{"report_id":"df50abc3-8545-4f16-8913-67793f97aac2","version":6,"status":"done","tags":[],"date":"2023-11-22T03:13:45Z","url":{"schema":"http","addr":"ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"final":{"url":{"schema":"https","addr":"ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce#","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"title":"Walmart"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T12:02:33Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ziaont.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2023-02-13","domain_rank":0,"first_seen":"2023-02-13 07:35:21","last_seen":"2023-11-18 17:22:34","alert_count":17,"request_count":17,"received_data":382763,"sent_data":12553,"comment":"","tags":null,"fingerprints":null},{"fqdn":"my.rtmark.net","ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2014-10-29","domain_rank":9054,"first_seen":"2015-02-04 10:54:57","last_seen":"2023-11-21 05:11:06","alert_count":0,"request_count":2,"received_data":1906,"sent_data":1452,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pentlyconger.com","ip":{"addr":"18.192.249.87","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2021-08-12","domain_rank":0,"first_seen":"2021-08-13 10:08:22","last_seen":"2023-11-20 00:09:58","alert_count":0,"request_count":1,"received_data":3957,"sent_data":897,"comment":"","tags":null,"fingerprints":null},{"fqdn":"redrotou.net","ip":{"addr":"139.45.197.251","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2021-03-12","domain_rank":145989,"first_seen":"2021-03-16 06:03:50","last_seen":"2023-11-19 18:58:24","alert_count":0,"request_count":2,"received_data":27710,"sent_data":986,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn-adef.akamaized.net","ip":{"addr":"23.36.76.96","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2014-03-18","domain_rank":125719,"first_seen":"2018-02-06 08:56:01","last_seen":"2023-11-21 16:23:07","alert_count":0,"request_count":1,"received_data":4585,"sent_data":433,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.stfilecamp.com","ip":{"addr":"172.64.154.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2021-09-06","domain_rank":400667,"first_seen":"2021-09-06 17:32:03","last_seen":"2023-11-19 12:15:32","alert_count":0,"request_count":1,"received_data":32656,"sent_data":401,"comment":"","tags":null,"fingerprints":null},{"fqdn":"stormtrk.com","ip":{"addr":"172.67.69.203","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2019-05-15","domain_rank":289095,"first_seen":"2019-05-17 20:09:53","last_seen":"2023-11-20 00:09:58","alert_count":0,"request_count":1,"received_data":1352,"sent_data":894,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.stfilecamp.com/fp.min.js","fqdn":"cdn.stfilecamp.com","domain":"stfilecamp.com","tld":"com"},"ip":{"addr":"172.64.154.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"198f2f5b0a649f41fe890c59d37319aa","sha1":"f24629687612889bb59f610df3879afcd766fb80","sha256":"d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912","sha512":"6c5056fb195cbc82e74679afd35884baaf2becf479e48cf76aeadfe929f69dffc6fa79bb5c82206e77b04e1e31169d0ac6ed1d2ab8dc98fe6fa60425ab0969a3","ssdeep":"384:AC3/RztfLOCbXM6Mi9vKEdQMu9S8ANdRk1K0KkLWI6tHlXfPSBGCRNnRumuOG667:33LLF5ZwSd+JqtHlPqBF/266yEp","tlshash":"5ee20ae971c7701d43b3a4ba107f700aba3b79956c4d4801d622c8857ca8b8e517bfbe","size":31705,"data":"","first_seen":"2023-04-06T21:01:52Z","last_seen":"2026-02-09T19:41:43.16301Z","times_seen":577,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/stormtrk.js","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":false,"md5":"469e121bb4c4fe159bbca2b4f5a88267","sha1":"f0c66f226de28b324e4f1ecb766597938f984c60","sha256":"4706b6d6c3e39cf2915a772595f2cc124e96d0919538b56aa817113e6482c416","sha512":"1b57bc07ec33f4e692725e6b3efdb4c8b785ed7ab305494b519f56435e53940e008b88de4f7e084c8b49a46a506aff196143f43850feac16e7560e420a10e163","ssdeep":"192:Cay7VFXtX+CedV8+Tt3qKhlt9ktZqLftZrEwE691IqkdEoIM2xowk0GxnVYCLmF0:CVtXQy+T4KhlvkUfHRdoGzEYC9","tlshash":"ebd1ff5e7944ac7205437e76aebb46c860333208147190187fadb372579eb9cd963bec","size":6502,"data":"","first_seen":"2023-03-07T01:03:44Z","last_seen":"2026-01-10T18:18:49.247546Z","times_seen":441,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"0e776c4bb6876cab5eb208559031f96b","sha1":"a8211d0554b83df54549f201bc80235ceae48a72","sha256":"a27b1c6ef0f71411dc8bc4c63bc43c2340b67dabdd34930c161279a29653609d","sha512":"a97e3017dcf4d67238050cb0ca753868d4070877782f37cba45640177916517afe957639a926820a36b3c5e2e80e59cf6eca00b933ea97c2244d02a6160d7e70","ssdeep":"","tlshash":"baf0277b59f721388042a532277f248014b3102b9080cccd7dedc6088f288a7648baf0","size":496,"data":"","first_seen":"2023-08-18T05:42:15Z","last_seen":"2024-08-21T08:28:56.105273Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"cc8b574af920ace3d58d9114f4e6ab6c","sha1":"bae263945e9961d815f4c5bbef052c29dcc51dcf","sha256":"c85f159ca98233d658799d0a88c5fccea12e11424b144d598b7ae3e81971ce55","sha512":"fe637a5d9193bcc3973ae0544b8007fb44d0ba44136a00d7df748fc1a3d9b6e41ebc2e40f82c9a61d575455f0cc68eefa11196510e09ec8fcbfabb9b5f0e47f2","ssdeep":"","tlshash":"afa01128ef8a80cb2c283220233eb00002c822028f0ecc02a80bb3820a20000a0a82ea","size":83,"data":"","first_seen":"2023-04-07T17:20:59Z","last_seen":"2024-08-21T09:30:25.009986Z","times_seen":194,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"88f1478c977eac6c59d28d1c7ddd80df","sha1":"647aefa687a36f49bb7d25375da25718445dd31f","sha256":"14c9a3ed05798d5a423b51ccb9b1e568a62e4b268e721a41c129de8b5df51ccd","sha512":"a0f5e775337ef094066a8ed36d9e6354644d0947c5b16580410a63ec2f0d23df48a4fb6ffe0667d9e587d412babcecb3388f51ccbca388059c7799a1d14cd6a0","ssdeep":"","tlshash":"6e31b79cf029a9a314bb215a57bf174c517311a77898c0a5e51468e039685de058fff8","size":1576,"data":"","first_seen":"2023-03-07T01:40:21Z","last_seen":"2025-10-14T16:37:50.991671Z","times_seen":845,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/p.js?f=sync\u0026lr=1\u0026partner=f82bb87b192f1720f3978127fce2dd46efd05fd461c0c45aa6d2fb32ef60a990","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c31f3c3993d15451b1cbf592344e69d","sha1":"202eaf67a1b877dbaa3fdf17edd6b520aa9254e0","sha256":"76f40efce542cf27486eb36faf5787e5769246644ed03c8c6bc446a21e7ad18e","sha512":"2381593d1e295fc9ae186c9e61f573c6628abe564cd14f5b7997cb6f190240dce445171055dd67ae22a3c5f3c96dfc8e2fed5de297325c4740209680ce92dd56","ssdeep":"","tlshash":"1f016d7e26a6117918a67f84263b7b0530371da9686324118d88b814925db4fe60aded","size":697,"data":"","first_seen":"2023-03-26T14:20:01Z","last_seen":"2024-08-21T09:30:24.988658Z","times_seen":194,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"redrotou.net/pfe/current/micro.tag.min.js?z=6206858\u0026sw=/sw-check-permissions-f1d69.js","fqdn":"redrotou.net","domain":"redrotou.net","tld":"net"},"ip":{"addr":"139.45.197.251","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ccd2d5882a06f293d07510ac91c92e6","sha1":"b44dc0eaa03981adb70d3313e728f9359c1d21c1","sha256":"9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba","sha512":"fddc1b3dbd07ff0fc03156101d5db8b8f3dd5f61c44e1a6c48ba6c50132dbfd32f9dda05f4aaab1bf2791de55a019f5f991a93282ad6cac1f89de5f5b7d8c535","ssdeep":"768:EbCTuXSpS9v04L37efBm+Zv2bN3H1CXQR0wZWbIJh1UMmvjCeZskk4Nci0:nML37efBbvkZDaOocJ","tlshash":"71c2b7b6f86db86423e12cc7543f1148657ad5a9fa6a74f0d1096ab2347200bb2f3fd4","size":27007,"data":"","first_seen":"2023-11-02T09:44:53Z","last_seen":"2024-08-20T21:23:50.961937Z","times_seen":8998,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/jquery.min.js","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":false,"md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-05-13T12:33:53.848442Z","times_seen":128442,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/main.js","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":false,"md5":"03d61bebb9362e3571c134d17e88261e","sha1":"c966e468ebbc5ac203bb35ea7b3a5cc586768b37","sha256":"d25d6be4101c96b081881ae7f929b86cfc535abfadfdd3f62ebd71c17f76afdd","sha512":"0978319551add7b51eddc67f61a61faa88fd7f33667deedb70ae09998d063b0e7f60254f740a209e6ed18c477e07a0610fdd957707513aa66d71a2644ea946f1","ssdeep":"","tlshash":"ad6169a635355eb4455b9fb723becac02e29301990234048bd3d79cb872ce64f1d9ade","size":3065,"data":"","first_seen":"2023-03-07T01:40:21Z","last_seen":"2026-01-10T18:18:49.256424Z","times_seen":874,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/second_back.js","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":false,"md5":"8dcc9f5ed8ffe107323085e2952946e3","sha1":"60a762e6c3f93a4176dba2a336ef4d8c8c8aa9ea","sha256":"aa30848f0b1633b7fbb5d7a3cf3b75a9f897fc310b3bfca1bbe89d98f2a06328","sha512":"d0ea939a61cbf8d922343642e2e1e8e04b3c3614c2ea60784dbe36a398b70fa07e496bcb089843f0c3158d061f4fadf3d518c128e55d44b31072ca6ab86cef84","ssdeep":"","tlshash":"4541ae5b6040817b1a662647cfae708531b370cdd35ae941bb0ebb96df98316434a3dd","size":2231,"data":"","first_seen":"2023-03-07T01:40:21Z","last_seen":"2026-01-10T18:18:49.259245Z","times_seen":441,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d20e8d57e86019fbf43e12ef1ea13624","sha1":"7a9dbef6dbf25aa57bcc90fb40fc889536860282","sha256":"323b9833a7256fef9f7acc60b22f3248013057e3f94e66efbda0530de3637592","sha512":"dcd3e1c7e00cb1827ba59816016d14871bf4f8fce8502a1768c1fb8a2386eda114bc280c4daa01d8141ade8dc146b4c4f14377d9b4f845734de5a4a5f76b6010","ssdeep":"","tlshash":"83f0ab0b106952a4656bb92e876f28187c33018f3504e044b84c9e604f1030aa3ce3cc","size":489,"data":"","first_seen":"2023-04-07T17:20:59Z","last_seen":"2024-08-21T09:36:33.161053Z","times_seen":330,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pentlyconger.com/d/.js?lpref=\u0026lpurl=https%3A%2F%2Fziaont.com%2Fz%2F%3Fcep%3D2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm%26lptoken%3D175600616246453c80ce%23\u0026lpt=Walmart\u0026vtm=1700622809796","fqdn":"pentlyconger.com","domain":"pentlyconger.com","tld":"com"},"ip":{"addr":"18.192.249.87","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"206250f57237d913daee862ed8a97e97","sha1":"d441c1ec36cafc5314181642a994848c70a7411d","sha256":"ba52cd294a75f9aec6d68aad62cabf9af096fd3bd2829dc4af80b65a133c805c","sha512":"f0ca020d5bde3175e8513bc49a51b55377ff6ea6169715d2b5e3a4aa52bd92680706fc3c1535627b2a603bdaf01335a8ebd4276ea9f771e3d1d893ea31cca931","ssdeep":"","tlshash":"2371c4a96c1b80f6c2d721614c6f242de0f74617ae0adc1fd42d7a503e3da6e08d6b6c","size":3644,"data":"","first_seen":"2023-11-22T04:13:45Z","last_seen":"2023-11-22T04:13:45Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ziaont.com/z/index_files/11.png","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.647Z","timestamp":1700622809647,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/11.png HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 19608\r\nlast-modified: Wed, 02 Nov 2022 07:26:35 GMT\r\netag: \"63621bab-4c98\"\r\nexpires: Fri, 08 Dec 2023 04:07:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 1206383\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=%2F1t6ntVyL1kP%2BFvCiQ%2BFoQ52cTneGIuGlKBRhkk45RhPDFcYGfmnZ14ZxP%2BLl5jj2anHPkPOgFrEAxh9%2FvINFgQkCTd59%2BJG5pyUHgDOqkfnrruhEJKIO%2Ft%2Fqoxt\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff22dbc656bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19608,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 531 x 531, 8-bit/color RGBA, non-interlaced\\012- data","md5":"1c7e1037a62b15dc080894acb7955aa7","sha1":"4400836d965f60e0dc7f093ce50b2c869f0f5ab7","sha256":"c379ce20c3e8081a24ee7f71d94ad73d88d2d2db94c99b1d33effd4d6849f31a","sha512":"00c7cda7f2df6bcf1a4e2e84d3cf279194261c08af3ad8cdeea2388ae761951a08e61cc1d06e95b5978a1ad1becb726e9d21f349d2542b78b7ee700d3caadb2f","ssdeep":"384:HFrV9B4F4Lx2kPlW4b8h961zFN7BbwJSr1uunWoH0Wx7t44Vw:lxXw4LxNPlW4w96pb7BbgW1XnDUG+n","tlshash":"5a927ccbcea8350f4a4646d893a37de2f2f265a730214f5f1f8459328c5b0a4f631e19","first_seen":"2023-05-09T20:51:18Z","last_seen":"2026-05-07T22:50:37.229988Z","times_seen":951,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/prizewheel-amazon_2.png?1","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.649Z","timestamp":1700622809649,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/prizewheel-amazon_2.png?1 HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 104023\r\nlast-modified: Thu, 18 May 2023 09:46:44 GMT\r\netag: \"6465f404-19657\"\r\nexpires: Fri, 08 Dec 2023 04:07:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 1206383\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=irx6ho99Nrup%2FXyiB1Q7KJ6vgqNXM39TjhbyEDupDXk13JdeybcXVL5WfXQQ52jgXRm8amxwBzNdXxTn5LdPqa%2FXSwjd7mzzr5Ft57nkScYxJwsEUaAqrZ1NT9Xa\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff22dbc956bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":104023,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 502 x 502, 8-bit/color RGBA, non-interlaced\\012- data","md5":"fa45d2b35f605ccfb363df33d6054844","sha1":"9b0ad37d32a3f44231b91b64eafe2b7729fefda7","sha256":"b1a5ac0fdc54446907a81b4f9736919a78b6c667ebd191e4aff8b19d54790f97","sha512":"fc56d487ee3cb2b9610d40efccdec917fd74bd8c498e3c7256fc74249cfcfbfa9271661e552b4124dcecb32a8b13df6e18d7d6b28ec609d2946498069078dec0","ssdeep":"1536:qccpyKCMiqSPNwpuAcouEXoncIllotUZbZwBNYfd23jgOyxxHFehbRE7M4laLVpQ:Lc8zldPysgYNl2f8FzHFsby7EuR4G","tlshash":"78a312e4adc99c611bc8ab08aaa3934427fa0cb36755bd56147d3188163380fe3b96d7","first_seen":"2023-05-18T18:55:14Z","last_seen":"2024-08-21T09:30:24.99572Z","times_seen":194,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/walmart_1.png?1","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.655Z","timestamp":1700622809655,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/walmart_1.png?1 HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 160485\r\nlast-modified: Thu, 18 May 2023 09:46:45 GMT\r\netag: \"6465f405-272e5\"\r\nexpires: Sat, 02 Dec 2023 20:38:55 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 1665272\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=X3yrMKDafvVQsLV3DFe25qitmnXrrH7LBaOxZEOA9T3DsalIKIXM282ALQdFA8DYFImSyIkJqMkkZ4QXVGMh0B3TWNEjvzV45mgtL6ARLziayKIX%2FVp1rhfshDCd\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff22dbcb56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":160485,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 533 x 363, 8-bit/color RGBA, non-interlaced\\012- data","md5":"3b52cfca4d8020080c18b651bbaf9c13","sha1":"2d374c4010ecb38aa47ccf30ee03107155d4e647","sha256":"6fce4e32f529207683d525dfff676242b72003ca36ff2cfbcaa90de895b8f4be","sha512":"2afcdafcc19b070c4f051412aa963f5f9a11a0c918d50e5201c0c101db2781e1c774ba39f39cd00c14cbaa4c3dffb297cca96cf9c858a464a001198238df07ae","ssdeep":"3072:/3ZE5mvT5eu2juWZHkXD3XzH++JPC8vDNPrnpa+2SrIV2BCM:/3ZE5m1vyuW66+JPTDNPrn0+/DB","tlshash":"17f322459d830acd4eee521dbc91ff9c8db8c68cb02c65f61f7908876b923c46460a6d","first_seen":"2023-05-18T18:55:14Z","last_seen":"2024-08-21T09:30:24.995189Z","times_seen":194,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/like.png","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.808Z","timestamp":1700622809808,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/like.png HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/index_files/style.css?2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 220\r\nlast-modified: Wed, 02 Nov 2022 07:26:41 GMT\r\netag: \"63621bb1-dc\"\r\nexpires: Sat, 25 Nov 2023 02:27:57 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2335530\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=gegWIfXoeCx8zMYVS8rLtNb6mjVN0rPLWfsoQuMsmDvA7gzTjGQKSuh3HyZ9KgSBePYt8bYcooucNbfP9kEeM2yGg%2B5gF8%2F8CvnK3yGKzWsqG2IDMWW2iyg8%2Bsre\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff23ec3056bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":220,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 13 x 12, 8-bit colormap, non-interlaced\\012- data","md5":"e4c6e8dcd575bd5f346565ce8dbacfe7","sha1":"29e5d4862f0470607f803d462bddf5f14cf57969","sha256":"9e79a749ac5f41341fdff11f64845580207490915f72b09ec320e0db0fea224a","sha512":"3dc78ec5fbb08630aa12c3b9ac946e22da6bba5e57067847aa642caae65cea2eda22fe0d012e50e30bc189ab8486e6a84dc7584216853a0f8f757fa551f62937","ssdeep":"","tlshash":"d9d0a75392325db8915a117b6a484070be241a36dc2597454401d5ec52e710555876cd","first_seen":"2023-05-09T20:51:18Z","last_seen":"2026-05-10T19:09:51.976084Z","times_seen":977,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/2.jpg","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.812Z","timestamp":1700622809812,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/2.jpg HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/index_files/style.css?2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3694\r\nlast-modified: Wed, 02 Nov 2022 07:26:36 GMT\r\netag: \"63621bac-e6e\"\r\nexpires: Fri, 08 Dec 2023 15:01:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 1167103\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=GR%2BGULlX4RT8Lk6g8%2Bm1%2ByGEaOrQqrq5wqUGL44YQe1Jb5lqwtxNHKN3WpYYKwpP7Uoxt64D6swqZUi%2F1tYhxDbrqi%2FpvXKCiM%2FpP0mON5L0wOsjqRWxDNu0NK7a\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff23ec3356bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3694,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\\012- data","md5":"02eebe83bc6786ef27b852477d4c4998","sha1":"205314ba911137b6f6be4eefd946a2c62229e591","sha256":"a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c","sha512":"6a6802fba0db3862fb96e07542ca098c5240b06f262dd5d7cb786bfb6b2b3152e4fe3ccda3c4fdf4b099fce632b3d316745a770958c5da962a83193849e3aa34","ssdeep":"","tlshash":"c6710609b35053d1c913cf73883ba107f38e35a1b0e1681dda7001fae2006ed6286e88","first_seen":"2023-05-02T12:24:07Z","last_seen":"2026-05-07T22:50:37.235703Z","times_seen":1090,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/3.jpg","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.814Z","timestamp":1700622809814,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/3.jpg HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/index_files/style.css?2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1063\r\nlast-modified: Wed, 02 Nov 2022 07:26:37 GMT\r\netag: \"63621bad-427\"\r\nexpires: Mon, 27 Nov 2023 10:50:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2132559\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=vyNpCXN9eWx1DPb07W86W%2BTI1vckgIf5QQH27ChewjfNI4uEVVO7VsVR6A1kJReK7QxJWVON0BB3xl%2Btgb4FGw%2F4UNhur04TgbuHeoWLi2DpJDzbXbEN%2FHSynLxq\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff23ec3656bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1063,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\\012- data","md5":"72ab252d8ff828965ad984b8ab16991f","sha1":"e45ea3665e80feb2e6309b04e1ec2e8d41bb279b","sha256":"c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291","sha512":"f01186ef65ad73a653c6c9b349d3766a509c1ef5779d3d7d8a1cd80c326327823b55108c4842ba7b70673e22c831edde83b509c336c49d925faebe4ebdd0ef94","ssdeep":"","tlshash":"8511d8278b4a4910fc03577e303d581523a2ac952551b74a26412a8b08c9ad9d6461d0","first_seen":"2023-05-02T12:24:07Z","last_seen":"2026-05-07T22:50:37.231396Z","times_seen":1088,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/1.jpg","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.810Z","timestamp":1700622809810,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/1.jpg HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/index_files/style.css?2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3900\r\nlast-modified: Wed, 02 Nov 2022 07:26:33 GMT\r\netag: \"63621ba9-f3c\"\r\nexpires: Sat, 25 Nov 2023 23:53:04 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2258423\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=OgtiAiPRYS6yfGm%2FAi34Dp%2FapSF1bRf8hXFCB6vaNkIcncoyv0vk%2Bf93jvpf7F%2BXHbyq7nFJpnYzq2YpNkt%2FlivSHczc2O%2B3s93lD6IzH2EMvlQy1QWb%2BbEOYRfV\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff23ec3256bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3900,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x52, components 3\\012- data","md5":"72c067fe856886245e7c47c7ff84e041","sha1":"5210cb05f897db334c61f8971ccec9a7396ea8a7","sha256":"9a106ad9f340c7bafdd365ea1ad24b9336c304b1e72653eb58e84b5604471030","sha512":"003266883bb77fdf2be414aa0053417493eade27236ae37af05cd2c765b9be8b81dcfcc54fc8b170ef7c47bd3e918ccad183e290684f34b8f1c74ba36d2b775c","ssdeep":"","tlshash":"a3810a5e3b055281cccef5b78a6212abd72acb45bf17e60f1d3651765c10cd42a8ba1c","first_seen":"2023-05-02T12:24:07Z","last_seen":"2026-05-07T22:50:37.234142Z","times_seen":1086,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/style.css?2","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.638Z","timestamp":1700622809638,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/style.css?2 HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Nov 2022 07:26:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63621bb9-96b1\"\r\nexpires: Wed, 22 Nov 2023 05:49:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 33848\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=6i%2Fvd3hyWDmVhaFfb7DsLE29OBAlms1wAeSZs2pBvUUVL1VWhBEur3VmCdtNuBVBqjRw2mHHC0%2BReZWzq1d8lWiMvPJvmFvJfiw4t3XbYPrCtzK31Vm0YUbkDRBn\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 829dff22dbc156bf-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8365,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"cffc01d3f82e5e03e1bddc9a1405fba6","sha1":"a92cd1941ba14c0c692aaa73c354bb4625833a37","sha256":"9d3df57abc060dd08f728b371ecdf0269234e282bf04dfacd921be6e48da7dd2","sha512":"d49caab6e3bb54c96a03f823890595281df857a0b7354581c3cdf036f8d7aa625ce7f5d651fe434135739a1e50d075f77223cc2f085f4d8f1d7f7a9ee882f26e","ssdeep":"768:k6uVrZI4FDk/F0RvFzFhxgx/xgxAFGFe1fdfSumusfBfU:aVO4WWluIE1fdfgfBfU","tlshash":"4303a1aa3dd11144b3278a1853df5e78273ca153181aedbe73d2189ecf86fa852d6307","first_seen":"2023-04-07T17:20:59Z","last_seen":"2026-01-10T18:18:49.253348Z","times_seen":740,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/jquery.min.js","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.640Z","timestamp":1700622809640,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/jquery.min.js HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Nov 2022 07:26:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63621bb0-15851\"\r\nexpires: Wed, 22 Nov 2023 05:49:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 33847\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=I4Buev92XZsU6ylDHFffU7%2BNyVGm3FRiJNxKjyMcyc4SsfVy%2FPPYaeT8va3o2BDp8Lx0VL5lQFjRHjNsypKHsDbi6bIs9S9Ac9koRF1%2FL9SjWBotpOGGym2PagLg\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 829dff22dbc256bf-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32749,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65451)","md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-05-13T12:33:53.848442Z","times_seen":128442,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/p.js?f=sync\u0026lr=1\u0026partner=f82bb87b192f1720f3978127fce2dd46efd05fd461c0c45aa6d2fb32ef60a990","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.658Z","timestamp":1700622809658,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rtmark.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Oct 2023 15:22:00 GMT","end":"Fri, 05 Jan 2024 15:21:59 GMT"},"fingerprint":{"sha1":"E8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42","sha256":"9B:0A:A1:20:ED:D2:5A:E5:AA:B9:4B:71:5D:B6:0E:BD:BA:E1:E7:51:62:8C:94:5B:6F:AD:21:A7:4C:E8:2D:F5"}}},"request":{"raw":"GET /p.js?f=sync\u0026lr=1\u0026partner=f82bb87b192f1720f3978127fce2dd46efd05fd461c0c45aa6d2fb32ef60a990 HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 697\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":697,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"4c31f3c3993d15451b1cbf592344e69d","sha1":"202eaf67a1b877dbaa3fdf17edd6b520aa9254e0","sha256":"76f40efce542cf27486eb36faf5787e5769246644ed03c8c6bc446a21e7ad18e","sha512":"2381593d1e295fc9ae186c9e61f573c6628abe564cd14f5b7997cb6f190240dce445171055dd67ae22a3c5f3c96dfc8e2fed5de297325c4740209680ce92dd56","ssdeep":"","tlshash":"1f016d7e26a6117918a67f84263b7b0530371da9686324118d88b814925db4fe60aded","first_seen":"2023-03-26T14:20:01Z","last_seen":"2024-08-21T09:30:24.988658Z","times_seen":194,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":136,"dns":1,"connect":33,"send":0,"wait":37,"receive":0,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/spin-button.png","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.654Z","timestamp":1700622809654,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/spin-button.png HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 5586\r\nlast-modified: Wed, 02 Nov 2022 07:26:46 GMT\r\netag: \"63621bb6-15d2\"\r\nexpires: Fri, 22 Dec 2023 03:13:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=2Fm8OrR77GT%2FlSrQXd2xG5FsdoV5X33P68i8FfdoQK7yK2XByOZ5Jp0vW7bo%2FGXS7XncvKvDhyvgAjcxfoY%2FPaVT568bAFqsYlHhYEkynO1I6RY7a48bc6ONvGQC\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff22dbca56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 276 x 301, 8-bit colormap, non-interlaced\\012- data","md5":"66271b99acf174bf87d903ffac88c5f5","sha1":"69e67eb0440ff320c8603071207b43a95e90c2bb","sha256":"a2f084594e048fe1bf77c215f4c9447bb355584eb749dc8a5841a0c250ca9172","sha512":"397c6e4c1f556df28da7323d66a331fe20313e52f9df7b59dbae20c0865fe672a90a82d2a534a87d0155223289dcc60869d5f702345893bcf48a5bd8de3c4462","ssdeep":"96:/+VRV8sIEglFtIpFg0WjSS0x812GWDmJMmJlWtZgiEJauio00:/+V4sI1eFgpjv0i2psMJ7EJaJ0","tlshash":"54b17e652228d09b34125d19e96929f64c010e193e21cfbb197ef3f38af3f197251f96","first_seen":"2023-05-09T20:51:18Z","last_seen":"2026-05-07T22:50:37.239629Z","times_seen":923,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pentlyconger.com/d/.js?lpref=\u0026lpurl=https%3A%2F%2Fziaont.com%2Fz%2F%3Fcep%3D2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm%26lptoken%3D175600616246453c80ce%23\u0026lpt=Walmart\u0026vtm=1700622809796","fqdn":"pentlyconger.com","domain":"pentlyconger.com","tld":"com"},"ip":{"addr":"18.192.249.87","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.952Z","timestamp":1700622809952,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pentlyconger.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 Sep 2023 06:49:01 GMT","end":"Mon, 25 Dec 2023 06:49:00 GMT"},"fingerprint":{"sha1":"08:30:41:92:4E:E7:EE:E4:74:42:FF:FB:50:89:83:6C:E2:B5:AF:BB","sha256":"F8:59:B7:45:BC:4C:9C:E3:A6:D2:A8:33:54:62:F9:B7:37:5E:99:48:F2:0A:D4:7D:6A:B2:4F:1E:CC:39:BA:1F"}}},"request":{"raw":"GET /d/.js?lpref=\u0026lpurl=https%3A%2F%2Fziaont.com%2Fz%2F%3Fcep%3D2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm%26lptoken%3D175600616246453c80ce%23\u0026lpt=Walmart\u0026vtm=1700622809796 HTTP/1.1\r\nHost: pentlyconger.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: application/javascript;charset=UTF-8\r\ncontent-length: 3644\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, pre-check=0, post-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3644,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (1616)","md5":"206250f57237d913daee862ed8a97e97","sha1":"d441c1ec36cafc5314181642a994848c70a7411d","sha256":"ba52cd294a75f9aec6d68aad62cabf9af096fd3bd2829dc4af80b65a133c805c","sha512":"f0ca020d5bde3175e8513bc49a51b55377ff6ea6169715d2b5e3a4aa52bd92680706fc3c1535627b2a603bdaf01335a8ebd4276ea9f771e3d1d893ea31cca931","ssdeep":"","tlshash":"2371c4a96c1b80f6c2d721614c6f242de0f74617ae0adc1fd42d7a503e3da6e08d6b6c","first_seen":"2023-11-22T04:13:45Z","last_seen":"2023-11-22T04:13:45Z","times_seen":1,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":61,"dns":61,"connect":27,"send":0,"wait":30,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"redrotou.net/zone?\u0026pub=0\u0026zone_id=6206858\u0026is_mobile=false\u0026domain=ziaont.com\u0026var=\u0026ymid=\u0026var_3=\u0026var_4=\u0026dsig=\u0026tg=1\u0026sw=3.1.471\u0026action=prerequest","fqdn":"redrotou.net","domain":"redrotou.net","tld":"net"},"ip":{"addr":"139.45.197.251","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:30.176Z","timestamp":1700622810176,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"redrotou.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Oct 2023 05:44:53 GMT","end":"Fri, 26 Jan 2024 05:44:52 GMT"},"fingerprint":{"sha1":"75:61:49:6F:3C:DF:A2:36:1C:08:81:85:8A:A6:7D:E9:AE:31:71:1D","sha256":"A9:73:F3:66:20:C7:64:4E:C2:1E:0D:55:C4:DA:1B:55:03:DC:DA:2A:FF:FE:B7:D4:5C:72:12:F5:36:81:27:91"}}},"request":{"raw":"POST /zone?\u0026pub=0\u0026zone_id=6206858\u0026is_mobile=false\u0026domain=ziaont.com\u0026var=\u0026ymid=\u0026var_3=\u0026var_4=\u0026dsig=\u0026tg=1\u0026sw=3.1.471\u0026action=prerequest HTTP/1.1\r\nHost: redrotou.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziaont.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 22 Nov 2023 03:13:28 GMT\r\ncontent-length: 0\r\nx-trace-id: 408a4ff30d904712dd7533fc17b68385\r\naccess-control-allow-origin: https://ziaont.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T12:33:14.118075Z","times_seen":15111595,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-adef.akamaized.net/images/favicon.ico","fqdn":"cdn-adef.akamaized.net","domain":"cdn-adef.akamaized.net","tld":"akamaized.net"},"ip":{"addr":"23.36.76.96","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:30.297Z","timestamp":1700622810297,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a248.e.akamai.net","organization":"Akamai Technologies, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 16 May 2023 00:00:00 GMT","end":"Wed, 15 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"A3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9","sha256":"22:72:3F:E9:0C:8C:B6:2A:43:CC:52:84:08:56:46:13:07:5E:76:AC:F7:FF:45:E9:54:2C:7C:E7:7C:6D:B3:72"}}},"request":{"raw":"GET /images/favicon.ico HTTP/1.1\r\nHost: cdn-adef.akamaized.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: mzbDFFn0Yhqdz4XL9s4sX6yByljdNVrKhKiK+UtK4DVRgNzfBI6OtL7EakQiGwqEsC19uC++cQI=\r\nx-amz-request-id: 78F19547EBC3B810\r\nLast-Modified: Wed, 07 Nov 2018 08:41:38 GMT\r\nETag: \"4cdf3256cd7b8ec3917adb79d6bf457e\"\r\nAccept-Ranges: bytes\r\nContent-Type: image/x-icon\r\nContent-Length: 4103\r\nServer: AmazonS3\r\nX-Akamai-EW-Subworker: 8096267\r\nDate: Wed, 22 Nov 2023 03:13:28 GMT\r\nConnection: keep-alive\r\nAlt-Svc: h3-Q050=\":443\"; ma=93600,quic=\":443\"; ma=93600; v=\"46,43\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4103,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\\012- data","md5":"4cdf3256cd7b8ec3917adb79d6bf457e","sha1":"bc615337e9223183a126c8fb649774866fb53e69","sha256":"fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0","sha512":"2bcd90a667b80393690e244a979e36e9f482b419e52302571a41412aac296aac1d58f81787b38d00a00257dca8bd3dce7cfe6ab8ef12aa3a91e0801ee3c3f21a","ssdeep":"96:LSDZ/I09Da01l+gmkyTt6Hk8nT2JCkun8i01FZZN:LSDS0tKg9E05T23un8h5N","tlshash":"2e818daf99b0d47f7938fa400dce8281e279256c197637ad94e5c5ee00a7b031bb0232","first_seen":"2023-04-08T14:37:37Z","last_seen":"2026-05-13T06:38:14.008065Z","times_seen":9016,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":26,"connect":1,"send":0,"wait":4,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/img.gif?f=sync\u0026partner=f82bb87b192f1720f3978127fce2dd46efd05fd461c0c45aa6d2fb32ef60a990\u0026ttl=\u0026rurl=https%3A%2F%2Fziaont.com%2Fz%2F%3Fcep%3D2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm%26lptoken%3D175600616246453c80ce%23","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"139.45.195.8","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:30.440Z","timestamp":1700622810440,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rtmark.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Oct 2023 15:22:00 GMT","end":"Fri, 05 Jan 2024 15:21:59 GMT"},"fingerprint":{"sha1":"E8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42","sha256":"9B:0A:A1:20:ED:D2:5A:E5:AA:B9:4B:71:5D:B6:0E:BD:BA:E1:E7:51:62:8C:94:5B:6F:AD:21:A7:4C:E8:2D:F5"}}},"request":{"raw":"GET /img.gif?f=sync\u0026partner=f82bb87b192f1720f3978127fce2dd46efd05fd461c0c45aa6d2fb32ef60a990\u0026ttl=\u0026rurl=https%3A%2F%2Fziaont.com%2Fz%2F%3Fcep%3D2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm%26lptoken%3D175600616246453c80ce%23 HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 22 Nov 2023 03:13:28 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=7e998182da63477e84e77b9cce9117ec; expires=Thu, 21 Nov 2024 03:13:28 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-05-13T11:43:48.422654Z","times_seen":99621,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/4.jpg","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.815Z","timestamp":1700622809815,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/4.jpg HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/index_files/style.css?2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1042\r\nlast-modified: Wed, 02 Nov 2022 07:26:38 GMT\r\netag: \"63621bae-412\"\r\nexpires: Tue, 28 Nov 2023 16:57:52 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 2024135\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=7WUCvbaWznCxoSCgskKdFhMe1%2FiU8uqjdr2DoB0T9Vyq0XiXTJlzM9scAWylOFA%2B4RyFmggSb30vn4LgDZ5QVKweYZxzP9QWrM8NC3MKkdByttZONn3%2F15T5Zn4G\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff23ec3a56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1042,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\\012- data","md5":"e489d022a40ba80f51fb5acc1addea46","sha1":"41c334f49c248783037ceaf6fc335acff62f760c","sha256":"c39b4bfbcc6aa147547ca922c4f80350b48dbfa59cbd5176f44373e3b20f3567","sha512":"7bcbce8dd3b47b02fb08095e4dd08afb3a1efef7c1722f74973e1c4b137d703e7e245118049a9ac19d6b3c1f7cdc66225d71ae635d6a4ba6a7110abcaccd7e29","ssdeep":"","tlshash":"c511c8777b32111dee8a697a0d76d4904e26c73d43a5477704835410717f4012c0667f","first_seen":"2023-05-02T12:24:07Z","last_seen":"2026-05-07T22:50:37.24154Z","times_seen":1089,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.stfilecamp.com/fp.min.js","fqdn":"cdn.stfilecamp.com","domain":"stfilecamp.com","tld":"com"},"ip":{"addr":"172.64.154.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:30.431Z","timestamp":1700622810431,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"stfilecamp.com","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Oct 2023 11:10:00 GMT","end":"Wed, 24 Jan 2024 11:09:59 GMT"},"fingerprint":{"sha1":"B9:69:70:B1:52:5D:FE:AE:F0:24:90:58:7D:85:5B:38:3E:38:9C:4F","sha256":"EA:2D:EE:4F:B0:B3:2A:01:1A:A4:52:A3:7A:07:DC:61:F0:FF:43:AF:32:06:98:19:FD:C3:0F:28:1B:0A:57:F3"}}},"request":{"raw":"GET /fp.min.js HTTP/1.1\r\nHost: cdn.stfilecamp.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:28 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 13 Jun 2022 11:23:14 GMT\r\nx-rgw-object-type: Normal\r\netag: W/\"198f2f5b0a649f41fe890c59d37319aa\"\r\nx-amz-request-id: tx000003f9d7ee37b75dccf-006557cf3f-3c6f487a-sfo3a\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-do-cdn-uuid: 243e22a9-bb9f-4609-9c16-1fb0681c9c84\r\ncache-control: max-age=3600\r\nx-envoy-upstream-healthchecked-cluster: \r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=1WFs.1mto1Iwv4mZiJxePY77tRvN6TyT.zBsWhW4Ndc-1700622808-0-AQaveBykaD0m9Rmlr2V1msU4Jn+ubIgjKuMIiU6CzBqvYQi1c47dfdpQY+GSLT8kgngGMmTRJRArRcwLuGzbF/U=; path=/; expires=Wed, 22-Nov-23 03:43:28 GMT; domain=.cdn.stfilecamp.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\ncf-ray: 829dff2888d0b523-OSL\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31705,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T12:33:14.118075Z","times_seen":15111595,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":117,"dns":98,"connect":2,"send":0,"wait":57,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-22T03:13:29.099Z","timestamp":1700622809099,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 14 Aug 2023 05:52:13 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=%2FJ5LzvOIX1jhNm3Xhxym%2BepCE9%2Bqfla0BK%2BRN1goQHDk2RyBaTHvtPoeWV5l67WhcfATwdHbmcNU8%2FjUPBIM%2BVVUZFIGGEGBXvJv%2FmtIZ5n2Sba4DS3BGPWrbozE\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 829dff1f989cb4f1-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13599,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T12:33:14.118075Z","times_seen":15111595,"resource_available":true,"data":null}},"time_used":286,"timings":{"blocked":12,"dns":0,"connect":1,"send":0,"wait":261,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/second_back.js","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.644Z","timestamp":1700622809644,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/second_back.js HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Nov 2022 07:26:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63621bb5-8b7\"\r\nexpires: Wed, 22 Nov 2023 05:49:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 33847\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=W53FBMeN3bvoMPzUpnP8Sr8j8srZx7sa0DcivFSqUb%2BlE%2BpmbVculbfpmpEg280IpcaKp%2B36a7wKWjjL4F9k4ZvGK7MR8b14Gw6KZuy3f6JAoYjke3tEjd4ytJIx\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 829dff22dbc456bf-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2231,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2311), with no line terminators","md5":"d8cda4c9b52122a5717b7675e4cc0507","sha1":"afcdbf8c3511ec604eca7b8283ae1547eb2a4b09","sha256":"fd3f9a5b037a50b89b415375eb1e46ead471ad9762127db59258b52f22387d00","sha512":"5f86c80b190b9b11a7b51efc98bfca59cfc9f3fddc1cd813519e5fd0ab5d7e3c22b21ef674fd0f3764f2889ea8f54a8bf415f7b626d42016846fc54219d56ffc","ssdeep":"","tlshash":"ab41ae5b6040817b1a662647cfae708531b370cdd35ae941bb0ebb96df94316434a3dd","first_seen":"2023-04-12T05:50:20Z","last_seen":"2024-10-06T09:18:35.430733Z","times_seen":343,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/sw-check-permissions-f1d69.js","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:30.188Z","timestamp":1700622810188,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /sw-check-permissions-f1d69.js HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce\r\nCookie: vl-cep=cep=RUAiCgV3eC8cXOXZKUz37v70O-VBNwfiXVk_PG2uAtWlKT6koTi50rtK7s_04e3csQGu0jU18lPxOxJB4hgsxgOxR4YbqtTSoj3ruoU_lw1HIrRowGB16JyEej3hyx_NSDj8WkaBX6JvOqQKcZR_ROr8Yn87P17AATPyYrf5r3bLwB994I3QqWK-BtyHH_4H22gxeeKFBtsUe-JpFHiVOVrSDwMxdG62-NVnqntHV_4huoFPuvqP2u8S-7-7qElcgdgxQ-4rONvF3hgzSXAeuvJkm0PAKHC-4QEnuKfSgkNCqjiWZFju_toeFx2y8cdaG4nWXj11jCNyMo3be1YJjwOnJYqP-gx3TrGfMYfZxQ_mhlbSjmZhZr9GYvZNuLMO\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 10 Aug 2023 03:36:41 GMT\r\netag: W/\"64d45b49-236\"\r\nexpires: Wed, 22 Nov 2023 07:41:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 27096\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=FjpzB8iUQtcXwvIRTlPNCyu5cxk%2BE7iOeFcKEIl6XQTZ2HtUQsJqpb9exACfUAoXyen8%2Bd3G4xniA6JZIyHcJ%2BDaxLbFWNfEIXFxKH0CTNHb%2FqpIDg1l2TNXT81E\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff264d3556bf-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":566,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (605), with no line terminators","md5":"035fe7d7c59399a5e710c8d151d0a9ec","sha1":"929833ad44211c2f7cc8032b279d7668fe36af91","sha256":"4f9934de580fa64a0d0fd66fe02690cd85e4ed3872d64d5ffb28cf2e724fb7c7","sha512":"265c2c5096ac4cbad823ede14cca4a3e7bb124dd6c9ccc9648c522589baac30e27e7be2ed583e74d685bc61dfc8feb558a609fd1d5be97cc20fa7ad18278c381","ssdeep":"","tlshash":"76f081cb6c00963c03d22a99192378517177b7c9562a62647c6c471b571db2e82631ac","first_seen":"2023-08-18T05:42:16Z","last_seen":"2023-12-07T10:25:32Z","times_seen":32,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/main.js","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.642Z","timestamp":1700622809642,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/main.js HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Nov 2022 07:26:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63621bb2-bf9\"\r\nexpires: Wed, 22 Nov 2023 05:49:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 33847\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=0Gi2vI%2BIKSySg9h%2FuxYPJ6vwcInyqhvipnV%2BRD%2BFrDYDe2F9b%2B7IFI%2FaU7feOxv8wBd3QqS2tAlYVPtO9HFq6PTKXKhqJAif%2B7MaGwXB6kAnU%2BPyo6JCmo8ibhdy\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 829dff22dbc356bf-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3065,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (3200), with no line terminators","md5":"fdd423b17da31208a5c21fad72b932b9","sha1":"e91c7519cfec28bb1cbf7090140deb21551e811d","sha256":"2bc415ece1375eaca76cd91cb34849987af8dddae11391d1972fabc4be0b0f6a","sha512":"f64718bb47cae23c501bd6708513662bb4f182b5d80e36ae6476ec8d5c8425c1bf82ecafdd9d6f99c9ea87223e85aa662a058d481197606031ce72a8916adcdc","ssdeep":"","tlshash":"026169a635355eb4455b9fb723becac02e29301990234048bd3d79cb872ce64f1d9ade","first_seen":"2023-04-12T05:50:20Z","last_seen":"2024-10-22T23:36:13.57106Z","times_seen":654,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/stormtrk.js","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.646Z","timestamp":1700622809646,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/stormtrk.js HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Nov 2022 07:26:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63621bb7-1966\"\r\nexpires: Wed, 22 Nov 2023 05:49:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 33847\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=sXT88E4ZuCsnCxFBpY6Zb3xp7bX9RIiI7Gu6wwXqbgeUpyIWj%2FniDo4G2ksSxCHjPte0lAxtrqRRRx1ZV12QkrJMX6RpBvhpeb4sUh9ujr3u3%2F1mlCVO1uAZnzHp\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 829dff22dbc556bf-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6502,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (6726), with no line terminators","md5":"c1ae765e0a69e76b62652260fa084405","sha1":"34a6c5996f85c7466cfaeecf3de27935ffd5385d","sha256":"ad4368b41a81e243d6589c9ac93f789c53b403e1e9d1a6969b28cbec593d5621","sha512":"4e50853300030dc30f2c20a370e41fb2f19036bceaaf49e52a6ea3b31c2350f1b1c1e3c6adb95e3bf21c27657d2f17857fd8e4cdfef180a87c811c042a044ff0","ssdeep":"192:iay7VFXtX+CedV8+Tt3qKhlt9ktZqLftZrEwE691IqkdEoIM2xowk0GxnVYCLmFS:iVtXQy+T4KhlvkUfHRdoGzEYCF","tlshash":"f0d1ff5e7944ac7205437e76aebb46c860333208147190187fadb372579eb9cd963bec","first_seen":"2023-04-12T05:50:20Z","last_seen":"2024-10-06T09:18:35.427832Z","times_seen":326,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Fziaont.com%2Fz%2F%3Fcep%3D2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm%26lptoken%3D175600616246453c80ce","fqdn":"stormtrk.com","domain":"stormtrk.com","tld":"com"},"ip":{"addr":"172.67.69.203","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.796Z","timestamp":1700622809796,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"stormtrk.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 08 Nov 2023 23:28:06 GMT","end":"Tue, 06 Feb 2024 23:28:05 GMT"},"fingerprint":{"sha1":"1F:F3:7F:EE:CA:64:B3:D7:E5:63:51:58:3C:32:70:22:53:56:0E:76","sha256":"53:EA:55:F3:99:B8:5D:0A:98:54:72:71:6D:F4:23:BA:B6:E4:D1:7C:1F:A1:16:8F:7C:B5:4B:B6:21:43:46:EB"}}},"request":{"raw":"GET /api/1.0/ping/pong?location=https%3A%2F%2Fziaont.com%2Fz%2F%3Fcep%3D2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm%26lptoken%3D175600616246453c80ce HTTP/1.1\r\nHost: stormtrk.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ziaont.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:28 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=EFImIbWhyvZmgHZdITO%2BZ37DEmUPB84tpnjuYNln1uW4oAMXw1vANpg1yX4EZP7HL7jHPZwu8IMiYN3rU5ug0xxpmcYmfxNK%2Fsrn8F0ixvgHjmeibanApngi2mmoxQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 829dff2429c70b31-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":653,"size_decoded":0,"mime_type":"application/json","magic":"troff or preprocessor input, ASCII text, with very long lines (674), with no line terminators","md5":"dde81f570e81ca9960b0189a021a984b","sha1":"4bd5fe400da0ec5222c6cd1271e1b7688daa0874","sha256":"6cc6a7f01fdc9b427c5d8bc5844790f8676ede788ca46c2891a186cd323ab16c","sha512":"20b0523fe8ca7b68c2f9b7d5cd3aaa8980b394dfd3ea0b4c3f2dc18875e746c74781ffa9e8824809715121fd4228a7e5bf8ff7801bc58607a8b818517fcd1f00","ssdeep":"","tlshash":"cf01231328181cfc04c792b60ff6e9754c8e666eb155019f856789bd600eabd7a0e279","first_seen":"2023-11-22T04:13:46Z","last_seen":"2023-11-22T04:13:46Z","times_seen":1,"resource_available":false,"data":null}},"time_used":638,"timings":{"blocked":50,"dns":41,"connect":2,"send":0,"wait":527,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ziaont.com/z/index_files/5.jpg","fqdn":"ziaont.com","domain":"ziaont.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.826Z","timestamp":1700622809826,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ziaont.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 07 Oct 2023 12:35:39 GMT","end":"Fri, 05 Jan 2024 12:35:38 GMT"},"fingerprint":{"sha1":"82:56:9A:CD:7E:19:BC:56:31:E4:58:11:C8:A9:A1:74:F6:73:4D:F2","sha256":"C0:62:51:6D:B2:D7:3D:64:52:B0:8A:41:97:6F:DC:81:44:21:9F:27:10:19:24:5E:2D:8C:28:70:A5:85:D5:41"}}},"request":{"raw":"GET /z/index_files/5.jpg HTTP/1.1\r\nHost: ziaont.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/z/index_files/style.css?2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3268\r\nlast-modified: Wed, 02 Nov 2022 07:26:39 GMT\r\netag: \"63621baf-cc4\"\r\nexpires: Fri, 08 Dec 2023 15:01:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 1167103\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=q6OsY0FJfga3Z%2FebrTa3obnw1mtgqCxjvtcj6oKs%2B6SuIW%2F0v%2F5jGcuff01K9Fy%2FvJcpwl%2FyPu5VqsoQwnFiE26n58spY4Ogep0YU5RCPoj4qS8dOc5b8H7nl9i%2B\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 829dff23ec3b56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3268,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\\012- data","md5":"92c40a962aa579868b64b8b7f1b6575c","sha1":"f676f1ce463a7b0b7b2c05587a9b52285e55e679","sha256":"64e47fb0b1dc439d03463c15a7977d88988a4d3f7d563e3d772cc9ca8d41e414","sha512":"4a218ec3be2151bf983ef3d18a7e4d89946f91805fb898381423c64c1c50227626388cfcd6c7f7410a3517b2ee950bec26dcfe257a5ae69fe053a8798563e9c7","ssdeep":"","tlshash":"9961ea99731a0392dc12e5762ca623a3d2fe5c93f5406d4d7ed286ec8600ad4d58e89f","first_seen":"2023-05-02T12:24:07Z","last_seen":"2026-05-07T22:50:37.228279Z","times_seen":1088,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-11-22","alert":"Sinkholed","trigger":"ziaont.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"redrotou.net/pfe/current/micro.tag.min.js?z=6206858\u0026sw=/sw-check-permissions-f1d69.js","fqdn":"redrotou.net","domain":"redrotou.net","tld":"net"},"ip":{"addr":"139.45.197.251","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ziaont.com/z/?cep=2cPOji6BquPBPEGQWoyhMJdxWTENGWml4N9xhk3laXOzqh_0n1TT0th57DHhj4g4R75IriP2fTpbC0nIKNStd8g2EFnyXAKlKfltpJViTzm9CTxtWL2SxoCy0dqfpbGiy09EvFFxL8ldN8nqnPMDsmLMBdXevP3YXxmohb9-bKAietswsFldI86Zp-5UaJmhu_GlxCdGV_w5r37WJiNq-16MZ8brWlCft7ARAVobDhKgnymYx9HXGB3Ryp_U024NeDwxZE0TnEh-EcO6ThdTCBf-9-C_zNXsinx2bYxXyOzQ-dKkg5GGTB85d0WJs7WBonDPHY3HW18QOKfFCKJ47V_dJX1pZTHPDF67GweJpAy5mdP46xCgZ0p44JhDwlzm\u0026lptoken=175600616246453c80ce","date":"2023-11-22T03:13:29.799Z","timestamp":1700622809799,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"redrotou.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Oct 2023 05:44:53 GMT","end":"Fri, 26 Jan 2024 05:44:52 GMT"},"fingerprint":{"sha1":"75:61:49:6F:3C:DF:A2:36:1C:08:81:85:8A:A6:7D:E9:AE:31:71:1D","sha256":"A9:73:F3:66:20:C7:64:4E:C2:1E:0D:55:C4:DA:1B:55:03:DC:DA:2A:FF:FE:B7:D4:5C:72:12:F5:36:81:27:91"}}},"request":{"raw":"GET /pfe/current/micro.tag.min.js?z=6206858\u0026sw=/sw-check-permissions-f1d69.js HTTP/1.1\r\nHost: redrotou.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ziaont.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 22 Nov 2023 03:13:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 21 Nov 2023 16:59:22 GMT\r\netag: W/\"655ce1ea-697f\"\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27007,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (27007), with no line terminators","md5":"5ccd2d5882a06f293d07510ac91c92e6","sha1":"b44dc0eaa03981adb70d3313e728f9359c1d21c1","sha256":"9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba","sha512":"fddc1b3dbd07ff0fc03156101d5db8b8f3dd5f61c44e1a6c48ba6c50132dbfd32f9dda05f4aaab1bf2791de55a019f5f991a93282ad6cac1f89de5f5b7d8c535","ssdeep":"768:EbCTuXSpS9v04L37efBm+Zv2bN3H1CXQR0wZWbIJh1UMmvjCeZskk4Nci0:nML37efBbvkZDaOocJ","tlshash":"71c2b7b6f86db86423e12cc7543f1148657ad5a9fa6a74f0d1096ab2347200bb2f3fd4","first_seen":"2023-11-02T09:44:53Z","last_seen":"2024-08-20T21:23:50.961937Z","times_seen":8998,"resource_available":true,"data":null}},"time_used":627,"timings":{"blocked":293,"dns":36,"connect":35,"send":0,"wait":32,"receive":0,"ssl":217},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}