wait":319,"receive":1,"ssl":520},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/1.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /1.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"7b3c89afc771ef54a29c92749de9523e-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH41Q0J337MW5SNE9SBN\r\ncontent-length: 27665\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3vY86J9aGg1cGCNNXX4y5nJlJP1XRkmfA3kFBWJkhVoVlA8bCLTMqvpbWudHG1wnkzqLMx95Pkjm0%2BXSx9Y%2FkxmZiQY39LY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb3fab89569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27665,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"10ee0552448ef8549d22fc25537faf5d","sha1":"9fa895f89eba947de32708f2744f421d7f7fe89b","sha256":"79ebccdf4d5bea311f02f72d45bb0b0a25b9d1539e3ab48a0f6eedc0f031868c","sha512":"6ba53774e557ceae97196c30abcab6c5a8b0a71280ca10326b27404f2bd0aa0c097e628b4fba7fc35e6be5f73c1409b310dc5ca2e67f33d70f9daf37f02fbc9f","ssdeep":"768:xcn66C3KE2SmvGpoyI4qVwdC7QeMBMBs8Bh:uI6cxhI4qF3YMBs6","tlshash":"eec2e1feffa94f8ff07af660125c2306ab844a5b68814150e2d80654e9f649cba5f904","first_seen":"2025-10-21T09:00:55.150023Z","last_seen":"2026-04-03T13:50:18.746718Z","times_seen":78,"resource_available":false,"data":null}},"time_used":435,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":413,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/29.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:40.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /29.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"1294d9e75ba5c706b8e49a0ba9fee8f4-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMHA6CVC7B6JDAH1Y8B9Z\r\ncontent-length: 23634\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=653pVEBSar7z7UO7fc%2FqpiXDyjfr3NxW%2F0c2lHxTyPeZ894SWB4SRQgth%2Bwj%2B7H3B591eunHdVSqNWZ5DgcgoxIKPOJi%2F5w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb41abc1569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23634,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x767, components 3","md5":"f68b01aa6d5266224eb77271b99fe7e0","sha1":"023e68d6e91536566004b739e0b47e37ba75dae6","sha256":"ac9362e31d768b606f8ddcb0a7596917c8312d1ae36c551b275797a58b463216","sha512":"85e3005ed03456b19f62c74d757ee31542b3feee4ac10eb4eecf353145b0533c3acdf4412943d07bb7ec82b5f04369188814ab0e619810d71000d159bd20716a","ssdeep":"384:fVLBXcIPOosJMwkJB1WLtLagGsbhjflEIuCKEYxR7F4X+1nnBWKvGW/c:dNcKsRkJB1ITJVZEIKZF4X2Y","tlshash":"54b2e14991cf2f3ad9a08370864bec01d61ded42d9acd6dafdd8066722dd6132b792c0","first_seen":"2025-11-02T13:19:49.333446Z","last_seen":"2026-04-03T10:23:16.348064Z","times_seen":32,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-23T06:16:37.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Dec 2025 06:16:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AahCR7UqnOU7YBaYQkKY%2FfRQRy07QC4zIsJOVw3Wfjilh04x%2BMdzTXDuzvU7zwnUH8Cj2vrVYG83uaz%2BRWoBuITdqJXsyOQ%3D\"}]}\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KD4XMFK35V01Y8DXS0CJPSJT\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b25bb35b88656be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2037,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (441)","md5":"917acdca757ccf68194dfc9500eee136","sha1":"5d6de2aed482f7bbf68a1789640584cd019ca3ad","sha256":"b02755bb1589281362d3ab674a1c6295d5a20a33343102e4e69a77d87cc941fd","sha512":"36d5aaf6b984f0eca518ba9ed0b5be8dd139483165554d88ec63921363c32e78cb9c649f5fb2b93b4c82455230b16eeae857d4e4cfbbb7f61fd807de4f99f3c9","ssdeep":"","tlshash":"96412f2b9e944819435441761df4eb7ca123fbc8634dd601b0ee906a4b55feb0c97b8a","first_seen":"2025-12-23T06:17:11.791054Z","last_seen":"2025-12-23T06:17:11.791054Z","times_seen":1,"resource_available":false,"data":null}},"time_used":474,"timings":{"blocked":44,"dns":28,"connect":1,"send":0,"wait":385,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/18.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /18.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/8.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /8.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ecmnulquvpwnhuahbege.supabase.co/functions/v1/serve-ad?id=113fb970-23a3-49f2-bdd6-169e3b5a90d3","fqdn":"ecmnulquvpwnhuahbege.supabase.co","domain":"ecmnulquvpwnhuahbege.supabase.co","tld":"supabase.co"},"ip":{"addr":"104.18.38.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:38.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 04 Nov 2025 05:55:42 GMT","end":"Mon, 02 Feb 2026 06:55:37 GMT"},"fingerprint":{"sha1":"33:68:A1:C7:49:64:01:B1:A3:3B:81:D7:B1:D2:49:31:2C:87:6B:F1","sha256":"E2:EB:A1:97:D9:82:94:FF:30:7A:82:5A:54:85:51:A4:D3:92:50:D7:0A:F9:7F:C2:2A:77:63:FA:14:0C:55:5D"}}},"request":{"raw":"GET /functions/v1/serve-ad?id=113fb970-23a3-49f2-bdd6-169e3b5a90d3 HTTP/1.1\r\nHost: ecmnulquvpwnhuahbege.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Dec 2025 06:16:39 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 41\r\nserver: cloudflare\r\ncf-ray: 9b25bb3a0ad40b31-OSL\r\ncf-cache-status: DYNAMIC\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-content-type-options: nosniff\r\naccess-control-allow-headers: Content-Type, Authorization, X-Client-Info, Apikey\r\naccess-control-allow-methods: GET, OPTIONS\r\nsb-project-ref: ecmnulquvpwnhuahbege\r\nsb-request-id: 019b49da-4052-7e65-882a-139b07cc870e\r\nx-deno-execution-id: 7815eaa8-1e76-42de-9ec3-591b270b15cf\r\nx-sb-edge-region: eu-central-1\r\nx-served-by: supabase-edge-runtime\r\nset-cookie: __cf_bm=U.v9iTZVOrfQ72wsv2bu95X_PXb9wn7r.tDC2LDQNk8-1766470599-1.0.1.1-4v5GQIK7UBb8SUjr680lN2beft4uTisWVfXorOBhBdpgDlOERdM.lDjmjXCL_2XHi7trQkF8kB7hEhgvQDWnovUzNBmgf69gDirnfBCPKw4; path=/; expires=Tue, 23-Dec-25 06:46:39 GMT; domain=.supabase.co; HttpOnly; Secure; SameSite=None\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"550c512dac7b084bd6b8b0dd2f7e181a","sha1":"59b6f57aedec8a890c70b4446766614db7b6ac02","sha256":"a978151a1e004a0ef8e5d9a0bd67e38663594c444be7cb3bc44da12de175ee4b","sha512":"112643936c4c5627f5328084ad0f50ee8d02b318e809d296113df7cbb1d867d7ba4824ee327fd918792794c1f56b9751b4f80b9d1f5d80ea25052b1ee9136a1c","ssdeep":"","tlshash":"a970000300003030c00f00c00c0033c3c033000c300000c000ff00c0cc00033c0300c3","first_seen":"2025-11-23T16:09:51.634119Z","last_seen":"2026-01-27T03:44:38.665203Z","times_seen":34,"resource_available":true,"data":null}},"time_used":499,"timings":{"blocked":7,"dns":22,"connect":1,"send":0,"wait":446,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/22.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"104.21.76.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /22.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/jpeg\r\ndate: Tue, 23 Dec 2025 06:16:40 GMT\r\netag: \"b8bda1b8f31ac1467ef44332badc4a8d-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KD4XMH52BVBDYMG8KSY8Q972\r\ncontent-length: 37964\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1jzb%2BiLkXqZFzdHJcuoL4DUyTvyWPNsXM9ZSiB20U3dhNkfHJXi9mr6ifuZARxNIn7fwOtKHxaq%2FAyAvXxRuY%2B8ijeFP8hw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b25bb416baa569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37964,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3","md5":"f51a5651d0b8eeb42e1c7e9f09a02ddb","sha1":"225eb492cc9f4821111c20998ab4ed257745fc70","sha256":"bf9a2d83f85e98fae2aef59885b39071fb980d479f198dcfd89e0cf39dde7922","sha512":"f143afd6251be96550728bbd47c9d351a25d7b270d94e93d0da741770695a7f568881e1ed3e59770dfa7df1b4fb29975ea3e09fafe874ddf2e348fad109cae87","ssdeep":"768:1YqV6yqMLfjOC49TsCn+cwL0yAIHrfDPfqXcnEw9ow:jVDqCrOBJZ0L00rDPNnEw9V","tlshash":"4a03f19d8f6c093787a79df1d360d3e23b3a931983e7ba765e85105619fde800708c1a","first_seen":"2025-11-02T13:19:49.349414Z","last_seen":"2026-03-23T15:35:45.08153Z","times_seen":45,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaztl.com/31.jpg","fqdn":"xaztl.com","domain":"xaztl.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaztl.com/","date":"2025-12-23T06:16:39.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaztl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 15:20:43 GMT","end":"Wed, 18 Mar 2026 16:19:17 GMT"},"fingerprint":{"sha1":"FF:54:01:36:EA:F8:92:B6:84:87:40:59:F7:EA:8F:2D:CA:66:00:44","sha256":"91:1E:8E:E7:FC:5C:B2:C2:D5:30:65:45:05:48:CF:E1:F1:74:59:E3:1F:C2:1F:66:54:30:1A:6F:7A:44:71:13"}}},"request":{"raw":"GET /31.jpg HTTP/1.1\r\nHost: xaztl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaztl.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T20:30:56.573385Z","times_seen":13302581,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"xaztl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}