{"report_id":"cfdc1fdb-56c7-4fcb-b449-ef3c1a2a767c","version":6,"status":"done","tags":[],"date":"2025-10-24T11:25:54Z","url":{"schema":"http","addr":"capitaltop-lendbeam.sbs/","fqdn":"capitaltop-lendbeam.sbs","domain":"capitaltop-lendbeam.sbs","tld":"sbs"},"ip":{"addr":"172.67.149.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"capitaltop-lendbeam.sbs/","fqdn":"capitaltop-lendbeam.sbs","domain":"capitaltop-lendbeam.sbs","tld":"sbs"},"title":"Capital Top"},"submit":{"url":{"schema":"http","addr":"capitaltop-lendbeam.sbs/","fqdn":"capitaltop-lendbeam.sbs","domain":"capitaltop-lendbeam.sbs","tld":"sbs"},"ip":{"addr":"172.67.149.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-28T11:25:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-24","alert":"Sinkholed","trigger":"capitaltop-lendbeam.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-19T22:12:35.4735Z","alert_count":0,"request_count":1,"received_data":1251,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-19T22:12:30.612025Z","alert_count":0,"request_count":1,"received_data":129187,"sent_data":556,"comment":"","tags":null,"fingerprints":null},{"fqdn":"capitaltop-lendbeam.sbs","ip":{"addr":"104.21.55.175","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-23","domain_rank":0,"first_seen":"2025-10-24T11:25:54.752856Z","last_seen":"2025-10-24T11:25:54.752856Z","alert_count":3,"request_count":3,"received_data":24603,"sent_data":1404,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"capitaltop-lendbeam.sbs/","fqdn":"capitaltop-lendbeam.sbs","domain":"capitaltop-lendbeam.sbs","tld":"sbs"},"ip":{"addr":"104.21.55.175","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-24T11:25:32.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"capitaltop-lendbeam.sbs","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 15:25:36 GMT","end":"Wed, 21 Jan 2026 16:25:32 GMT"},"fingerprint":{"sha1":"71:64:12:3A:87:D2:78:62:72:14:59:4F:12:32:1A:CD:AB:B0:6E:BA","sha256":"34:D8:F8:8F:4E:00:62:2C:F4:55:C4:E0:92:0A:2C:61:43:6F:82:DD:5B:C0:15:78:83:B8:11:FD:7E:CA:4C:68"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: capitaltop-lendbeam.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 24 Oct 2025 11:25:32 GMT\r\ncontent-type: text/html\r\ncontent-length: 7404\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qipf0MXYi3aOaToDm85zm1wbGMamshxiI3i6YVreBgBBUWjx2C0vxxY%2FagyTiIopBjscNMKHyjs1c9uwsATuMYJW0ug9m9VcShWQxNTcBRWYkMisjOBt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 99391d358d0a723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7404,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"e2d7d9fd8810c03a4b7e0795300b4b4f","sha1":"448d05b559e34b2e6a2c2bb57db4d972fc0febda","sha256":"16d8fa1f824c0b953cd2987d6933e75bd312e0e24f1130fc6154c88c5beffe53","sha512":"4c962a7227fc4595a9514ed54d14d882676d5a7cb635eff3b54b224404e22fe57e9707f6e02a789a09ef21894af44a2e1b22758648a8e2d61c1f4464f096a94d","ssdeep":"96:3UQjezdx91EF1qWaiFFNqFS2Fdm0AFdHju/aU6yZTuqRjoPW+:ECsx91ErqWaijNqFRmvTUN6yZTuip+","tlshash":"6be1c08b49e71105a903a4396ffb275672d5d403c50ecda83e9c128ccfcaa95a9e37cc","first_seen":"2025-09-21T16:15:54.061399Z","last_seen":"2026-04-23T12:18:49.825228Z","times_seen":45,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":45,"dns":27,"connect":1,"send":0,"wait":50,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-24","alert":"Sinkholed","trigger":"capitaltop-lendbeam.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/icon?family=Material+Icons","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://capitaltop-lendbeam.sbs/","date":"2025-10-24T11:25:32.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /icon?family=Material+Icons HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://capitaltop-lendbeam.sbs/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 24 Oct 2025 11:25:32 GMT\r\ndate: Fri, 24 Oct 2025 11:25:32 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":565,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2b7a8d84952a9183b106df19f711324e","sha1":"a92c5e12b422bba9ebb447e1852d9681487361bc","sha256":"282801a0d182035440d5ef6d429d227126d2e6720a52b91d31a7d746c758154e","sha512":"d7ef3f86fe9fa5730a118c688b8f779e82ec3695df5ec48953905ed078ef4d78a3c8005021574d936f69ff0467968b6e68fbcb0680894470abf8f26200af2e0c","ssdeep":"","tlshash":"c0f0c064be0a988566110c42370f3f164d1d401fa80ac8fe8b911d4c8cff1bb134670f","first_seen":"2025-09-17T21:11:07.996842Z","last_seen":"2026-05-02T15:36:56.222102Z","times_seen":38152,"resource_available":false,"data":null}},"time_used":455,"timings":{"blocked":210,"dns":1,"connect":20,"send":0,"wait":33,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"capitaltop-lendbeam.sbs/favicon.ico","fqdn":"capitaltop-lendbeam.sbs","domain":"capitaltop-lendbeam.sbs","tld":"sbs"},"ip":{"addr":"104.21.55.175","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://capitaltop-lendbeam.sbs/","date":"2025-10-24T11:25:32.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"capitaltop-lendbeam.sbs","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 15:25:36 GMT","end":"Wed, 21 Jan 2026 16:25:32 GMT"},"fingerprint":{"sha1":"71:64:12:3A:87:D2:78:62:72:14:59:4F:12:32:1A:CD:AB:B0:6E:BA","sha256":"34:D8:F8:8F:4E:00:62:2C:F4:55:C4:E0:92:0A:2C:61:43:6F:82:DD:5B:C0:15:78:83:B8:11:FD:7E:CA:4C:68"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: capitaltop-lendbeam.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://capitaltop-lendbeam.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 24 Oct 2025 11:25:32 GMT\r\ncontent-length: 15406\r\ncontent-type: image/vnd.microsoft.icon\r\npriority: u=6,i=?0\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"18c290384d92bbb43ed2f8f4ca34a6e3\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AqNCTb%2BRmWditRg8N%2F1%2FT4rU3SulN4u6fcb%2Fr5w4pEHl3MHzIdVqfgnOzv5%2BPuCW1QxmoMPzzWw5Dnyek7UInwwNqBIKttOOE6HcmMrXLGF%2B7LPrhQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 99391d376fd656c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"c17813286fa1b7242f2c5b6946998c74","sha1":"11a6ded6effcfb575c0a8578e43c9b856bd480f9","sha256":"f69a313141c32546b5267a7fd80e1a4f54f5a883710473704806586d1e32327c","sha512":"2c2501a25b5e790d27a4fb671f847bd79ad617d7553d290218e26e3e2535de20d68a3cacf242d232b8cd09b847890d4f241e2cd5ee8a36b8b0271a9f6c61e3f3","ssdeep":"96:hXb6ixKmkFLDkX+aX++XDGlygpX+++u+9+++ELM+uX9cAJoujXbWxKHMpua2v+3C:hXtxKxsDc33NGKHMMHlOwu/GkfIGi","tlshash":"6262c864b7256025c460cdbccaa5c9f39dc8bf8c4251da87ff73be5e364e40b998a214","first_seen":"2025-07-30T18:08:01.875913Z","last_seen":"2026-04-23T12:18:49.829435Z","times_seen":84,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-24","alert":"Sinkholed","trigger":"capitaltop-lendbeam.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"capitaltop-lendbeam.sbs/image/home-bg.png","fqdn":"capitaltop-lendbeam.sbs","domain":"capitaltop-lendbeam.sbs","tld":"sbs"},"ip":{"addr":"104.21.55.175","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://capitaltop-lendbeam.sbs/","date":"2025-10-24T11:25:32.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"capitaltop-lendbeam.sbs","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Oct 2025 15:25:36 GMT","end":"Wed, 21 Jan 2026 16:25:32 GMT"},"fingerprint":{"sha1":"71:64:12:3A:87:D2:78:62:72:14:59:4F:12:32:1A:CD:AB:B0:6E:BA","sha256":"34:D8:F8:8F:4E:00:62:2C:F4:55:C4:E0:92:0A:2C:61:43:6F:82:DD:5B:C0:15:78:83:B8:11:FD:7E:CA:4C:68"}}},"request":{"raw":"GET /image/home-bg.png HTTP/1.1\r\nHost: capitaltop-lendbeam.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://capitaltop-lendbeam.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Fri, 24 Oct 2025 11:25:32 GMT\r\ncontent-length: 10\r\ncontent-type: text/html\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x5AndDuc60Ul%2FooeogKax1I8G3idjxlwIyyLM3fw1LqsN8V3XoAEDQ6WM0i3%2BSAl4P7SD2%2F0NJK5zoE1yXTWtzNzEhXHKlDs0RqFn3us5AXmlmCaDw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 99391d38bfea56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"a7c76740ae5df310c149beff07bad963","sha1":"d899757b6c54cb65d37e4c28e42e6a2e575b0124","sha256":"e09199096bf39c7a910475a5d899bf71da41a4958604497a8793c54e9257c1a6","sha512":"b07f9ab5fd0add92006c03a0d2126ff7110f167476c279f0d01c55827df4c9517d73cb13fbd26f1b2e7da2c3a7ec86738d7ec2f585f84340971a410f4c82347e","ssdeep":"","tlshash":"d050000c0003030c00c0003000c00030000c03000c0030f00000c00c00000000c000cc","first_seen":"2023-05-09T18:46:58Z","last_seen":"2026-05-02T01:25:45.894858Z","times_seen":95,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-24","alert":"Sinkholed","trigger":"capitaltop-lendbeam.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/materialicons/v145/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://capitaltop-lendbeam.sbs/","date":"2025-10-24T11:25:32.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/materialicons/v145/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://capitaltop-lendbeam.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 128352\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Oct 2025 12:45:13 GMT\r\nexpires: Fri, 23 Oct 2026 12:45:13 GMT\r\ncache-control: public, max-age=31536000\r\nage: 81620\r\nlast-modified: Wed, 17 Sep 2025 16:29:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":128352,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 128352, version 1.0","md5":"53436aca8627a49f4deaaa44dc9e3c05","sha1":"0bc0c675480d94ec7e8609dda6227f88c5d08d2c","sha256":"8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1","sha512":"6655e0426eb0c78a7cb4d4216a3af7a6edd50aba8c92316608b1f79b8fc15f895cba9314beb7a35400228786e2a78a33e8c03322da04e0da94c2f109241547e8","ssdeep":"3072:b4XkN5u3RbAR2r4lJ8FBnP7fNblbKBRvqy:fGdA8FBP7fNb5y","tlshash":"91c3231efc32af9a2e1724ec288521809c1e92fbe0b3512cf565f437e76517d999ca09","first_seen":"2023-04-05T13:19:11Z","last_seen":"2026-05-02T15:36:56.320271Z","times_seen":55377,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":105,"dns":0,"connect":20,"send":0,"wait":22,"receive":54,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}