{"report_id":"d0db4ea3-5cc1-47ab-99ea-f783eb003e99","version":0,"status":"done","tags":[],"date":"2026-06-19T12:28:42Z","url":{"schema":"http","addr":"lp-dialok-rs-pf.btg-goods.xyz","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"104.21.84.195","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"title":"Dr. Branimir Nestorović | Facebook","dom":{"size":83160,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5373)","md5":"a63627f1a0dc3f37f8428aa49f5738c7","sha1":"233516fabe8f823b6feda7144a8be183b49519a6","sha256":"070bdc7e7aa87e2c0e2a0bdead956793806909f6440324e2f9a5c1bf6af78e45","sha512":"c9637f83ecb3587a38fc2cea389f4f1dc2c59f5ff45e2e52009458afb346b013cf8f2326b0f9c767ebce2eb71993a9704e73ed200ba845c85940ae65ee69c810","ssdeep":"1536:rMD69kpekW/VvWVP9kpekmNUsOzMQVgZEG8uJPsqGvx71ZONKlLbRw4epM+y99im:OOzMQYM0sJGtO+aRW0","tlshash":"0f831971d9f2455f16ebc4c0aa723b1b2f98954fe9428d6031ee1ed18fcbd41aa138d8","dom_hash":"domhashb89dc527eead5a0cef3e6b3a7c0c7464","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"lp-dialok-rs-pf.btg-goods.xyz","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"104.21.84.195","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-24T12:28:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"lp-dialok-rs-pf.btg-goods.xyz","ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-30","domain_rank":0,"first_seen":"2026-06-19T12:26:55.100204Z","last_seen":"2026-06-19T12:26:55.100204Z","alert_count":54,"request_count":27,"received_data":2843177,"sent_data":16459,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"maps.googleapis.com","ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3442,"first_seen":"2012-05-22T14:23:23Z","last_seen":"2026-06-15T07:46:27.139033Z","alert_count":0,"request_count":8,"received_data":1311881,"sent_data":4076,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/controls.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bd5d9005e163d9687668d2de6ed64b86","sha1":"06f2d0835c52066638d0c4601ecb82447675ca92","sha256":"d0b23d2d6328ad8087fad3f7037f97eada31e9dc7f019a1bb7d3fb3c22b6b6f8","sha512":"b1924b37ba359fd92cc82e4cf23df254743137b99ba4dd93293e2299c4935d2afbe5c484f4e34868b1299150f56c329469b3316159ddd81cd8a0bfdf98fcb22d","ssdeep":"3072:ISDus9Out9gBohWC1W8u8dy6gI94lNuVzrM7+LDxIHRntqfvpALNQ9DFBsBy+f2s:ISimaBohWC1W8uYy6nqlsM7+LD+XKZMn","tlshash":"53a3d774322b2237c9f5c499a16b46067064e25ce201466e3ebdddf666eccdb21fa730","size":102268,"data":"","first_seen":"2026-06-17T17:46:14.85455Z","last_seen":"2026-06-20T14:58:14.145181Z","times_seen":289,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/util.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b3e92a7978679a324a07c02d7302b85","sha1":"3ab3c7d7e02bc9b1819bcf30e2f977a271e41c8b","sha256":"a2198bf601b6e43b6f5ebcde16b2751eff12a30596166f900a96d3c95196368b","sha512":"2ad732cdc896455b6bc723cb16df08dae3775c18a3f876d0f8957e34784c2e945b8f2d93dfa1247fb5544e9099634332989ad2a07896c95d3f132e803b392455","ssdeep":"3072:uRf0aaw8H685PBlvJG7NJG7A8kwyuZmBF/QS3:Mf0aa9PP/ECk8kxu0BFoS3","tlshash":"f264d77c72316b0ee973c85bc627300e90257edbfad488bdeee55146da54988f0e4a34","size":316946,"data":"","first_seen":"2026-06-17T17:33:48.113419Z","last_seen":"2026-06-20T15:01:49.107282Z","times_seen":500,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"00ea0c3749b55479a92e07ff8b32a57f","sha1":"557344fc7915e1ad60ca58266dfefc99a0262116","sha256":"fee2871c6f7f3d37170db85193a349aa2ff64c9cbb6b20fa1cbd256dbf7204ef","sha512":"68c8ac3060cac7fbe01ebbba86eb9d1b553f9fb67dd18a05a0f707d3503fd5b3843e01072d911ce44cdbe1b380a0b0592142df3a2d836435d483b7d7025d737d","ssdeep":"","tlshash":"479002015511255aa11510d96934c15d2575e065e94aa620280e0a0000815060548505","size":45,"data":"","first_seen":"2025-10-03T10:40:48.512141Z","last_seen":"2026-06-19T13:21:30.873287Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a3456704bc59be275084cafbad64d35b","sha1":"8779c4922fdcae09d244cc07489bf7530c8484ee","sha256":"0546b0b59a49c70e8eb3fd9bd6a77a89698f6b68de4a0c65daa48ab132a5a17b","sha512":"8ad5416642c2a06b489650aaf66e9a8969482d6bdee8aa3f2040b05da9d9254fdeac1b871fd1b1b40fcaf09f5f71747bcf1150eb6451b25316f636ed0d9b253c","ssdeep":"","tlshash":"f9b01284221311205606040402124290041cc131bcd24b12311fe10617404048289104","size":100,"data":"","first_seen":"2026-06-19T12:26:58.689442Z","last_seen":"2026-06-19T13:21:30.873858Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/js/terradrew.js","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a342cc92ba2444746b8ef0e9b7dd444","sha1":"5cf15bf455a1b97ec775317f86f82bb798e40476","sha256":"9b429599245a1e97431ce0b65b4b4ff62ce166a2681b4e815f5c8c4b187c3666","sha512":"db8e2ad4b0f4e1255e473e9eaf848e0921da781857429e2fd0bf757ee8b4bb718d45b2bb989ffe271718b7c6b5475b1536a13b9ee1d697f7897ec8093a85cc95","ssdeep":"96:PMkXudaCi9EXT8f8Rkdi4EXe8I8Cs9X/cmIXMEits+i8iW928iAPiiK/de:0kXudVi9EXT8kRkdi4EXe89Cs9X0cEin","tlshash":"bea1020932251a229a7297bdcbae2140fe359227510bd31c3aedc4443f7d56c53adeee","size":5017,"data":"","first_seen":"2023-11-26T14:47:47Z","last_seen":"2026-06-19T13:21:30.86923Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/script_land.js","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3156c76b552a0547591fbd283fe5ed5a","sha1":"5cdfc1f66c85ed5e9e014f7ba47d21297149330d","sha256":"b7a0f72178cc50615b2e05037c4729cdecf02e5e9ee8246dc1ce73cfb4843fad","sha512":"77814c0810b65b822c8ae9077abc3fdb49ab428799471f7205ba46099121abb57ffa628546d2022a77c1b5a155d05b93f8a0d32a3a55b7bdb36e889f7abaa320","ssdeep":"768:BP6K7dsdVWbyEkCJmkwmk8mkxmkZmkdmkvbrHclax0Bg0q3ydP+aBotqoHZCywbp:BP6K7duVEYM3PbX083ydvotqKCdr+DKz","tlshash":"8c231a6d1df621540473716e6bffa22431688537a648cdd0bc8c4f683fe0f785a69ba8","size":47446,"data":"","first_seen":"2024-12-06T07:46:40.879669Z","last_seen":"2026-06-19T13:21:30.86505Z","times_seen":178,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/js/jquery.js","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b61aa6e2d68d21b3546b5b418bf0e9c3","sha1":"9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7","sha256":"f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b","sha512":"5882735d9a0239c5c63c5c87b81618e3c8dc09d7d743c3444c535b9547b9b65defa509d7804552c581cb84b61dd1225e2add5dca6b120868ec201fa979504f4b","ssdeep":"1536:/jExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvaks:/Yh8eip3huuf6IidlrvakdtQ47GK8","tlshash":"3193f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89478,"data":"","first_seen":"2023-03-07T01:03:09Z","last_seen":"2026-06-20T09:33:45.858787Z","times_seen":17032,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/common.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"16f7a7b3c4e0076aadd262d3e22943da","sha1":"77c934364de625845a205ccd1637a271aafb6cd2","sha256":"b7ee00ba351031a057e51349f8b7523166f76d7ec1c9573e8c917c56b7b7dd07","sha512":"62dbc9a3d5a93e00f2298b98243e0e7b9e1833b56d5f2ce498e3534cfa1d6f90fe1a863c8af2796dceda65b4e03249cdd8b4bfe6b7795d68fdfcc0ee8d0b22fe","ssdeep":"3072:jQ1gZoQYjOrTIr8k15hjqL8gG/jMeFVNKt:cCZ8jmcrVhjjgG/jMeFVNM","tlshash":"85c3c8d932937163ab70b4b540a70007b2a6f48df04d882db5f9d8f5aef085a51f9b39","size":127854,"data":"","first_seen":"2026-06-17T17:33:48.107018Z","last_seen":"2026-06-20T15:01:49.042853Z","times_seen":502,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"00ea0c3749b55479a92e07ff8b32a57f","sha1":"557344fc7915e1ad60ca58266dfefc99a0262116","sha256":"fee2871c6f7f3d37170db85193a349aa2ff64c9cbb6b20fa1cbd256dbf7204ef","sha512":"68c8ac3060cac7fbe01ebbba86eb9d1b553f9fb67dd18a05a0f707d3503fd5b3843e01072d911ce44cdbe1b380a0b0592142df3a2d836435d483b7d7025d737d","ssdeep":"","tlshash":"479002015511255aa11510d96934c15d2575e065e94aa620280e0a0000815060548505","size":45,"data":"","first_seen":"2025-10-03T10:40:48.512141Z","last_seen":"2026-06-19T13:21:30.873287Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a3456704bc59be275084cafbad64d35b","sha1":"8779c4922fdcae09d244cc07489bf7530c8484ee","sha256":"0546b0b59a49c70e8eb3fd9bd6a77a89698f6b68de4a0c65daa48ab132a5a17b","sha512":"8ad5416642c2a06b489650aaf66e9a8969482d6bdee8aa3f2040b05da9d9254fdeac1b871fd1b1b40fcaf09f5f71747bcf1150eb6451b25316f636ed0d9b253c","ssdeep":"","tlshash":"f9b01284221311205606040402124290041cc131bcd24b12311fe10617404048289104","size":100,"data":"","first_seen":"2026-06-19T12:26:58.689442Z","last_seen":"2026-06-19T13:21:30.873858Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/script_footer.js?country_code=DE","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a8a93ec0ba80a4c146b25159556697e","sha1":"72a0c59d894ebd6fb1e254c8e76628f9645f6163","sha256":"03bd4fc360b67af38a1e3fe7ca86a493f1c488befed84f2f134eaf1f55276f4b","sha512":"174be61cb1bacb3d5ed7e93b4c86ebdaa9f436cf452b1af6f708a726803a4a935b0476430381b680a7ca5e9818b74d31110dc4fae898730bf86a15c4c0517914","ssdeep":"96:WVjhRd1K3nbLymA6a9/JQkhc4wfOMSEIOunhSgtonwVIiiEvHqQ4:ajhRd16Lysa9hQmj1QunhBonWBL4","tlshash":"19a10a3470e1393d00ca80a5f7afa7557a6124c89d370235bc3f566a84edf8213a7a7e","size":4874,"data":"","first_seen":"2024-12-06T07:46:40.885159Z","last_seen":"2026-06-19T13:21:30.854562Z","times_seen":176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/places_impl.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1da7e4a65085857d878af1e65e117761","sha1":"d165fb4c476e53500ca017b11c55781ec397bab9","sha256":"a826de6cf3ebfbdf18e7f17cd78df222b33efdd2507bba6e3b6dd891b80272c6","sha512":"9bb1f95ecb9a931b3e94dcfb90a29c4ccf6dfba1ddfbe30497c76fac14d9e02336fda333beae2be0c8f819f447701dc795b58391006e104d319852ea7b1d2d77","ssdeep":"192:pJFbyPO5DZuYbVsHTVsJGoWa1jtTAYBjwntn8Qbmq/46Cb6SRMNlOWy4dscz92Ms:fFbyPKDMYbVsHTVsJlWa1jtTAYBjwntY","tlshash":"2f32b69670e7b0aa8b36b841d86302cbb77d95c1f05e8e786c694460bdf0d9b41f57b0","size":11231,"data":"","first_seen":"2026-06-17T17:46:14.886915Z","last_seen":"2026-06-20T14:15:11.61133Z","times_seen":244,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/places.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8617225c1b7dfe7b67c9ca2a95296230","sha1":"83d147af3f7daad77d60d5a14ca373c31f98def3","sha256":"e012942abfeea6dc27503034f9cd55de7115b9c8dc87852c72996d35fc6ed5fc","sha512":"d9590cad59a9785faaefe0fc2ec18a54fa48b47d19e1abed0608db9722b5cde1094f63818756bd84fe50955d64aafb46b2db83cc9da8bb07994ad94db14f88d6","ssdeep":"6144:5LXpGT5Zb0UW99druuOgkBhXoOkyd2mDr9K2hGUmhxAfn/ZTYZ+r/fj48VbEXo/G:sSuMZzZ","tlshash":"95945c576291726666b384605a0b5201a338e40be014abec7c6cdfd15ffbf8182b777b","size":436081,"data":"","first_seen":"2026-06-17T17:46:14.835661Z","last_seen":"2026-06-20T14:15:11.676311Z","times_seen":243,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/main.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc7c3010f2c2ef483760137907ff7af6","sha1":"0afdeb72f43e18777200613491b4b20ec3829f46","sha256":"557dd4cf7f0948bed69a1d73cdeeec99b09c1f60d8945b8aa955a6d3676b1b48","sha512":"ad1e7244f50bcb16dabe3cdfccc9cb43a7426970a8ec8c1b0e519b2a9778cdaa16579c30c20823776db76358bfc755f3b221089c4a786f21d709265f38326d7a","ssdeep":"3072:6wtVcLoEDZk9lu8bHEn1HznbfbICro2HM3R2FoUV3BQO1/i6:6wY+9luYHw1HzDzro2HMB2Fn3H1q6","tlshash":"72543d9873a2756787b2e4e0502b0007f17ea45ef00c89acb69cd9f2aef594546b7f34","size":297843,"data":"","first_seen":"2026-06-17T17:46:14.87044Z","last_seen":"2026-06-20T15:01:48.97422Z","times_seen":275,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/tl-validator.js?country=rs\u0026label=true","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"903a486db8844bcba6104c18d202a765","sha1":"1fe62fbe4b5c8de187161dbe6d1a12174dad7e19","sha256":"10e666fbe61895bbe00e1fc27e1e4cc6178688cd383c8dd7505ce47b249f7b5d","sha512":"021baaff07853173e77b2f3c65d02180d32a048ea3e59fe1b42f22439635ca3e7e82210a96a8c8b8fd689242d470e035d15e15c915f7e08ac622588117a2b2ae","ssdeep":"384:kn4DGMebIoXtyqrSrirhrJrdrOrPyuS9B+BK4Itj3fM1LHNFHlyXvPmBYe3Nqy7l:U7MebBXtyqrSrirhrJrdrOrPyusB+BKQ","tlshash":"35a2a80a97201dbc8165a4d9396b1942e72c759dfcac50ecb92cebd6bf40dc05272fe1","size":23029,"data":"","first_seen":"2025-09-28T01:39:58.525899Z","last_seen":"2026-06-19T13:21:30.861902Z","times_seen":169,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/land/params/?lang=en\u0026rand=48350\u0026location=https%3A%2F%2Flp-dialok-rs-pf.btg-goods.xyz%2F","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5aa1180f8c507504e6bfbfb4d1d91ccb","sha1":"4a2e302903c65901bbea0714365a56a606b15abd","sha256":"2edae9cacaff484de933b3561ebe9a6630517e54c2ffbb3d71d5d9c7db5071cf","sha512":"4e415ad737509a28adc781e750cd92b027bcbbb2259eb777caa86865276f5b9bfef11d40950b543422ce905ad14df86b9b798984f24b16c703f51ff02814da5c","ssdeep":"","tlshash":"46e07d3e6c14ccaaddf44bba35b42c0f50fc5002a490811561d98e5803115b8070142e","size":319,"data":"","first_seen":"2026-06-19T12:28:47.836805Z","last_seen":"2026-06-19T12:28:47.836805Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps/api/js?key=AIzaSyDZuRUsRBeVLHdwlXgWUHVBo4vwQYZVVEg\u0026libraries=places\u0026loading=async\u0026callback=initGoogleApi","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"19663e036390aaec970d4804e20314e4","sha1":"14ec138e523d40f83f2fcccb2fc1126a79563a39","sha256":"c05c43cb275fefd94ebeb990915560e60ae882090f9079496777ad2c80dd92fb","sha512":"745263491372e9c79c1630ebac56d6f678a34ae9ff1de8fa3cc75ac58f22037bd9c42baf6a7af262b51ca3c49f6ccbe284a827713f28764d1fc4bf48ec18b477","ssdeep":"384:lVsmBDzh2NFC2X6tOApy1qAEZJ9gIIT1q0jEVmw8MwHP4qbQ68rAHbi4Oye:lVtBzaFCg6tOA4EZJ9gnRq0jLwXwvsc0","tlshash":"e95274b727011c3adf01742cd4aa7e0d3ca2aa1b2d659be1d8f6d8d58e254711aae3c4","size":13508,"data":"","first_seen":"2026-06-19T12:28:47.814705Z","last_seen":"2026-06-19T12:28:47.814705Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/js/jquery.js","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.687Z","timestamp":1781872095687,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /js/jquery.js HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: W/\"69ca3715-15d86\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\ncontent-encoding: gzip\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CgST2P5Z%2FTzMpmKavufgUrCSOMD%2BeqpSanW%2ByZmYK%2F7Cc%2FyS%2B4wSUaM18igJDgYwjuU9lo6Z41zkDiDnwJYCkOEgr6KUF%2BmK22t3mRsMvjn2RS%2Broxvx%2FnRpGtNCvZvmrhVx9L9R8p2c1u%2B0Fdq8vA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0e288560bbcb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89478,"size_decoded":37249,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"b61aa6e2d68d21b3546b5b418bf0e9c3","sha1":"9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7","sha256":"f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b","sha512":"5882735d9a0239c5c63c5c87b81618e3c8dc09d7d743c3444c535b9547b9b65defa509d7804552c581cb84b61dd1225e2add5dca6b120868ec201fa979504f4b","ssdeep":"1536:/jExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvaks:/Yh8eip3huuf6IidlrvakdtQ47GK8","tlshash":"3193f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:03:09Z","last_seen":"2026-06-20T09:33:45.858787Z","times_seen":17032,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/favicon.png","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.340Z","timestamp":1781872096340,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/favicon.png HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nCookie: _allocation=https%3A%2F%2Flp-dialok-rs-pf.btg-goods.xyz%2F; _alreferer=; _alstart=1781872095; _alsystems=%7B%22app%22%3A%22Mozilla%22%2C%22app_name%22%3A%22Netscape%22%2C%22app_version%22%3A%225.0%20(X11)%22%2C%22language%22%3A%22en%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22java_enabled%22%3Afalse%2C%22cookie_enabled%22%3Atrue%2C%22browser_ver_minor%22%3A5%2C%22browser_ver_major%22%3A5%2C%22s_width%22%3A1280%2C%22s_height%22%3A1024%2C%22tz_offset%22%3A0%7D; _alid=e76a9918-d9e7-43b9-baa4-7689b3176ea4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:16 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-1e8\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=50LBnMDjaYY6FSmccusGBwEWLr8oftd26th8o1zuebm5pBYF7JcjeVpfdLbs4VsRRSXehfqmwIwIfyn%2Fh9%2BVpurRNeHD7965sbacrwAhibCRq6lJ3DHlkTkMq3sKyfZQaH6MmNigHLiGvRXE2o8asw%3D%3D\"}]}\r\ncontent-length: 488\r\ncf-ray: a0e2885a2bf9b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":488,"size_decoded":1610,"mime_type":"image/png","magic":"PNG image data, 49 x 54, 8-bit colormap, non-interlaced","md5":"707e2ce9a3d15e98c524392c9fd04eeb","sha1":"c8da98d0e34a1d6bcc4578c6d90007a6ef5f33f9","sha256":"f1086695cf4ece3dd9cbb55e06526309e9327cbc9c404d1030e9d272844b080a","sha512":"3a6c88fd899fe4431a70527b95202a7c022795af402096e45ca29e08773af301810c1fa15821e24f8a58c097e6dbc09dd4ce8665635f9f3a561e97f0a8f7e4b4","ssdeep":"","tlshash":"37f0dc2fda004c289658dd18a48a7a8c8519723043038a7d0800d708b7b3213448b0ab","first_seen":"2023-11-26T14:47:48Z","last_seen":"2026-06-19T13:21:30.8704Z","times_seen":15,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/coverDiadrops.png","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.703Z","timestamp":1781872095703,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/coverDiadrops.png HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-770b2\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vpf5QdWVHDVGyOcZCYa0cych1Tmqb9KkCSni2Rrpg0R0yjSDZoVghqy4%2BWqV1YJLYGVVvVIwzc0vgfHzlZhqBZjaC4mjisosuYHJpfZ3qo09UkdkgY7LxAUmKoSnBRqXQhZafAE%2BeR3W%2FCXwtM9ngQ%3D%3D\"}]}\r\ncontent-length: 487602\r\ncf-ray: a0e288562bc0b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":487602,"size_decoded":488728,"mime_type":"image/png","magic":"PNG image data, 1031 x 580, 8-bit/color RGBA, non-interlaced","md5":"3123b5e4c6fd44fe7c94edb346dbef5e","sha1":"ec712370e047a3c37f13db276a5bd4b20edb0814","sha256":"74a84f0d9e4fb08101625da239fb7d286a5c2d5c38e95ed672ce60e8a378136f","sha512":"333251efc889479c8da54a45b03643071228079800c25ce57b660e42bdd7cd9c7fd098a50bdd5db9c0ecb7d78e57dba66b9b9c773c8da57d172053f833a15df6","ssdeep":"12288:92LJE1mErolgp5iTzRkyr+LW/KpXoN7qpvwbAqpJofFtuTbfE:9uh3w5ivRd+LEKw4qVJotz","tlshash":"f1a423e3a74d4ffd01abe95da0748d3403d1beabb13d6b8043298e681447915df48bad","first_seen":"2025-10-03T10:40:48.492413Z","last_seen":"2026-06-19T13:21:30.851538Z","times_seen":5,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/44.jpeg","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.719Z","timestamp":1781872095719,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/44.jpeg HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/jpeg\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-6b7d\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mfGyqzgG%2Bve2t2pGbAQLoIZTML522B%2BKUfwmTPTourOSXWSWqVO3odz%2FSPA1LdVYtxVpHbxe1TwuynEuJbnL5e4rCStbCcWkHKQYZrdz7b8qt6S0D22SxBazyCI0jlF6rYfgxOU%2FdEkAYJTP9Do%2FCw%3D%3D\"}]}\r\ncontent-length: 27517\r\ncf-ray: a0e288564bc8b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27517,"size_decoded":28646,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3","md5":"ce42f25b66ddececf410881dc29f6ab6","sha1":"c038e555777b0abcf38c0319ac913d8191f7db45","sha256":"f38b113932dc1fa1ca3b7fb89213d55b8f8c0d4b463aa0e3308cf85e937b0585","sha512":"0cdc219b96aa790cb3a609b065977028ed11affa73759b0cb1d5185a5daf02c3b1a2befef9d1a990e32af4fce60959f153a4ae49201f9da2a429835b274f66a9","ssdeep":"384:SCN+QMC8/JyWvsnNmhMhTvyZPc5B40RS+0JjOfVOibuJSejDIeMJu6:ZUEDNuyTvymYa44RKIg6","tlshash":"e4c2f1c658f82ab6f0aea8513f57cf82c9897601e0cd9d823f044750292daefdb78107","first_seen":"2025-10-03T10:40:48.503023Z","last_seen":"2026-06-19T13:21:30.869798Z","times_seen":5,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/66.jpeg","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.722Z","timestamp":1781872095722,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/66.jpeg HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/jpeg\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-62df\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WmQu3EwYxf4me13pjvKMC5u5NR34Uw%2BPEyM97DPBWw4KSLG7gsIqSEcVAGln8EMFEo3%2F5ll3PgYvsx%2FVUtqt7%2BaAgT1k92iATEaYMREHTG9NdICg%2B4Sn4MLcXjwAqmA3DmbhVfjpeGciffCSoFud1A%3D%3D\"}]}\r\ncontent-length: 25311\r\ncf-ray: a0e288564bcab4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25311,"size_decoded":26440,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x245, components 3","md5":"bfbd46395fdcd1df0fea011746fc796f","sha1":"2dbfb369cfa7380a06e10f0aa06265ef2e507ff5","sha256":"2556b3b77aeefbb747b0af2c7b54f00c0c2c5e6c2ca05685e66570b23ea83972","sha512":"7194fa809856cfc8ef922ee353118625a22b07fc5e9a89de0064ec590400bc9ec434b0e5bbbd28142f031aa0b064155faffb3a9a30fb7d02f82fa12a270b434f","ssdeep":"768:jaJ2n3VtwbZamzsX6icamMA+onv4IataLdYkPm7:7Eamzm6iFo4/tazPG","tlshash":"5ab2e00f7ca9f807871481bc91f97742468b8c2ff1985aeae1ddb6e589f16021b0a71d","first_seen":"2025-10-03T10:40:48.482825Z","last_seen":"2026-06-19T13:21:30.853511Z","times_seen":5,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps/api/js?key=AIzaSyDZuRUsRBeVLHdwlXgWUHVBo4vwQYZVVEg\u0026libraries=places\u0026loading=async\u0026callback=initGoogleApi","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.273Z","timestamp":1781872096273,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:12 GMT","end":"Mon, 17 Aug 2026 08:38:11 GMT"},"fingerprint":{"sha1":"26:CA:50:BF:FC:D2:67:81:11:6B:91:A7:5F:CF:26:B4:FA:AA:AF:2E","sha256":"22:85:EE:92:AB:1F:D9:B3:48:C5:DF:FC:35:22:AF:1E:11:FE:DE:52:18:CD:E6:28:21:E6:A9:D7:5D:FA:9C:07"}}},"request":{"raw":"GET /maps/api/js?key=AIzaSyDZuRUsRBeVLHdwlXgWUHVBo4vwQYZVVEg\u0026libraries=places\u0026loading=async\u0026callback=initGoogleApi HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nvary: Accept-Language, Origin, X-Origin, Referer\r\ncache-control: public, max-age=1800, stale-while-revalidate=12600\r\ncross-origin-resource-policy: cross-origin\r\netag: 9acc567c\r\ntiming-allow-origin: *\r\ncontent-type: text/javascript; charset=UTF-8\r\ncontent-encoding: gzip\r\ndate: Fri, 19 Jun 2026 12:28:16 GMT\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 2609\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nserver-timing: gfet4t7; dur=21\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":13508,"size_decoded":3182,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12115)","md5":"19663e036390aaec970d4804e20314e4","sha1":"14ec138e523d40f83f2fcccb2fc1126a79563a39","sha256":"c05c43cb275fefd94ebeb990915560e60ae882090f9079496777ad2c80dd92fb","sha512":"745263491372e9c79c1630ebac56d6f678a34ae9ff1de8fa3cc75ac58f22037bd9c42baf6a7af262b51ca3c49f6ccbe284a827713f28764d1fc4bf48ec18b477","ssdeep":"384:lVsmBDzh2NFC2X6tOApy1qAEZJ9gIIT1q0jEVmw8MwHP4qbQ68rAHbi4Oye:lVtBzaFCg6tOA4EZJ9gnRq0jLwXwvsc0","tlshash":"e95274b727011c3adf01742cd4aa7e0d3ca2aa1b2d659be1d8f6d8d58e254711aae3c4","first_seen":"2026-06-19T12:28:47.814705Z","last_seen":"2026-06-19T12:28:47.814705Z","times_seen":1,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":2,"connect":8,"send":0,"wait":34,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/css/terradrew.css","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.673Z","timestamp":1781872095673,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /css/terradrew.css HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: W/\"69ca3715-4899\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\ncontent-encoding: gzip\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kKyDMdcY4PiIKao7p3SSV0WfH6LK%2B9ZWrHujbQHqeayWE7rcJyaDJQRQFgXIJ4dqwge9HxdkG9KHwGFLnTo4szk6lXsfcHvzt8MO%2BSuo1mKlu2M4uN2aZPkAwDtARoj9Y3tqH7oriRHSDTW%2Fdn4H5Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0e28855fbb8b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18585,"size_decoded":5110,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"bc6a83b8e8053e07b0c98be222821e51","sha1":"46da877a3a6d5a69edcd986d0f56d6ad1856fac3","sha256":"8fccf7c1fefd878fa39929e23bcdbd169e43e9f66d8117a285eeedc61dc8c8b5","sha512":"3f7496ce1d870be6d7a49cbf5a63d751fa45d69549ab8ee77f4106a5cce5ec32f43a0c5f2d1c7a1e4407c687b8d03d9a180c119059110ca705830ee9a253824c","ssdeep":"384:F4YxYSyHs9QIHl/DSP7lgrB6XJAi7xkKVJjfsy70F:F4YxSHs9QIHl/DSP7lgrB6XJAi7xkKVK","tlshash":"95822625fa2721495302de7c77fc1f799e784033171b45beb5c0291e839669827ab38e","first_seen":"2023-11-26T14:47:48Z","last_seen":"2026-06-19T13:21:30.864153Z","times_seen":31,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/subscribe.png","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.712Z","timestamp":1781872095712,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/subscribe.png HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-de\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HwTDXfH2bIuvcDPSAJxKHZ18yVsjjA95kTs92du7ij0PcRDhzuyvebwN8nN%2BveP7u9kBJ36Yn%2B6i6wm%2FkxBMpLl6ovPRYUxrdCFSA%2FZ7y2G%2Fp%2BClzZTNCr9mCDT0%2B6tJJuGfzgpCUFS9oGNv2A3Sgg%3D%3D\"}]}\r\ncontent-length: 222\r\ncf-ray: a0e288563bc4b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":222,"size_decoded":1350,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced","md5":"33ccddbfb04597bd029b2fee118896bd","sha1":"cd01637767d1933bdc09fc94b8081d8ee39835ac","sha256":"98154fe1ab7b555363cb2b22b8e4c54c504834e69474537ea9f810b5719f0445","sha512":"c1e14184f13bfcd6e3abbe81a5a96d5c6e9154d9984731c90db09a54d803dae136419054e3d1c9c031d07510db31cdd08a9e767ded5032c9f33cac01ad9a9e8e","ssdeep":"","tlshash":"37d023c1dff1fcfec02cb822e91243029e11001930003185075e1ec3024c4e450f1d07","first_seen":"2024-05-16T07:39:42Z","last_seen":"2026-06-19T13:21:30.852935Z","times_seen":21,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/55.jpeg","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.720Z","timestamp":1781872095720,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/55.jpeg HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/jpeg\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-334eb\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LtEEtnXWB9129fjxskglRHW4MG4GbUrWuVWOHB7cRHo1rQPvwl9WU1Kx9cNsdZylRBy1nSPKdSnwT6bqCBr%2B3uKB7zesleoKDAtRk4a7alzKjYXbUBmUkYEsik4cF8u%2FCxZR7bMQ1fzNOQDpzIrDtA%3D%3D\"}]}\r\ncontent-length: 210155\r\ncf-ray: a0e288564bc9b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":210155,"size_decoded":211280,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2619x1444, components 3","md5":"c3782c5d5e45c6b947cd209fcb6bef9e","sha1":"0c6beda1a4d1a2cea4f9264dd623e04156e39b53","sha256":"5b494d18ca0f43100f1fecfe8ac52a4797d1ef698fe639cc0a713fe58b801b31","sha512":"b890b06e5a0b907717cb52c426c4277fa739cb63c5754e22471bdd5a410fc8ce0bdebeca5d17e0303ffd1f4fcc1968fa1d01c0755aca15a1671e76c12d8e5031","ssdeep":"3072:hoL83Yx5XsOzNc0tNfVLcnblpCABCHqp47SdQ5U/GOpBJup0/DBpS5XGcT9E7toY:TYxrzm0tTL8ppCQiqXQEGyJVSN6n","tlshash":"a6242277ba1242637b08291cdbb40fd35964a0ad8e8ad73c8f8082e54cb5ecb5039d3d","first_seen":"2025-10-03T10:40:48.458494Z","last_seen":"2026-06-19T13:21:30.855548Z","times_seen":5,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/diadropsContent.png","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.724Z","timestamp":1781872095724,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/diadropsContent.png HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-ce282\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aalWCS8bYFGzKz2OPaqxlbQjwGwbt5PrMEzeCOE7ryp2Uy1q%2FhmSx60no4v2D%2B9LHu%2FEky66DT87EtigGro61UR9yXkFLXjSJhRvv%2BNehVWVKIEydOGmD2QfUmGoiFRmHnrhDcuaRIW5lpuyCCdO0w%3D%3D\"}]}\r\ncontent-length: 844418\r\ncf-ray: a0e288564bcdb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":844418,"size_decoded":845546,"mime_type":"image/png","magic":"PNG image data, 1080 x 721, 8-bit/color RGBA, non-interlaced","md5":"19a5214120c04f564a2d4c0fbc9acb07","sha1":"ecb44b75c8059fdb049c7a58c488d035212be906","sha256":"03ea42b11b1024d59ab8edaef3e9e117c0af2f3f551b7b482443c974c39ef5e2","sha512":"5205307d16d315a4d33b9e40e088bb47223ff1ce0abca189615562c4da11493ed5e68fd913d80fe81779d0e86b99d0c9a8fd2810a079394ef312b598929a0150","ssdeep":"12288:2fgBleiwpXUxwaXQwcgzB6+QGYTTzsGWrFqRYRwYaH1teO14GurktnDYRtn2p2PX:FleiAtaBB6+S3GRQY5+1juTtn42HL0t2","tlshash":"3b0533a4d4cd683dea29aa240475b70286fc6d5287e48d6b3f97d1ec6f0e00db852f4d","first_seen":"2025-10-03T10:40:48.494487Z","last_seen":"2026-06-19T13:21:30.866125Z","times_seen":5,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/1.jpg","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.730Z","timestamp":1781872095730,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/1.jpg HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/jpeg\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-12528\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dKT156Hrz%2F7imhpR6R4M%2FxgVUDNcI5Uj6CvRKKarudTch0se7V18BLFsw%2FlpUpduIkNDvbPmoWyKUG6XCpXWgG6eVVgjN3S4MstwDfZCsTKevwOm3mHlMr8Y7AQIAP7WAe2WyWYsj8ZRnlaDV%2FCbHw%3D%3D\"}]}\r\ncontent-length: 75048\r\ncf-ray: a0e288565bd1b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75048,"size_decoded":76176,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x765, components 3","md5":"07c502f84620dadf51606d9999350aa4","sha1":"ee13eaea70f3167ca34900b75993e4193787844e","sha256":"9f247f95cdd1cf6898e7bdea3217ea18f6f1761d899b04628a25c3da08f5da92","sha512":"572f483c4dd9975fdc1c69a541e109ad1b9a5378035071cc3b5432692236ca7ad5beab53c6209503ad61424d73c292db1f4ec5b9dd6844258c9f1f4c97ca13b9","ssdeep":"1536:ZE+Exmdib2KnhIOdF+zHc1LJSKGUjTtsz4ozCzwlXLN/+:CXmdC5nBo2LJS9Oez4ozHa","tlshash":"1073122fe4880e6429f7a6f34724ab1f7a14abdc85367d233e47d196e1211d44f285e8","first_seen":"2025-10-03T10:40:48.462019Z","last_seen":"2026-06-19T13:21:30.858148Z","times_seen":5,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-19T12:28:15.220Z","timestamp":1781872095220,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZwxteJN5rw%2FhBkUlIpfn%2FOUEbYXXsPh1HlNiQUnmXs%2FsrgPvEGrxxwITni1sc4%2FECA4w3n6sSE%2FCbE3jaPXnTuwi1ImIoABt7WlYUkSSwZAzviKkNigpSzjkCLwSldnwJ6tgMw4Z%2FwrQrfrS5HZxXA%3D%3D\"}]}\r\npriority: u=0,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a0e288535ba4b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":71916,"size_decoded":26576,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2452)","md5":"6cba92900c5a16ae79ba4d91ccda9a85","sha1":"f58804f32b8c5286f8a0562baa2604aa953bbfd9","sha256":"191cb7f280c1dfe62d09f9ffaab8a69cde453daaa012ceed2497016298d4dc2c","sha512":"8c166a64053878c987deffa25d339cfd3a2ee85b8464473a719e9d32348215c6851a8c25565659737bf7e4d99fb1e60b2ed4361d44d7d6d431d2302ea99eebcd","ssdeep":"1536:VNUsOzMQV5ZSg8uJPsqGvx71ZONKlLbRw4epM+y9S:/OzMQPM0sJGtO+z","tlshash":"2963f871a9f2545f06eb84c09a333f176fd8a48fe5464d6031ee1ad19f87d42ea238d8","first_seen":"2026-06-19T12:26:58.671207Z","last_seen":"2026-06-19T13:21:30.868049Z","times_seen":3,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":3,"connect":22,"send":0,"wait":107,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/script_land.js","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.682Z","timestamp":1781872095682,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /script_land.js HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Fri, 23 Feb 2024 08:00:16 GMT\r\netag: W/\"65d85090-b956\"\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\ncontent-encoding: gzip\r\nage: 107\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t330XR82ihtquMPhry0nfjChGMD5ctiPUewpcGOvamDBCZ3Ru6T8kGwRVOHrWMQTg5gojoese%2BrHyO2zE3OZDA8S2yHVgbjb7crjZqoABEsLAh8Syzwbhi57gjimU5%2FefjM6J7vgBCtwfpYUsnf0Bw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0e288560bbbb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47446,"size_decoded":17123,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17691)","md5":"3156c76b552a0547591fbd283fe5ed5a","sha1":"5cdfc1f66c85ed5e9e014f7ba47d21297149330d","sha256":"b7a0f72178cc50615b2e05037c4729cdecf02e5e9ee8246dc1ce73cfb4843fad","sha512":"77814c0810b65b822c8ae9077abc3fdb49ab428799471f7205ba46099121abb57ffa628546d2022a77c1b5a155d05b93f8a0d32a3a55b7bdb36e889f7abaa320","ssdeep":"768:BP6K7dsdVWbyEkCJmkwmk8mkxmkZmkdmkvbrHclax0Bg0q3ydP+aBotqoHZCywbp:BP6K7duVEYM3PbX083ydvotqKCdr+DKz","tlshash":"8c231a6d1df621540473716e6bffa22431688537a648cdd0bc8c4f683fe0f785a69ba8","first_seen":"2024-12-06T07:46:40.879669Z","last_seen":"2026-06-19T13:21:30.86505Z","times_seen":178,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/js/terradrew.js","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.690Z","timestamp":1781872095690,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /js/terradrew.js HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: W/\"69ca3715-1399\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\ncontent-encoding: gzip\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7kyrqSC22YUrav9mo7ZW1sy1YRd%2BbmE9Te4nZCjIhXsRXjFGJgcm5tHMVgSr3zHmPjfCyZvtZDQRanE3HDGV63Odia%2BgeiXFpuEu7O%2FBIQUb%2BYWng%2BFZN7bldws%2BHAGcbHM0oH%2F6hU%2FGC3WLkrZ1HQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0e288561bbdb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5017,"size_decoded":2795,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"6a342cc92ba2444746b8ef0e9b7dd444","sha1":"5cf15bf455a1b97ec775317f86f82bb798e40476","sha256":"9b429599245a1e97431ce0b65b4b4ff62ce166a2681b4e815f5c8c4b187c3666","sha512":"db8e2ad4b0f4e1255e473e9eaf848e0921da781857429e2fd0bf757ee8b4bb718d45b2bb989ffe271718b7c6b5475b1536a13b9ee1d697f7897ec8093a85cc95","ssdeep":"96:PMkXudaCi9EXT8f8Rkdi4EXe8I8Cs9X/cmIXMEits+i8iW928iAPiiK/de:0kXudVi9EXT8kRkdi4EXe89Cs9X0cEin","tlshash":"bea1020932251a229a7297bdcbae2140fe359227510bd31c3aedc4443f7d56c53adeee","first_seen":"2023-11-26T14:47:47Z","last_seen":"2026-06-19T13:21:30.86923Z","times_seen":25,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/product.png","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.725Z","timestamp":1781872095725,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/product.png HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-22c61\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UL2Kvk976C6l6I63wObwwsGoLqHulnZXvP7db6N7EjIEZtzOZe6DcRO5Blxui7FOVEP86OqGeMIh%2Fabktrzu9i%2Bu1Iks7CzsJvZen79GM8QlbgVkQBX0tZV%2BEMhO90cEEAz5q4%2BuIA3%2BZaxbJbyxiQ%3D%3D\"}]}\r\ncontent-length: 142433\r\ncf-ray: a0e288565bceb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142433,"size_decoded":143563,"mime_type":"image/png","magic":"PNG image data, 390 x 350, 8-bit/color RGBA, non-interlaced","md5":"e0d23f6d0646eaae36f4240c96abaf6a","sha1":"0f97bce45c1fce7280ada71a17dbcea848400659","sha256":"248ed8d0ea00e4365ed75ce672c26e9932e07ab6a007260424461a5b719bb707","sha512":"b270c8ea7c2664ce79d22225e0ac933403b4425e436886c0662b888e3b7b830fa56701566deb0ecbb4f80487982441c82fdc8729818af00b8f2a4c7e83a72aa6","ssdeep":"3072:svSeM4nCbaI0p/rd18w5xyZAuwv0kYdgNfOZY1RDI:oSey01p18w588OgNGZY1Rs","tlshash":"8ed31248ac929676024c251cfcef4a036f772684255088558bf2d9a3ada5dfecc6f7c3","first_seen":"2025-10-03T10:40:48.510397Z","last_seen":"2026-06-19T13:21:30.856106Z","times_seen":4,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/script_footer.js?country_code=DE","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.357Z","timestamp":1781872096357,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /script_footer.js?country_code=DE HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nCookie: _allocation=https%3A%2F%2Flp-dialok-rs-pf.btg-goods.xyz%2F; _alreferer=; _alstart=1781872095; _alsystems=%7B%22app%22%3A%22Mozilla%22%2C%22app_name%22%3A%22Netscape%22%2C%22app_version%22%3A%225.0%20(X11)%22%2C%22language%22%3A%22en%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22java_enabled%22%3Afalse%2C%22cookie_enabled%22%3Atrue%2C%22browser_ver_minor%22%3A5%2C%22browser_ver_major%22%3A5%2C%22s_width%22%3A1280%2C%22s_height%22%3A1024%2C%22tz_offset%22%3A0%7D; _alid=e76a9918-d9e7-43b9-baa4-7689b3176ea4; alunique=1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:16 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Thu, 20 Oct 2022 08:19:59 GMT\r\netag: W/\"635104af-130a\"\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\ncontent-encoding: gzip\r\nage: 107\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gkP3Hcwd%2BR%2F03IXE2tV92ZKuZbJoEyykkGRWLHnjqvuhNFPXyTEcrzJ0SA6CzOYjQ2eQLo%2Fr7UwARShp57Pgw%2BGEhuknPLmCbd8pR2Xjy1vEZT9hDTRxa%2Flpfdqy%2FHP%2B%2FWbr%2B09a1WprKwMdGP0Uhw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0e2885a3bfdb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4874,"size_decoded":3885,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4872), with no line terminators","md5":"5a8a93ec0ba80a4c146b25159556697e","sha1":"72a0c59d894ebd6fb1e254c8e76628f9645f6163","sha256":"03bd4fc360b67af38a1e3fe7ca86a493f1c488befed84f2f134eaf1f55276f4b","sha512":"174be61cb1bacb3d5ed7e93b4c86ebdaa9f436cf452b1af6f708a726803a4a935b0476430381b680a7ca5e9818b74d31110dc4fae898730bf86a15c4c0517914","ssdeep":"96:WVjhRd1K3nbLymA6a9/JQkhc4wfOMSEIOunhSgtonwVIiiEvHqQ4:ajhRd16Lysa9hQmj1QunhBonWBL4","tlshash":"19a10a3470e1393d00ca80a5f7afa7557a6124c89d370235bc3f566a84edf8213a7a7e","first_seen":"2024-12-06T07:46:40.885159Z","last_seen":"2026-06-19T13:21:30.854562Z","times_seen":176,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.616Z","timestamp":1781872096616,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:12 GMT","end":"Mon, 17 Aug 2026 08:38:11 GMT"},"fingerprint":{"sha1":"26:CA:50:BF:FC:D2:67:81:11:6B:91:A7:5F:CF:26:B4:FA:AA:AF:2E","sha256":"22:85:EE:92:AB:1F:D9:B3:48:C5:DF:FC:35:22:AF:1E:11:FE:DE:52:18:CD:E6:28:21:E6:A9:D7:5D:FA:9C:07"}}},"request":{"raw":"GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://lp-dialok-rs-pf.btg-goods.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/json; charset=UTF-8\r\nvary: Origin, X-Origin, Referer\r\ncontent-encoding: gzip\r\ndate: Fri, 19 Jun 2026 12:28:16 GMT\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 23\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://lp-dialok-rs-pf.btg-goods.xyz\r\naccess-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length\r\nserver-timing: gfet4t7; dur=9\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":3,"size_decoded":565,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"8a80554c91d9fca8acb82f023de02f11","sha1":"5f36b2ea290645ee34d943220a14b54ee5ea5be5","sha256":"ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356","sha512":"ca4b6defb8adcc010050bc8b1bb8f8092c4928b8a0fba32146abcfb256e4d91672f88ca2cdf6210e754e5b8ac5e23fb023806ccd749ac8b701f79a691f03c87a","ssdeep":"","tlshash":"c7200000000000000000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:10:31Z","last_seen":"2026-06-20T14:23:23.877304Z","times_seen":412699,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/css/main.css","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.679Z","timestamp":1781872095679,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /css/main.css HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: W/\"69ca3715-33300\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\ncontent-encoding: gzip\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lCcN0CK2E5XVxdMJxKpvIul0FKH3g10WT0C5SJeftFKHHyRrHa%2BUryPUsrXtrD1ew%2B%2FXukc7kMLbReyY5DRltozwZqIsvbHitORaR7KNQU%2BVSJOoy9Fmg50uPue1UqmKvixJuIPEzINauXElo0v9%2Fg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0e288560bbab4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":209664,"size_decoded":155000,"mime_type":"text/css","magic":"ASCII text, with very long lines (51880)","md5":"475fa874e4c0b861089704cf4df74e86","sha1":"72a45f46826399e4a49431b4aa6d96d224796f2b","sha256":"7dec5fa782d45f578b1faad1382448a2b2d353953d4c9b2f544c8d3bb808c8d1","sha512":"17af3933d578a90bc8c20baf4cbde3e3ff3114c84bd057c4590c9ca2ccf7d48c36d3ff0d23dc4b028778b5a91750439ede6543c5d8524b59079c52072f483d3b","ssdeep":"6144:xbIRbK4pnEXlAlrCTowHK0Oe9uooX34OSaQoXxW:xbIRb/hEvxHKPeBoXX3XxW","tlshash":"3324026a19e3385daa2f80292bbe6f8672840543904edddc3fe972898fcc5d451387dd","first_seen":"2025-10-03T10:40:48.471003Z","last_seen":"2026-06-19T13:21:30.857132Z","times_seen":4,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/tl-validator.js?country=rs\u0026label=true","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.693Z","timestamp":1781872095693,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /tl-validator.js?country=rs\u0026label=true HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Fri, 26 Sep 2025 12:49:54 GMT\r\netag: W/\"68d68bf2-59f5\"\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\ncontent-encoding: gzip\r\nage: 107\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SQLqKXkarWaqc2RV8DXmcGHDzfjkqBjPY93cNlPpIWHYk3TeMrDpW5Jn7aIC2IauWiGAGQMqWR3pCVVuyCO9Rqr1%2B3f0EokZpOuylBr8UWXqPbi4TsRUCDQCpk5M%2FVcLSVYjlS8jp3XI0NTNhHPrlA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0e288561bbeb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23029,"size_decoded":8339,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21706), with no line terminators","md5":"903a486db8844bcba6104c18d202a765","sha1":"1fe62fbe4b5c8de187161dbe6d1a12174dad7e19","sha256":"10e666fbe61895bbe00e1fc27e1e4cc6178688cd383c8dd7505ce47b249f7b5d","sha512":"021baaff07853173e77b2f3c65d02180d32a048ea3e59fe1b42f22439635ca3e7e82210a96a8c8b8fd689242d470e035d15e15c915f7e08ac622588117a2b2ae","ssdeep":"384:kn4DGMebIoXtyqrSrirhrJrdrOrPyuS9B+BK4Itj3fM1LHNFHlyXvPmBYe3Nqy7l:U7MebBXtyqrSrirhrJrdrOrPyusB+BKQ","tlshash":"35a2a80a97201dbc8165a4d9396b1942e72c759dfcac50ecb92cebd6bf40dc05272fe1","first_seen":"2025-09-28T01:39:58.525899Z","last_seen":"2026-06-19T13:21:30.861902Z","times_seen":169,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/logo.svg","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.701Z","timestamp":1781872095701,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/logo.svg HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69ca3715-470\"\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ne%2BR9eKlnO0Gbpb2jcEG4NhIKfs5hcI1ZBY%2Ff%2FexJ67VRfL%2BQenK7EIWQdVJnQVVcLwH3DRKUcn3OCOGaQStktzaW8SNx86WowZOJLp5ROYwhJsYSe%2FTjEublS9JYAM19WfZsL42oTrqDy3xMmPU4Q%3D%3D\"}]}\r\nage: 107\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a0e288562bbfb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1136,"size_decoded":1661,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"425f58d7011792b4184a876795be4096","sha1":"ec06ce8d75da7989b63b9d8ecde2e2efd20f428f","sha256":"467099c9c28742c7ba912b433ac1b37b2a97bea2300a35e450bf068805321019","sha512":"579f30c8c3a4846256d4186b6e7a776a4bafb3890c46c1910da3c7f52bba6ac7a8ddfc33c65d33cd510b8d7a67165c283171305c69f18ab52593d4f7416935f6","ssdeep":"","tlshash":"4d212132e018af1ee3cee35cefe15694617cf5f5a069d88c585627bd511e88029d5e20","first_seen":"2024-06-23T23:11:32Z","last_seen":"2026-06-19T13:21:30.865586Z","times_seen":19,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/avatar.jpg","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.708Z","timestamp":1781872095708,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/avatar.jpg HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/jpeg\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-18a1c\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ptKoh%2FY13vB4oj8xHS8L8CIlL7VIm%2BlNZlKyZC2P1%2B26bl4Y79rkOtmWosgWY8Ihp9J15Kbing3Ih329Esqzv%2BI0Bf0IACo9vr6t90iG9YjTsbTR3%2F%2Fe1vycFIMok%2FoIN26ji79BFgYcYVUvvI0wRQ%3D%3D\"}]}\r\ncontent-length: 100892\r\ncf-ray: a0e288562bc2b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":100892,"size_decoded":102027,"mime_type":"image/jpeg","magic":"PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced","md5":"5abe6e6f0816443f3f4404817ef4039b","sha1":"f7d6e8c7eb415389fbababf69d68d10e27bf611c","sha256":"24e8e180b8480e90b763c8e8e486f4522ef977515daa65ac42f068565649ea3b","sha512":"22c925b24dca93db52f329f75c2df728096ea5feb254b4fdb64db349aeb54dbf4daf0bfed5f28e4335d814c2e7116176ba21c4d1b5bb64fa751823ef025a4c00","ssdeep":"3072:BlGgSOiZX0hwwYfrDR5RH58L0xw95vDZQ0e:vCOiZNrftqDK0e","tlshash":"e0a312e225c13bb9ddc39b637f22cd4414cd90c40bf4ab1790894b7a56aac96c6b0c1f","first_seen":"2025-10-03T10:40:48.475679Z","last_seen":"2026-06-19T13:21:30.852401Z","times_seen":5,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/yakyb.jpg","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.713Z","timestamp":1781872095713,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/yakyb.jpg HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/jpeg\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-6c35\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sbRdqT0nKQ%2FFieIrK3c6YAzRf9yWaEK2nqXHticXq9uQtgtu%2FWW0q%2FPkHOs8TDVzXc%2FQ5LMs6K5A3VWp%2FAKs18wZRUsVfEl4MagawHYMrORmYVm6jpiJ%2BMzdKpIoOXn1MNtnwFL%2FdaAAmNQHuOG29g%3D%3D\"}]}\r\ncontent-length: 27701\r\ncf-ray: a0e288563bc5b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27701,"size_decoded":28834,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x338, components 3","md5":"ef059b0c8fe313d913502a5448065bf7","sha1":"7bd5558268d8f8698ae6fb097dba0afacefd3b4a","sha256":"cd3e064bcb6b22fceceab4db4e1fc425c4e6b22062f02fbd2e009662be82bf27","sha512":"85152812d976b425e70c12b1e0c11f55e0272df8178327a19da2ca8ab70f603307dcb1ee741704d7d77d50b8f9d525384fe4d628b29594876b326418cde5bcf4","ssdeep":"768:yoB6DVw3uYv2ctGT9YnI3lYpIMamKDRUwdh2IEOKt9+enT:yoB8V8us2ctmGnTWMlKDRUwb2vOQ","tlshash":"edc2e12d4f34ca7dcc9a8ebbd73417c673f39d68685c84529d4e162e2fa670417c49a0","first_seen":"2025-10-03T10:40:48.499124Z","last_seen":"2026-06-19T13:21:30.872076Z","times_seen":5,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/info.png","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.710Z","timestamp":1781872095710,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/info.png HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-e2\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KECtfT%2BnLLuuY5RPVWXTL1cuqW2L9h7yap6eh%2FiGjijIK0gkWIF25VUvkYdj0ECkUsyhqgmuVJFv8wa6rQKnbeCc6vd2jGkm2JwXamz4%2Fo%2FojVNG%2FqVQ9M5LB96thPd%2FaNlvwlGcgcTghj%2BJkfXOtw%3D%3D\"}]}\r\ncontent-length: 226\r\ncf-ray: a0e288563bc3b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":226,"size_decoded":1354,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit gray+alpha, non-interlaced","md5":"6bb8f6c20df6345cc42f1fb3c2a7f8da","sha1":"668d841511127fde574ce6189cfd3b1f7e59d287","sha256":"7531c3255dad9a6faa8e7df0f0bdbd6ca3c1b2b4c07233c87424b356cab19095","sha512":"a24658624c63046b63443b7c60e21b761932a3918ef72af36a588e3fb2b049f84abd661eb5e9adef6c55f541cb52cc60f381c3c4a8af8303b6c1085d2c644bb2","ssdeep":"","tlshash":"fad097d083228d3a8e0351a3183401d3bc30c3a2163d03498344041502a2282a9fa603","first_seen":"2025-10-03T10:40:48.47346Z","last_seen":"2026-06-19T13:21:30.871546Z","times_seen":5,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/22.jpeg","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.715Z","timestamp":1781872095715,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/22.jpeg HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/jpeg\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-d20d\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kkjmeSRTDo3roOBuICh6DX6tKECVJI%2BI%2F82%2Bn2jgdEJkSj4UUUMyfjYmKHLkcX4jKJU8uTgStOluJbe9bh8LiGbV3DDuuk3Y4UNwnBu0JEch55slRSZU0HVvwQknmTLyoW08yeX2Xsth%2B0GrAvi2WA%3D%3D\"}]}\r\ncontent-length: 53773\r\ncf-ray: a0e288563bc6b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53773,"size_decoded":54900,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 975x621, components 3","md5":"ee36f67e433551ac4f18e0b0dfaf0417","sha1":"d66572bf24e9a6e43232c5fa6e5e7ebd173dab9a","sha256":"b856c9c3777fce4424c9f31abb7970ea5c84f8f84bfa873188223ba6b10ef34b","sha512":"ab3ade2c2018c8d95c1f4cd7616ac597288e698a17096c6a20e8b0cf914095495da127f22941b1d790cfd41e6f256bf00675599ef87097eed5114d78c99162b3","ssdeep":"1536:8vmX2gIeLiiURt/qe4pVo2dMlz2ZTKmQnWHHj:aw1IeiiyqXVVdDemQk","tlshash":"2e3302c04bd36627e718842a697b2f4ba7255e53277f295ce8b9c8970077081bc9e37c","first_seen":"2025-10-03T10:40:48.466689Z","last_seen":"2026-06-19T13:21:30.855028Z","times_seen":5,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/thumb.svg","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.726Z","timestamp":1781872095726,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/thumb.svg HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69ca3715-5cf\"\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OZWMA9K20CqdNmQnD26FmCe8MFlO0pPHghLI48%2FuYP8uXWB2BbLXbivIgf3vjgAw9qM3tg4g8BepdpqYMch3M0ovjGqX3dT7Z08GdJhUCg2FU1vV5WHXQTXUeO7XiHH%2Bh074JF1yBkhTM8dy5mGuAg%3D%3D\"}]}\r\nage: 107\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a0e288565bcfb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1487,"size_decoded":1937,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ae00068d671cabc9a6cd167358bbf781","sha1":"f2ec4dde4b6d50e421be85b9d401942029194b68","sha256":"4f674ff94904c254293140ca884c6b4aa095e4d00f6d6430021bb9fdef13c323","sha512":"21b194885e21c5185359d016653a4f65e46ca188078fd63c3b8af231814b7eec6a4a19b9539e6d7be5ffb39b19f6289fb4fff25d6a46b35d5c3371f5b5213e16","ssdeep":"","tlshash":"cb312ea4426c912f880ed72ae3b46086457eb07a701b4849bd4e4b14e03f5cff54a280","first_seen":"2025-10-03T10:40:48.504855Z","last_seen":"2026-06-19T13:21:30.872653Z","times_seen":5,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/places.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.455Z","timestamp":1781872096455,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:12 GMT","end":"Mon, 17 Aug 2026 08:38:11 GMT"},"fingerprint":{"sha1":"26:CA:50:BF:FC:D2:67:81:11:6B:91:A7:5F:CF:26:B4:FA:AA:AF:2E","sha256":"22:85:EE:92:AB:1F:D9:B3:48:C5:DF:FC:35:22:AF:1E:11:FE:DE:52:18:CD:E6:28:21:E6:A9:D7:5D:FA:9C:07"}}},"request":{"raw":"GET /maps-api-v3/api/js/65/5e/places.js HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"maps-api-js\"\r\nreport-to: {\"group\":\"maps-api-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/maps-api-js\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 82811\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 18 Jun 2026 09:28:29 GMT\r\nexpires: Fri, 18 Jun 2027 09:28:29 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 17 Jun 2026 08:02:44 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nage: 97187\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":436081,"size_decoded":83649,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1178)","md5":"8617225c1b7dfe7b67c9ca2a95296230","sha1":"83d147af3f7daad77d60d5a14ca373c31f98def3","sha256":"e012942abfeea6dc27503034f9cd55de7115b9c8dc87852c72996d35fc6ed5fc","sha512":"d9590cad59a9785faaefe0fc2ec18a54fa48b47d19e1abed0608db9722b5cde1094f63818756bd84fe50955d64aafb46b2db83cc9da8bb07994ad94db14f88d6","ssdeep":"6144:5LXpGT5Zb0UW99druuOgkBhXoOkyd2mDr9K2hGUmhxAfn/ZTYZ+r/fj48VbEXo/G:sSuMZzZ","tlshash":"95945c576291726666b384605a0b5201a338e40be014abec7c6cdfd15ffbf8182b777b","first_seen":"2026-06-17T17:46:14.835661Z","last_seen":"2026-06-20T14:15:11.676311Z","times_seen":243,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/common.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.459Z","timestamp":1781872096459,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:12 GMT","end":"Mon, 17 Aug 2026 08:38:11 GMT"},"fingerprint":{"sha1":"26:CA:50:BF:FC:D2:67:81:11:6B:91:A7:5F:CF:26:B4:FA:AA:AF:2E","sha256":"22:85:EE:92:AB:1F:D9:B3:48:C5:DF:FC:35:22:AF:1E:11:FE:DE:52:18:CD:E6:28:21:E6:A9:D7:5D:FA:9C:07"}}},"request":{"raw":"GET /maps-api-v3/api/js/65/5e/common.js HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"maps-api-js\"\r\nreport-to: {\"group\":\"maps-api-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/maps-api-js\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37933\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Jun 2026 17:00:40 GMT\r\nexpires: Thu, 17 Jun 2027 17:00:40 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 17 Jun 2026 08:02:44 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nage: 156456\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":127854,"size_decoded":38772,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (726)","md5":"16f7a7b3c4e0076aadd262d3e22943da","sha1":"77c934364de625845a205ccd1637a271aafb6cd2","sha256":"b7ee00ba351031a057e51349f8b7523166f76d7ec1c9573e8c917c56b7b7dd07","sha512":"62dbc9a3d5a93e00f2298b98243e0e7b9e1833b56d5f2ce498e3534cfa1d6f90fe1a863c8af2796dceda65b4e03249cdd8b4bfe6b7795d68fdfcc0ee8d0b22fe","ssdeep":"3072:jQ1gZoQYjOrTIr8k15hjqL8gG/jMeFVNKt:cCZ8jmcrVhjjgG/jMeFVNM","tlshash":"85c3c8d932937163ab70b4b540a70007b2a6f48df04d882db5f9d8f5aef085a51f9b39","first_seen":"2026-06-17T17:33:48.107018Z","last_seen":"2026-06-20T15:01:49.042853Z","times_seen":502,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/util.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.462Z","timestamp":1781872096462,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:12 GMT","end":"Mon, 17 Aug 2026 08:38:11 GMT"},"fingerprint":{"sha1":"26:CA:50:BF:FC:D2:67:81:11:6B:91:A7:5F:CF:26:B4:FA:AA:AF:2E","sha256":"22:85:EE:92:AB:1F:D9:B3:48:C5:DF:FC:35:22:AF:1E:11:FE:DE:52:18:CD:E6:28:21:E6:A9:D7:5D:FA:9C:07"}}},"request":{"raw":"GET /maps-api-v3/api/js/65/5e/util.js HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"maps-api-js\"\r\nreport-to: {\"group\":\"maps-api-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/maps-api-js\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 71652\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 18 Jun 2026 08:34:10 GMT\r\nexpires: Fri, 18 Jun 2027 08:34:10 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 17 Jun 2026 08:02:44 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nage: 100446\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":316946,"size_decoded":72491,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (523)","md5":"4b3e92a7978679a324a07c02d7302b85","sha1":"3ab3c7d7e02bc9b1819bcf30e2f977a271e41c8b","sha256":"a2198bf601b6e43b6f5ebcde16b2751eff12a30596166f900a96d3c95196368b","sha512":"2ad732cdc896455b6bc723cb16df08dae3775c18a3f876d0f8957e34784c2e945b8f2d93dfa1247fb5544e9099634332989ad2a07896c95d3f132e803b392455","ssdeep":"3072:uRf0aaw8H685PBlvJG7NJG7A8kwyuZmBF/QS3:Mf0aa9PP/ECk8kxu0BFoS3","tlshash":"f264d77c72316b0ee973c85bc627300e90257edbfad488bdeee55146da54988f0e4a34","first_seen":"2026-06-17T17:33:48.113419Z","last_seen":"2026-06-20T15:01:49.107282Z","times_seen":500,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/33.png","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.717Z","timestamp":1781872095717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/33.png HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\netag: \"69ca3715-53e5a\"\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\naccept-ranges: bytes\r\nage: 107\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9Dh761aT6GvPt6CnVOH6GxZr0yLMiPiOuORh3326mg%2BKCD3ZHOZ%2BT8VVfTZT3LPRzX%2FAdN%2FdanbU%2F%2FMEH%2FcXhJBjdumkqqvb2TGIgMVsuwIOnf8bH0hjvmL7WOEjH%2BrvANTf6YdPhDKWmRFVAgv8Ug%3D%3D\"}]}\r\ncontent-length: 343642\r\ncf-ray: a0e288563bc7b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":343642,"size_decoded":344778,"mime_type":"image/png","magic":"PNG image data, 776 x 714, 8-bit colormap, non-interlaced","md5":"509229417f39b379b7ca288790b3277f","sha1":"9f311f93c9d2c02ad364fdcb460147d631c18f31","sha256":"76a3f7a28ac1cf3f008c6af0cafd58977ff1ff439fc0dd830c9d2d0fcead8e78","sha512":"731135db6652e3c3cc544e04c260131f8408c7703d768a4fc9f62ede09a843c15a90d821898783b012b7e52814414af4d6bc331fadb738ecacc07397e3cd9e2c","ssdeep":"6144:ObhSvbbqSY0kliuEyVIN+JAWCNC1193NLUB30tGlarED4uRiB5AW6JjBBjk:OoWSYMu3WKTCNC1193NLUB30t4arPuwX","tlshash":"497423a4bdd6b1443c0e1d89f0378de9b98194ba9c855bb5bbc364438b02c51d2bb27f","first_seen":"2025-10-03T10:40:48.500956Z","last_seen":"2026-06-19T13:21:30.857613Z","times_seen":5,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/img/heart.svg","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:15.728Z","timestamp":1781872095728,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /img/heart.svg HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:15 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"69ca3715-457\"\r\npriority: u=5,i\r\nlast-modified: Mon, 30 Mar 2026 08:40:53 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 29 Jun 2026 12:26:28 GMT\r\ncache-control: max-age=864000\r\naccess-control-allow-origin: *, *\r\ncontent-security-policy: upgrade-insecure-requests\r\naccess-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Accept\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccess-control-max-age: 86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oI%2F6P7wlshYZRcg2y9t6gGAg8KcMd8JFh%2BME6UMyyJmTfI6Gzw6sNpJXRRcHQQcgLF8y3M62f0UZOG%2FgH6JKPJn3q4QiDcBKBcfnR3YuP%2FHQDBNInfHryFMEps%2FlM0FpSvjo6Dwu%2BQhCe8y7D5rAjA%3D%3D\"}]}\r\nage: 107\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\ncf-ray: a0e288565bd0b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1111,"size_decoded":1744,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"711fad6a13f9ac28a54f429a34d96040","sha1":"3f6158cb9cc7e0007fee92a77b510715b79e8b11","sha256":"e4c528d6b0642eba21f31eec1b2e0f58dde5364206c6f2a933e82ca38584dce4","sha512":"0377b3ec2c61eed65dbf3d77cd39aad474898d0b6b0191fbd1f2af354d21db78c5475e6312584b59cf9687ed2f421a551ead793c5cc8e463fb4c7019fc50d1c9","ssdeep":"","tlshash":"5621e176896e903f58179379e3b45087462e60763045195afcde1b21a13e5cbd886750","first_seen":"2025-10-03T10:40:48.478302Z","last_seen":"2026-06-19T13:21:30.854027Z","times_seen":5,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/land/params/?lang=en\u0026rand=48350\u0026location=https%3A%2F%2Flp-dialok-rs-pf.btg-goods.xyz%2F","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.270Z","timestamp":1781872096270,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /land/params/?lang=en\u0026rand=48350\u0026location=https%3A%2F%2Flp-dialok-rs-pf.btg-goods.xyz%2F HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nCookie: _allocation=https%3A%2F%2Flp-dialok-rs-pf.btg-goods.xyz%2F; _alreferer=; _alstart=1781872095; _alsystems=%7B%22app%22%3A%22Mozilla%22%2C%22app_name%22%3A%22Netscape%22%2C%22app_version%22%3A%225.0%20(X11)%22%2C%22language%22%3A%22en%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22java_enabled%22%3Afalse%2C%22cookie_enabled%22%3Atrue%2C%22browser_ver_minor%22%3A5%2C%22browser_ver_major%22%3A5%2C%22s_width%22%3A1280%2C%22s_height%22%3A1024%2C%22tz_offset%22%3A0%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:16 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nx-powered-by: PHP/7.4.33\r\nset-cookie: _alid=e76a9918-d9e7-43b9-baa4-7689b3176ea4; expires=Mon, 16-Jun-2036 12:28:16 GMT; Max-Age=315360000; path=/; SameSite=Lax\r\naccess-control-allow-origin: *, *\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dwJKFFHyyi%2F%2BdrCxfKwluRmB1d7og%2B%2FEQrsSam8kOrS%2BXKypmXCczoSzhOfQtvP6eCQsYjnxHLekCqW5Z6EL30cnKkwpING9%2BmllqngjcIdlfI5bjUuoxtCq6sUZAQ6essYs9HcpVBVeS1LvxynXBw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0e28859bbedb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":319,"size_decoded":1078,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (319), with no line terminators","md5":"5aa1180f8c507504e6bfbfb4d1d91ccb","sha1":"4a2e302903c65901bbea0714365a56a606b15abd","sha256":"2edae9cacaff484de933b3561ebe9a6630517e54c2ffbb3d71d5d9c7db5071cf","sha512":"4e415ad737509a28adc781e750cd92b027bcbbb2259eb777caa86865276f5b9bfef11d40950b543422ce905ad14df86b9b798984f24b16c703f51ff02814da5c","ssdeep":"","tlshash":"46e07d3e6c14ccaaddf44bba35b42c0f50fc5002a490811561d98e5803115b8070142e","first_seen":"2026-06-19T12:28:47.836805Z","last_seen":"2026-06-19T12:28:47.836805Z","times_seen":1,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lp-dialok-rs-pf.btg-goods.xyz/land/collect/?app=Mozilla\u0026app_name=Netscape\u0026app_version=5.0%20(X11)\u0026language=en\u0026platform=Linux%20x86_64\u0026java_enabled=false\u0026cookie_enabled=true\u0026browser_ver_minor=5\u0026browser_ver_major=5\u0026s_width=1280\u0026s_height=1024\u0026tz_offset=0\u0026_allocation=https%3A%2F%2Flp-dialok-rs-pf.btg-goods.xyz%2F\u0026_alid=e76a9918-d9e7-43b9-baa4-7689b3176ea4\u0026alunique=1\u0026_alstart=1781872095\u0026_alreferer=\u0026rand=36347","fqdn":"lp-dialok-rs-pf.btg-goods.xyz","domain":"btg-goods.xyz","tld":"xyz"},"ip":{"addr":"172.67.196.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.346Z","timestamp":1781872096346,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"btg-goods.xyz","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 11:56:01 GMT","end":"Wed, 26 Aug 2026 11:56:00 GMT"},"fingerprint":{"sha1":"7F:5F:8C:8B:80:B4:8C:EF:13:C7:10:16:74:C0:58:5D:39:27:76:BB","sha256":"06:7F:19:A1:97:81:4E:21:F6:CD:D3:AA:F1:0C:D4:0F:D6:42:46:C3:54:A0:9F:82:FB:19:47:B6:80:A2:5E:D5"}}},"request":{"raw":"GET /land/collect/?app=Mozilla\u0026app_name=Netscape\u0026app_version=5.0%20(X11)\u0026language=en\u0026platform=Linux%20x86_64\u0026java_enabled=false\u0026cookie_enabled=true\u0026browser_ver_minor=5\u0026browser_ver_major=5\u0026s_width=1280\u0026s_height=1024\u0026tz_offset=0\u0026_allocation=https%3A%2F%2Flp-dialok-rs-pf.btg-goods.xyz%2F\u0026_alid=e76a9918-d9e7-43b9-baa4-7689b3176ea4\u0026alunique=1\u0026_alstart=1781872095\u0026_alreferer=\u0026rand=36347 HTTP/1.1\r\nHost: lp-dialok-rs-pf.btg-goods.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nCookie: _allocation=https%3A%2F%2Flp-dialok-rs-pf.btg-goods.xyz%2F; _alreferer=; _alstart=1781872095; _alsystems=%7B%22app%22%3A%22Mozilla%22%2C%22app_name%22%3A%22Netscape%22%2C%22app_version%22%3A%225.0%20(X11)%22%2C%22language%22%3A%22en%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22java_enabled%22%3Afalse%2C%22cookie_enabled%22%3Atrue%2C%22browser_ver_minor%22%3A5%2C%22browser_ver_major%22%3A5%2C%22s_width%22%3A1280%2C%22s_height%22%3A1024%2C%22tz_offset%22%3A0%7D; _alid=e76a9918-d9e7-43b9-baa4-7689b3176ea4; alunique=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 19 Jun 2026 12:28:16 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=5,i\r\nx-powered-by: PHP/7.4.33\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rMvo65e2Drq5ZJYRiskxwrQvvv3o%2FzlIeRbrckBda8x8%2FCSNEj4oC4btPG5dpltV3EEGkoXzCLHhSc%2FTC3xaKuIbuW5ctpN0OJ4GdEXwIHJ0jr0UE4SzbirH0T1vUVAfKGsH1WIuSB9HwE5IYx8y3w%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0e2885a2bfab4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":699,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T14:29:46.518139Z","times_seen":16581785,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-19","alert":"Sinkholed","trigger":"lp-dialok-rs-pf.btg-goods.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/controls.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.451Z","timestamp":1781872096451,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:12 GMT","end":"Mon, 17 Aug 2026 08:38:11 GMT"},"fingerprint":{"sha1":"26:CA:50:BF:FC:D2:67:81:11:6B:91:A7:5F:CF:26:B4:FA:AA:AF:2E","sha256":"22:85:EE:92:AB:1F:D9:B3:48:C5:DF:FC:35:22:AF:1E:11:FE:DE:52:18:CD:E6:28:21:E6:A9:D7:5D:FA:9C:07"}}},"request":{"raw":"GET /maps-api-v3/api/js/65/5e/controls.js HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"maps-api-js\"\r\nreport-to: {\"group\":\"maps-api-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/maps-api-js\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26451\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Jun 2026 17:00:49 GMT\r\nexpires: Thu, 17 Jun 2027 17:00:49 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 17 Jun 2026 08:02:44 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nage: 156447\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":102268,"size_decoded":27290,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1783)","md5":"bd5d9005e163d9687668d2de6ed64b86","sha1":"06f2d0835c52066638d0c4601ecb82447675ca92","sha256":"d0b23d2d6328ad8087fad3f7037f97eada31e9dc7f019a1bb7d3fb3c22b6b6f8","sha512":"b1924b37ba359fd92cc82e4cf23df254743137b99ba4dd93293e2299c4935d2afbe5c484f4e34868b1299150f56c329469b3316159ddd81cd8a0bfdf98fcb22d","ssdeep":"3072:ISDus9Out9gBohWC1W8u8dy6gI94lNuVzrM7+LDxIHRntqfvpALNQ9DFBsBy+f2s:ISimaBohWC1W8uYy6nqlsM7+LD+XKZMn","tlshash":"53a3d774322b2237c9f5c499a16b46067064e25ce201466e3ebdddf666eccdb21fa730","first_seen":"2026-06-17T17:46:14.85455Z","last_seen":"2026-06-20T14:58:14.145181Z","times_seen":289,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/main.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.465Z","timestamp":1781872096465,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:12 GMT","end":"Mon, 17 Aug 2026 08:38:11 GMT"},"fingerprint":{"sha1":"26:CA:50:BF:FC:D2:67:81:11:6B:91:A7:5F:CF:26:B4:FA:AA:AF:2E","sha256":"22:85:EE:92:AB:1F:D9:B3:48:C5:DF:FC:35:22:AF:1E:11:FE:DE:52:18:CD:E6:28:21:E6:A9:D7:5D:FA:9C:07"}}},"request":{"raw":"GET /maps-api-v3/api/js/65/5e/main.js HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"maps-api-js\"\r\nreport-to: {\"group\":\"maps-api-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/maps-api-js\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 84337\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Jun 2026 17:00:44 GMT\r\nexpires: Thu, 17 Jun 2027 17:00:44 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 17 Jun 2026 08:02:44 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nage: 156452\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":297843,"size_decoded":85176,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (531)","md5":"bc7c3010f2c2ef483760137907ff7af6","sha1":"0afdeb72f43e18777200613491b4b20ec3829f46","sha256":"557dd4cf7f0948bed69a1d73cdeeec99b09c1f60d8945b8aa955a6d3676b1b48","sha512":"ad1e7244f50bcb16dabe3cdfccc9cb43a7426970a8ec8c1b0e519b2a9778cdaa16579c30c20823776db76358bfc755f3b221089c4a786f21d709265f38326d7a","ssdeep":"3072:6wtVcLoEDZk9lu8bHEn1HznbfbICro2HM3R2FoUV3BQO1/i6:6wY+9luYHw1HzDzro2HMB2Fn3H1q6","tlshash":"72543d9873a2756787b2e4e0502b0007f17ea45ef00c89acb69cd9f2aef594546b7f34","first_seen":"2026-06-17T17:46:14.87044Z","last_seen":"2026-06-20T15:01:48.97422Z","times_seen":275,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps-api-v3/api/js/65/5e/places_impl.js","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.239.32.223","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lp-dialok-rs-pf.btg-goods.xyz/","date":"2026-06-19T12:28:16.456Z","timestamp":1781872096456,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:12 GMT","end":"Mon, 17 Aug 2026 08:38:11 GMT"},"fingerprint":{"sha1":"26:CA:50:BF:FC:D2:67:81:11:6B:91:A7:5F:CF:26:B4:FA:AA:AF:2E","sha256":"22:85:EE:92:AB:1F:D9:B3:48:C5:DF:FC:35:22:AF:1E:11:FE:DE:52:18:CD:E6:28:21:E6:A9:D7:5D:FA:9C:07"}}},"request":{"raw":"GET /maps-api-v3/api/js/65/5e/places_impl.js HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://lp-dialok-rs-pf.btg-goods.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"maps-api-js\"\r\nreport-to: {\"group\":\"maps-api-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/maps-api-js\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 3290\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Jun 2026 17:00:49 GMT\r\nexpires: Thu, 17 Jun 2027 17:00:49 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 17 Jun 2026 08:02:44 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nage: 156447\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":11231,"size_decoded":4128,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (5049)","md5":"1da7e4a65085857d878af1e65e117761","sha1":"d165fb4c476e53500ca017b11c55781ec397bab9","sha256":"a826de6cf3ebfbdf18e7f17cd78df222b33efdd2507bba6e3b6dd891b80272c6","sha512":"9bb1f95ecb9a931b3e94dcfb90a29c4ccf6dfba1ddfbe30497c76fac14d9e02336fda333beae2be0c8f819f447701dc795b58391006e104d319852ea7b1d2d77","ssdeep":"192:pJFbyPO5DZuYbVsHTVsJGoWa1jtTAYBjwntn8Qbmq/46Cb6SRMNlOWy4dscz92Ms:fFbyPKDMYbVsHTVsJlWa1jtTAYBjwntY","tlshash":"2f32b69670e7b0aa8b36b841d86302cbb77d95c1f05e8e786c694460bdf0d9b41f57b0","first_seen":"2026-06-17T17:46:14.886915Z","last_seen":"2026-06-20T14:15:11.61133Z","times_seen":244,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}