{"report_id":"ec46fe01-f084-4dde-866b-459ea2cc676f","version":6,"status":"done","tags":[],"date":"2026-03-18T15:43:34Z","url":{"schema":"https","addr":"fortunx-h.com/","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":0,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"final":{"url":{"schema":"https","addr":"fortunx-h.com/","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"title":"Fortunex","dom":{"size":86513,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1038)","md5":"7fac991ab4c6cfe666689aa66d23b586","sha1":"2b6e3789507fb28d75cdfc5eae3056e83611a992","sha256":"40c9cd22da696df09b14360adcac4be66937b08a92fa9de1eb93d9a7680dc14f","sha512":"f630d4f79b67c593b8473a62698cfe9bc3fbe931f3ad3ec47739d0fc1613e024ab1f82da4a3bd6e558c8c59ac52fe41d4afc1d612fb4432783dac47bfa40c1eb","ssdeep":"1536:bUAeYw4jqZzDDziMzsNzl0zDBzYPzf4z3jzG4zWoz9Xz7EzGGzFkzQLz87zL7z5j:bU+woBw","tlshash":"9283669481f7182b6132c19591e6b75668ed4547f34b4bd873bc1fa2bfc9e2430272ca","dom_hash":"domhash87015d1074bc5d3846b0d4aae31762ee","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"fortunx-h.com/","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":0,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-22T15:43:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"cdn.jsdelivers.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ini.zkzrjytn.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-05","domain_rank":0,"first_seen":"2026-03-06T13:13:10.866799Z","last_seen":"2026-03-18T15:31:43.422173Z","alert_count":44,"request_count":44,"received_data":1026736,"sent_data":21110,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"jQuery:2.1.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"cdn.jsdelivers.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-06-26","domain_rank":0,"first_seen":"2022-06-29T08:37:28Z","last_seen":"2026-03-18T15:31:43.545036Z","alert_count":1,"request_count":1,"received_data":87208,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.dcimg.net","ip":{"addr":"43.134.73.94","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"domain_registered":"2025-08-12","domain_rank":0,"first_seen":"2025-11-30T10:00:11.508826Z","last_seen":"2026-03-12T21:34:34.989723Z","alert_count":0,"request_count":1,"received_data":574,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"167.82.5.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-03-15T22:34:11.913686Z","alert_count":0,"request_count":1,"received_data":87448,"sent_data":441,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fortunx-h.com","ip":{"addr":"65.20.73.254","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-18T15:43:35.789806Z","last_seen":"2026-03-18T15:43:35.789807Z","alert_count":0,"request_count":6,"received_data":124064,"sent_data":2670,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/jquery.cookie.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0621c2b4f6f909d7a1747b9ce574780e","sha1":"a776f9b0c90225e9eaf4aa5445f497bf4d2f4d8c","sha256":"9d790c3575cee72f1d57f4520cb21d37257c0a888b1afcecc9a01bb41ea04c63","sha512":"323421cefcf2bf7a6cabb3b71da04b5f15c388683b6120e4a8a3d045620013bbfb3583084620996fb1019148378e2b77897dfd337d3718f82eaacb7bd2ad9609","ssdeep":"","tlshash":"6c817554bedc710e066b31525a7f50a8b63cba331114848cbc4d99a82f70c7acb6fd6e","size":3979,"data":"","first_seen":"2025-05-31T14:13:59.582381Z","last_seen":"2026-04-18T14:47:45.372511Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/main.js?b=32333333ee23dd222","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ab9a6defc3fda08d2cee02a173a2f7be","sha1":"d07e1d574b7bee87fc40b0b33a02c3f595ceb0e7","sha256":"666a5553ae5ae15780ef4d76fb0c65fe6280780ad416203bcd2da34e47c1295d","sha512":"630fc839adbb9192cb2f1c043e01cd95279d6391674f27175002d8dd47ab47f1f26b9c8c2b23842e1d035aa46be58da92497b1944d1a8a6d07a1bb4b690b924e","ssdeep":"384:nROPjOirqbL97ixJNGyJAEvzJ5I4hLCHnSXWRcxjHPBJPjvQI:GdEWAk/KMWRcLNH","tlshash":"390325a6d8a58c975cae9160233e274330787867695cbc1a3a8cb36c2f9c47f367174d","size":40856,"data":"","first_seen":"2026-02-26T04:54:47.816375Z","last_seen":"2026-04-13T20:12:52.425471Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/islider_desktop.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a7452c569707d96850a46e48588deb","sha1":"ae597bf86bf29d7522297cb4624142ff13dc90bc","sha256":"1b39f8f03aaf1f5f78fffab0d36a295f8034e73f3427d9a27d8b93560d6dd1f4","sha512":"9236237ff0140d2b49a809df98c8a1d964b4591318eda34ea35d15a1de7447af42dc96fb8c588416a7ddeb8ffdcbfe48608523d4c609381779e1eea037847577","ssdeep":"","tlshash":"ca21f112637098db9047d33d94deea17bb310366484fca134dbacc507c2087609b7e9c","size":1431,"data":"","first_seen":"2023-03-07T18:08:54Z","last_seen":"2026-04-26T21:50:15.624104Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/jquery.bootstrap.newsbox.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"72ad762a5dd8f6fd19b020b912ff56d6","sha1":"01a2963da354661f81062aedf8383d3d790f31e4","sha256":"26e80fcff8951804661310d9fb3fff76bde48341effc12762bfb9c60de7cbb62","sha512":"374a41b3b0098226b76120c62dbdc615d4b36f3b12dff15a1ad09edd9a966a14574d74ef883e582cd8080769933d2086145e27b3d13abf1be9d3fc1eb9c5c46c","ssdeep":"96:lqSDJUI5c1gUbNdN8vsMNTO37qENV/iViu9ax36gxIZGv:l7DJUI5qz+vsMcmeV/iViMDPK","tlshash":"82b10d19b3502a61d1a770e74c1fc80db976666665031720fb6dc6b2bc3082c6b7bebc","size":5266,"data":"","first_seen":"2023-03-08T01:35:32Z","last_seen":"2026-04-26T21:50:15.607057Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/iSliders.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"393222b99f1ec73da7d6586438f4f12e","sha1":"ad9936119b1bf30c1cf46ce689dc5e9631ca3b0d","sha256":"bfa6f811691f851a6edbd687160a6a2014ba832531ec4174e2b96f06ab2f62d0","sha512":"b977c66ace6811278e3749178bf6ebe8893fb5e7ac11726488e500447d9201b3133f482cca955edeee54a289bc063a33de2ec188cf92761e092ca2273aa27db6","ssdeep":"768:zZQfJmsdL+Qkoz+C0Nzae5xLnrXTj1Ax0RxJ3S3iiyhgmdngx4xQ5KMi:zMJms5+yKC0NN/XTO0RxY3ViqyF","tlshash":"de432e4a2eea10168123b13e5f8f6a02e579921f560dd9887d6c57f48f85b3402bdff8","size":57968,"data":"","first_seen":"2023-06-11T17:08:27Z","last_seen":"2026-04-26T21:50:15.60218Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/swiper.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"53fc0155c6c3cb55f34b749325ebb370","sha1":"a0738b4767a38b90e17792041d648ed621dab2ae","sha256":"b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6","sha512":"13d7b31f6f6dbad80617d644160e3720aff5074ad1ae2426e681c21b91f2ac91c022706764f3a0a11727b229d667efd07154626ad7695eb741650873a5bcfb47","ssdeep":"1536:+apNOiO5/c9XrYK8SnTLANcelWyVAyvK05Du1u+GlpuXvH7WcWUmcPqMjCE8EtO7:N9XrTrANcwQIl+GqfH7WcWUmcPquXbq","tlshash":"79c31849b35075e551e72256539ec601a3b66805b90ac0a831b2d8d7acbde8c03bfffd","size":127934,"data":"","first_seen":"2023-03-07T01:20:30Z","last_seen":"2026-06-13T14:54:14.166056Z","times_seen":6516,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"46c01089623e19e830c6b1af65b4bdde","sha1":"f2364b1a337f91b15380ab7120f1dcc423fce89a","sha256":"cae1089f26010e925e33a8e4f6923cff2008743417abe275fe660980377dbb3d","sha512":"cb5dcb462b509f5d68caa9de92445ba6ba1a45a4543e5da5327356fda50fcd27254aed7786b5b5536838ee6c814d7398f23fc8256b4aca8a826782e1a6e94629","ssdeep":"","tlshash":"59412097a1ea1907a17380966aef3306d42d000be01bff59fb1d5990cf862182a12acf","size":2247,"data":"","first_seen":"2025-10-10T22:37:12.950465Z","last_seen":"2026-04-13T20:12:52.463678Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivers.com/jquery/3.2.1/jquery.js?0.8022112380701354","fqdn":"cdn.jsdelivers.com","domain":"jsdelivers.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9f5aeeca3ad37bf2aa006139b935f0a","sha1":"1055018c28ab41087ef9ccefe411606893dabea2","sha256":"87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de","sha512":"dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58","ssdeep":"1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9","tlshash":"4483e6d9b2c67062977730b950bf410bb17a98dab44c8c60f158d9d47eb8a8d907bf2c","size":86659,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-13T17:23:21.484528Z","times_seen":93849,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fortunx-h.com/","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"introduction_type":"scriptElement","is_inline":true,"md5":"4554535d3292f616070897c83072ca45","sha1":"b9c9b90291deb00f312af7b8f76feea55078c936","sha256":"72c9b5100589c4e52e0a44f1c41242fec8ddccb51e989825e471b8f62f9772bd","sha512":"ff109098cd8c5ed832e941d1da3981bdda1386181cf1b69fa9a939da7d5b4858e3f53a9555af9693b325755e123733c773d687846c46ab6f363bbd512d4d10cd","ssdeep":"","tlshash":"49f02e9250b729ac1236c12e314fc5031b7604b3aa458d613c4c7f954ff4b5ad5a9855","size":497,"data":"","first_seen":"2026-03-06T13:13:20.02915Z","last_seen":"2026-04-13T20:12:52.462873Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/jquery.localize.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"49a2d7c216fb7eb25667265661da4765","sha1":"d9520c141f1ecb5dd4d69bb699f8564533fbf6ff","sha256":"d5972860c78478db7f2011f92090e9c282a075fa81f09a99d64a39ce6f384982","sha512":"2c23a17793de3350c2867e1867240be8e3b3cb32614317ea4838a75bfc8ec8b0ad8f1b65124c3ca55a66917e107c42c67d112dc39903c5d21379c6dc75e79157","ssdeep":"","tlshash":"d75153cd7483f0055761f8e26aff098bf1aeddda34480c99e182a5803a6565cb273f58","size":2584,"data":"","first_seen":"2023-03-08T08:29:06Z","last_seen":"2026-05-28T05:02:15.24008Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/jquery-2.1.1.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"89b822b7703ca58e06ce85e7605448f7","sha1":"cfdc66d33b2c44e8efede48d061e44fea61d4679","sha256":"087617fda75f9098fe036ee2ea06492224a59838469ddd98c2b3456b61e0fd40","sha512":"fe31ce5fe5df4bd69dd31d27f4d10f1384e598ae49b5628362eee9a184425469870542ad6bd5fa7920f909903438e190658b56e428d2e469a42f18fc841dcf38","ssdeep":"1536:kPEkjP+iADIOr/NEe876nmBu3HvF38Nd+uJO1z6/A4TqAub0i4ULvguEhjzXpa9/:7NMnJiz6oAQKP5a98HrE","tlshash":"ce83d7d9b6c67062977730b850bf410bb17a98dab40c8c60f068d5e47eb4a8d517bf2d","size":85138,"data":"","first_seen":"2025-08-03T23:39:18.243918Z","last_seen":"2026-04-18T14:47:45.38012Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/layer_mobile/layer.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","size":22104,"data":"","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-06-13T09:34:04.056715Z","times_seen":5753,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/bootstrap.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c5b5b2fa19bd66ff23211d9f844e0131","sha1":"791aa054a026bddc0de92bad6cf7a1c6e73713d5","sha256":"2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a","sha512":"d9ef2aab411371f5912381c9073422037528c8593ab5b3721bea926880592f25bd5dfdec5991cdfe5c5ef5f4e1d54e390e93dfd3bca3f782ac5071d67b8624d4","ssdeep":"768:4UfYD27UwlNHMl9lqNuCPNjhqg8epm5CCJFXflA8Gf3ZTbQ:z/76whqKGvlm3ZXQ","tlshash":"47f29606b23031a147efb1e1525b020a7239696ee906907c78b9daf53db9c48717bf3d","size":36868,"data":"","first_seen":"2023-03-07T01:02:25Z","last_seen":"2026-06-13T16:03:30.962367Z","times_seen":20278,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/socket.io.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c0bbb14cef9cf308f647b3a3bfb85ceb","sha1":"1c1afa989402efa7e0b932ffd5079db4f0137209","sha256":"437e7ab926c379bd8067e83eee263c3eed50028a4483ff2ea055fa4a59448592","sha512":"324334b0614d3313e06a5db882b42a087d98f7d7a1d7fceb545c0885dab6127fd99ea3550e3fa7dd660030ff08add96c2b32c1818ab77f6e09389a310375773b","ssdeep":"3072:sy12HUwUN3EmGn55OHd8U4MP9pAGogNfCHADliE3ZXgtjjnZw+Wd2x4ZXpNSryDG:sy12HUwUFEm4fO98U4MP9pAGoMd3uMNw","tlshash":"b904d6496bf23011467370798b9fa046b63dc017262ec989785d93e42fe447893baff9","size":174048,"data":"","first_seen":"2023-03-07T18:40:30Z","last_seen":"2026-05-28T18:22:57.647725Z","times_seen":125,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fortunx-h.com/assets/index-BEjjogd8.js","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"introduction_type":"scriptElement","is_inline":false,"md5":"3f986736809dbe445ea0470f8c3cff5f","sha1":"46f5e1723d00491218c67bced13120d727155701","sha256":"bc66f941991c0a5ef026a6f08c745805cc5d1f7b46f16130e4655dc24e78a0d8","sha512":"346d789f32956df685814cccb54c4e9c7bb9f007d62e94cfba69cabe908f91bffde8c69cb8d1c8ab6f045a172122d8575d45633b4a412b8ea4d34bf46feaf9b0","ssdeep":"1536:klNt4RudTMX50bKz/9ELXqijHorhGM0m7TtzXEgSw612zeirWc:m3TMibKz/9ETqij+hGM/zXyw6125Wc","tlshash":"bcb307a93282b03293fa19f6503b0505b33a1955380ed488b16ceddb3d3755a62fbf6d","size":114473,"data":"","first_seen":"2026-03-06T13:13:19.989514Z","last_seen":"2026-04-13T20:12:52.446412Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fortunx-h.com/assets/pages-index-index.BcNqUA7S.js","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"introduction_type":"scriptElement","is_inline":false,"md5":"907d2a87499a9015fe3706946c5a8488","sha1":"91ca8b2e6542e2b6b5dd1a71888d88583b5fa04f","sha256":"e82633a16dad046e88f0f1c35d61b39a465cc3822c9d397e748a2f1c02ce8d4b","sha512":"5c2e99bee46307c35a6517c6e999e736e918be78dabb0ea456f070fa79ea92d1899a7e5458f4073e2f9468d3d292dd0f1283077cf0d0cea34c86a5c16072cdc8","ssdeep":"","tlshash":"a1d02bdb14c6e0f613541ada322d1044d16514543abadca1d1dc0e2b54524dff11fe1c","size":284,"data":"","first_seen":"2026-03-06T13:13:19.975449Z","last_seen":"2026-03-18T15:55:41.151283Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/language_cookie.js?v=231","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4d438511cfec37fd10591b206a15119","sha1":"f6de5f79c0c6b0eb5046d26bbd62ec67b60a09c0","sha256":"56487d4c9b3fa949a63bbacc61c1fd69d60d6a53a0849b3d18738f9f6e2463d1","sha512":"582ad96e21da8c1aa0202fd6d64b649b2f4e0fb9f0790c9684e7f100bd618c505511b6c098aafb0eb20511ff12c304d47729848472a4df6271344749035357bd","ssdeep":"1536:zEVksfl7fJG1SJ2XpWeYvVGARp4FwKx2K/:zEVks97hmSJ2ZWeY54FweT","tlshash":"486393bb644b09a138955957296e364412146c8bbf12b4e43bcc91142feeb5fc0f2efe","size":72951,"data":"","first_seen":"2026-02-26T04:54:47.844053Z","last_seen":"2026-04-13T20:12:52.455931Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"790f58ba4eb5ae31209b4996a4b68915","sha1":"7329cefe5fc65ee388682b9819ec383c1cf5e0da","sha256":"2d913f1725958d0b51d6f3fd1309a8a2728873e5d15d769823e4ec01fad508b4","sha512":"230e26fa97601de63edc0f84ae5e724dc78e0a92a44f6e2e30fd945aa9153c7a4415f259966e9e4e90603bddbf543d13ff413bf336e4a8c9898bab7e616e578b","ssdeep":"192:+p8eOpppBo9Ofv2GhCThHjCy2uZQrT7CVtqMZHR90OFR90OhR90OV5yNiQ2l1Muk:+p8eOpppC90deZDzR90YR90gR90crJk","tlshash":"1672526920fb401ba837706747dfb2012478941bb389dec47a1c5b845f85b38b1b5bce","size":16604,"data":"","first_seen":"2025-10-10T22:37:12.953092Z","last_seen":"2026-04-13T20:12:52.464734Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-07T08:18:02.151537Z","times_seen":15899,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"fortunx-h.com/assets/uni.1f497e86.css","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fortunx-h.com/","date":"2026-03-18T15:43:13.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortnuxe-q.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:09:49 GMT","end":"Thu, 11 Jun 2026 10:09:48 GMT"},"fingerprint":{"sha1":"C0:1D:2C:3F:AF:0A:BE:B5:5C:CA:63:1F:93:AA:A2:21:EF:01:B3:24","sha256":"82:C2:FA:38:C2:C4:8D:0F:27:F9:44:9E:33:D8:9F:AA:A4:CD:67:56:E8:6B:E5:97:3B:E2:A7:23:D7:6E:9C:22"}}},"request":{"raw":"GET /assets/uni.1f497e86.css HTTP/1.1\r\nHost: fortunx-h.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortunx-h.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 15:43:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 28 Jan 2026 06:23:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979ab50-6ae\"\r\nexpires: Thu, 19 Mar 2026 03:43:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1710,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1709)","md5":"5b00c13e95244cef67a8c14593efc2f5","sha1":"e434e6b8210403edc448ec166d0650c78cab770e","sha256":"1f497e864d31d086d7e0d2e74ba2352da85dc7e7b90e6fd33792e7f9a5a212da","sha512":"cfe3831ac4d82eddd521617b39e454975561322d944d1fdbf631265f5623127da74afcc8589df7e127e1879bb73464b2f35e1b755301990e9891dbebe33c316d","ssdeep":"","tlshash":"85314336ac402774fe9fea4664c16b6971305176f9d30f5dc72db634c94f2d909a2308","first_seen":"2026-03-06T13:13:20.005768Z","last_seen":"2026-04-13T20:12:52.44579Z","times_seen":12,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fortunx-h.com/favicon.ico","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortunx-h.com/","date":"2026-03-18T15:43:13.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortnuxe-q.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:09:49 GMT","end":"Thu, 11 Jun 2026 10:09:48 GMT"},"fingerprint":{"sha1":"C0:1D:2C:3F:AF:0A:BE:B5:5C:CA:63:1F:93:AA:A2:21:EF:01:B3:24","sha256":"82:C2:FA:38:C2:C4:8D:0F:27:F9:44:9E:33:D8:9F:AA:A4:CD:67:56:E8:6B:E5:97:3B:E2:A7:23:D7:6E:9C:22"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: fortunx-h.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortunx-h.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 15:43:13 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-13T17:21:36.173117Z","times_seen":526316,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/bluedown.png","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/bluedown.png HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 521\r\nserver: cloudflare\r\nlast-modified: Fri, 22 Mar 2024 02:38:58 GMT\r\npriority: u=4,i=?0\r\netag: \"65fcef42-209\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U7Fj5cWajDNjvkXDHuXinc54od0ZKriM5xGzNv8m90msyeO5Uy%2FzIjHGRkr8Z2Lr5XZb77U2GB6rKz3IGMXXIMqqABFNTKCMcwxLubsPAhY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11cf778a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":521,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced","md5":"5ab2ed0ce27fbf88c488e1048f2af0fc","sha1":"13e1735f7af3007a3ca9a4df50e21e17f9561976","sha256":"bf53ea7a01b9784abf1e51b0f4ab43690e6a46a786f758f5e102d4af111ccc5a","sha512":"f848a5ade86fa334dd537f9c9ee7bf7fd2da11cf8b58a01978f83b0fa6673d99f201edbf634dde7bcd8c4a3f2e9a345b2ef4f8149a9965dc73889083ebf44fa0","ssdeep":"","tlshash":"06f07eebb3581d1ee8330539fdc2cb30c81e10a02200bd3c4ac0e62adb2c82ac40ab4d","first_seen":"2025-08-03T23:39:18.235631Z","last_seen":"2026-04-18T14:47:45.391539Z","times_seen":21,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/rb.jpg","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/rb.jpg HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:00 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"5f97b5bc-13b9\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y2RARGU%2FkWGWqLPkdu14lLSACaWfJ9RWMfUNqmkHINkSl5pYWnukYdk2Hu%2Fcmzq7V%2FC1bJhoxOjWGu%2BYNjEZLY972GO6bPwkxyXKmyY1H3I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11cf8b8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5049,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 200x198, components 3","md5":"97f1724c61788d7ce4f9e28c0cda973e","sha1":"131df1502bae01bcd7b3f3fe7cdb99fb473dd19b","sha256":"f06f8dd8d8c65beddffad9cc7ecc1b004cd286f3bce4e23c857359dc706afda4","sha512":"b99aebf2ac4372bf8a7d830946dc262ce5d2490a76f5fa818dde3f0e13483dcf0a3b28cc011f7c636d9c024dd523e69ffc93eb7981f95cb7c308f371c8edf2c9","ssdeep":"96:C2EiVnuQj5D2yh9ZxFwWD8pISa7/wXYcT/a:C2vnuYNRh9mihSadcTa","tlshash":"13a1c66b4f208f13c8c48ff83f43fc615b9b4a5c36d376ea126b494b6e106859d8609d","first_seen":"2025-08-03T23:39:18.238415Z","last_seen":"2026-04-13T20:12:52.427341Z","times_seen":19,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/th.jpeg","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/th.jpeg HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 603\r\nserver: cloudflare\r\nlast-modified: Thu, 16 Sep 2021 11:58:35 GMT\r\npriority: u=4,i=?0\r\netag: \"6143316b-25b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RkxXs55qSzVQbVOoYS%2F2yuDKUx808I0y6CP4ekUxjyLi3kFoSO8H6CnI85e3OIUDcV5BddIel%2BrAfvh3ut3yhkM8e4gdOq4NDr%2FpCoeznzc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11cf748a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":603,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 220 x 146, 8-bit/color RGBA, non-interlaced","md5":"46a358edaf8339ee4cbee1b98120ad90","sha1":"ff77db5fc8ba03b5f7fa6e693ac52f86f5302168","sha256":"fda1f5532f9f7bed8eb8b2a40c995d7ea7fb384445ca672cea289a99334aa2f6","sha512":"acea31498e655dce96d307cbbbbffb14023b6083272495cbd2a804ebfb19ac7cfc4dc17cb1b5c4004000896d916c49e1d9fd80af760399164a623772995f492d","ssdeep":"","tlshash":"0cf0ca43a691901cf300be93f2c7855a46b9a2102f1d808d1a0e8b2c706b3e2d264ef2","first_seen":"2025-08-03T23:39:18.139248Z","last_seen":"2026-04-18T14:47:45.380634Z","times_seen":18,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/Forexicon_new.png","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/Forexicon_new.png HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 08 May 2024 09:25:53 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"663b4521-322c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f3QSnhLAY8yj1xoDrHT%2BxvDKWmaeTLlQVO8ubfWBPigrJRRPWuLtDeQ7%2FnThrfzLJYb03729bbHjDTj3nXLLlQjtUscDJZRA8QXUMlWHqR0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11dfb78a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12844,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"05896d4cf140dd19799152c87e7f5c33","sha1":"c0c29d8386d266999f9708a072f8bf2bbf79152a","sha256":"628656096439f1946b8d576ade0ccc00da5f6e7ce8f683bbc6eb44275dc8e655","sha512":"ae90e0413410b107752a9089b62c12fe6091fb0088f8b251dbeba723a958fa2a95d1bac60c97a66fae3b24ca2d75ec4a1a2fba17a02d3875a85e33470d45d1f0","ssdeep":"384:YGtHYygvDYvOZfHGBYn3UVwXum4NVSFH3RxhcmAn:Myg7xfmBvOqViX5a","tlshash":"ba42c07e61e12f0584e938b0c06736e6f1e244a1d7b94f3bb683714e766e1c9648782f","first_seen":"2025-08-03T23:39:18.209959Z","last_seen":"2026-04-13T20:12:52.449919Z","times_seen":17,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/api/currency/quotation_new","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: 0\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:17 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nset-cookie: __0ed372dd060958b07dc3c9eaf185973a=1773848594\n__0ed372dd060958b07dc3c9eaf185973a=1773848594\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\nababccd_session=eyJpdiI6IlgrNHhzZ2dJN0RWSzU1Mk9BdHNpSWc9PSIsInZhbHVlIjoialdudUZFOGFxa3phcENZUlErNndKbGgzaTkyK2FNVTlWTzI3WDNZVnpPQmMzS2JLUlRSVW82RklqUGZTVjVFTSIsIm1hYyI6ImI1ZTZhOTM1YTU5YzJlOGI2ODk3ZjI0ZjNhNjM5MTg4MjE3YjYzM2Q3MTNiMTQ1ODQ0ODIxMjU0ZjAzMjhiODYifQ%3D%3D; expires=Wed, 18-Mar-2026 17:43:17 GMT; Max-Age=7200; path=/; httponly\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with,Origin,Authorization,User-Agent,Referer,Accept\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OmVd25Gr7k1zQlbCJXC2MM554FVQqggnpyX%2FqVj5SHQH2oadxJ0unN5i03l0EwxjURzEF%2FeK9Nh4LkWEpxRX%2BRMAH23L07RAuALkdo3Phq0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a12fad28a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25297,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b909b45ed958e1e70ae9407872a76c30","sha1":"9b7fd5d55d88e81c1d4883d24c50fc0f28bb7fe3","sha256":"9e61ac237935f2cedbfda14b42bc22f980c781333519bb5d48ea61a83103a4f0","sha512":"9db746f4aeda3ad6953b6e8c3e29472fd01689d82a08b1747abfa6228ea9a638c6dc3ae49cee5f4f11a7f51b1a06e5f85301a92eb2c889d1ae9e68a4de16cee7","ssdeep":"768:sCnCnJKsk64DSmXCMz6v3jI9pLibrochBd5dHcgPX3k+m9uM3GucaKI61cf8D814:s7J5bi5fOPMbeHXhDv8YX0+ObWVdh+0h","tlshash":"bdb2ae8e222d8e7cd6f6aec2daee33a93410b10aadc24f44d3dd4f88578556bd20f551","first_seen":"2026-03-18T15:31:48.256053Z","last_seen":"2026-03-25T00:53:53.096578Z","times_seen":11,"resource_available":false,"data":null}},"time_used":3258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3257,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/firstpage/many.png","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/firstpage/many.png HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 266\r\nserver: cloudflare\r\nlast-modified: Wed, 06 Apr 2022 21:59:06 GMT\r\npriority: u=4,i=?0\r\netag: \"624e0d2a-10a\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JcLf4r8R7RomiZnRX%2F%2FBQnr0EAki6LXPGulkmD9HuRDF4%2FGabhQA1E9EcTo%2FHvK%2BTfxuUJp4W0nbI1EluOiiUgAFWxN4XN0B2RXWFg6jXL4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11dfb38a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":266,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 26, 8-bit/color RGBA, non-interlaced","md5":"450830c38e5ddbcc31d8e9a6d096e954","sha1":"e8044078f2cf93fbcb710d6a5e80b7b2e81ac1f1","sha256":"8a7747136505f042e10547ba4750fa3dd49abb310ac52a176ca0be6efa758360","sha512":"c6614fc91def46d7d1cd5dbb95896c691b55591097dcaae56466e6fb8f8bc2c34b1b732aa950ac4496e5341e4adc6bf70e8165dcd85583027c1f2a59ebe1da41","ssdeep":"","tlshash":"15d02bb3bbd0a931f2c73d63048991a5d851216471811428964696382906489b685a56","first_seen":"2025-08-03T23:39:18.241179Z","last_seen":"2026-04-13T20:12:52.432194Z","times_seen":17,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/jquery-2.1.1.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lib/jquery-2.1.1.min.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 08 Nov 2021 16:19:55 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"61894e2b-14c92\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xVj4ndB6Bqpt6XpuSqHFMYM5KzXrDNL%2FGRZyiEWBxfJ%2BPKClqyuDHtXa7ikDQtJYefnZyxKA0H0yXAk6R9gzFd%2B8wTanG0oWHJqkWOP%2BODw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11dfb88a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":85138,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32061)","md5":"89b822b7703ca58e06ce85e7605448f7","sha1":"cfdc66d33b2c44e8efede48d061e44fea61d4679","sha256":"087617fda75f9098fe036ee2ea06492224a59838469ddd98c2b3456b61e0fd40","sha512":"fe31ce5fe5df4bd69dd31d27f4d10f1384e598ae49b5628362eee9a184425469870542ad6bd5fa7920f909903438e190658b56e428d2e469a42f18fc841dcf38","ssdeep":"1536:kPEkjP+iADIOr/NEe876nmBu3HvF38Nd+uJO1z6/A4TqAub0i4ULvguEhjzXpa9/:7NMnJiz6oAQKP5a98HrE","tlshash":"ce83d7d9b6c67062977730b850bf410bb17a98dab40c8c60f068d5e47eb4a8d517bf2d","first_seen":"2025-08-03T23:39:18.243918Z","last_seen":"2026-04-18T14:47:45.38012Z","times_seen":21,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivers.com/jquery/3.2.1/jquery.js?0.8022112380701354","fqdn":"cdn.jsdelivers.com","domain":"jsdelivers.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivers.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 22 Jan 2026 14:21:04 GMT","end":"Wed, 22 Apr 2026 15:19:31 GMT"},"fingerprint":{"sha1":"6C:38:B9:A7:59:79:2B:DA:AF:AE:90:D7:FC:CB:9F:F2:F1:B9:69:85","sha256":"FF:5C:DC:45:83:8E:CA:DD:BE:B7:C3:A2:BB:48:1E:0A:EC:FB:6E:5B:4E:2F:5C:6E:43:13:B1:DF:A7:C0:1E:65"}}},"request":{"raw":"GET /jquery/3.2.1/jquery.js?0.8022112380701354 HTTP/1.1\r\nHost: cdn.jsdelivers.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-length: 0\r\nlocation: https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qHtPIeHqORdmBFxxfHBAooj2k0BcLW35haUDgbGoYHqolMmVqWD99GH7r4m5dpA4U9hOIdMs3MER44RQoEKiCzDHKFL8srsZ3Pa7zm49ns%2B6rw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9de55a133f592d96-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86659,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":32,"dns":1,"connect":8,"send":0,"wait":10,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"cdn.jsdelivers.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/main.js?b=32333333ee23dd222","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/javascripts/main.js?b=32333333ee23dd222 HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 01:41:27 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69796947-9fa4\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aMXjw14K1ABfyxgQqM5LRssBMB8kfB%2BrZ0jbLGmYtSriJ6msmQbdZBhE%2Bp%2FerxPJhFpunLbULP3h5XjEKjTAItCWpiuY1WpbRzOsir%2FYNMQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11effe8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40868,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"ab9a6defc3fda08d2cee02a173a2f7be","sha1":"d07e1d574b7bee87fc40b0b33a02c3f595ceb0e7","sha256":"666a5553ae5ae15780ef4d76fb0c65fe6280780ad416203bcd2da34e47c1295d","sha512":"630fc839adbb9192cb2f1c043e01cd95279d6391674f27175002d8dd47ab47f1f26b9c8c2b23842e1d035aa46be58da92497b1944d1a8a6d07a1bb4b690b924e","ssdeep":"384:nROPjOirqbL97ixJNGyJAEvzJ5I4hLCHnSXWRcxjHPBJPjvQI:GdEWAk/KMWRcLNH","tlshash":"390325a6d8a58c975cae9160233e274330787867695cbc1a3a8cb36c2f9c47f367174d","first_seen":"2026-02-26T04:54:47.816375Z","last_seen":"2026-04-13T20:12:52.425471Z","times_seen":13,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/css/index.css?v=1715332362252","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/css/index.css?v=1715332362252 HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 10 May 2024 08:57:13 GMT\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"663de169-26bc\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ED%2FuhcNiStnENeV%2FBR%2B%2F2SEJAJv206I5tUcBDdj04TVlbWgo8PprzSUNwAkx98OKy3Y9%2BTu%2FYG3wqGp6gx2axoz4ni0AAic4f4q66LKPsRk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11bf4d8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9916,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"5e22ed89f971fd9fba7c8a0ba40ac90c","sha1":"5aa5d33e3fda333af26ca0bf37bd7ed4efe9b1ce","sha256":"a10658b0e6b15a91798dc179c8b109bf2b2f0bdc5d7e37735b65f5156e6ccd1e","sha512":"0a0ebb16fb4b6b92a50b6d6b552e56df2a9243dc971132cceab43460bd761f4eb6de80bc913e5e3128225bfd21df8abaf8937951c3968e49fc289127953ab97a","ssdeep":"192:r8RMgR33/bxKwtLWdx0dAkOxQOTlRmfIgHyFZb:QdK6geOBRmfIgHyFZb","tlshash":"6d125220b3002009b16795baf424fbdabf154256a7465eedf1b8bc1597ce09e21b3bc9","first_seen":"2025-08-03T23:39:18.232863Z","last_seen":"2026-04-13T20:12:52.443063Z","times_seen":17,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fortunx-h.com/","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-18T15:43:12.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortnuxe-q.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:09:49 GMT","end":"Thu, 11 Jun 2026 10:09:48 GMT"},"fingerprint":{"sha1":"C0:1D:2C:3F:AF:0A:BE:B5:5C:CA:63:1F:93:AA:A2:21:EF:01:B3:24","sha256":"82:C2:FA:38:C2:C4:8D:0F:27:F9:44:9E:33:D8:9F:AA:A4:CD:67:56:E8:6B:E5:97:3B:E2:A7:23:D7:6E:9C:22"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: fortunx-h.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 15:43:12 GMT\r\ncontent-type: text/html\r\ncontent-length: 982\r\nlast-modified: Wed, 28 Jan 2026 06:23:11 GMT\r\netag: \"6979ab4f-3d6\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":982,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"b28bf8db35bb433e240cdbda52b269c2","sha1":"a75c2469668961b07b67a2ba8a51bbaf8181ed25","sha256":"e77a9a0007c7c638d679a42329c4039d3b4ba33de84ae715ff190a68693648c9","sha512":"244ef441e5e2461967f3b83d5b9cf89ab1406d2d6a52e570dc460bbb39a77076143ae6815ed8d25181aea6cf93cc3ae9a2397386512375dfdc4c5d313dcb2cc5","ssdeep":"","tlshash":"9a11448154f159552361821d35daf50a2fb38aa3954ecd2039ae2ae84fd4b8ecacfc74","first_seen":"2026-03-06T13:13:19.962432Z","last_seen":"2026-04-13T20:12:52.45141Z","times_seen":12,"resource_available":true,"data":null}},"time_used":892,"timings":{"blocked":360,"dns":27,"connect":166,"send":0,"wait":166,"receive":0,"ssl":171},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fortunx-h.com/assets/index-8w0KPwFV.css","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fortunx-h.com/","date":"2026-03-18T15:43:13.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortnuxe-q.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:09:49 GMT","end":"Thu, 11 Jun 2026 10:09:48 GMT"},"fingerprint":{"sha1":"C0:1D:2C:3F:AF:0A:BE:B5:5C:CA:63:1F:93:AA:A2:21:EF:01:B3:24","sha256":"82:C2:FA:38:C2:C4:8D:0F:27:F9:44:9E:33:D8:9F:AA:A4:CD:67:56:E8:6B:E5:97:3B:E2:A7:23:D7:6E:9C:22"}}},"request":{"raw":"GET /assets/index-8w0KPwFV.css HTTP/1.1\r\nHost: fortunx-h.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortunx-h.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 15:43:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 28 Jan 2026 06:23:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979ab4f-ee5\"\r\nexpires: Thu, 19 Mar 2026 03:43:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3813,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3812)","md5":"06528323412a0db00a3d6d7b929f0baa","sha1":"01027cb0d4fc00a8cb223b29514fc71046c692e4","sha256":"69edc2993273a15e1e76fdbd7632f2330e978338b22f88161b802104262c8552","sha512":"00a1e1d2be3e0c9a690ec592920e334486d053ecf32875eef361e007d05db7d3023b3de6b50b82de853972c9f5d160df05e124a27107e0ce6800a43483fb0bc2","ssdeep":"","tlshash":"2b71947701023e195843c66bb4fd02a42957c4abea3362bf532a3799840d3cb48723af","first_seen":"2026-03-06T13:13:19.941749Z","last_seen":"2026-04-13T20:12:52.442475Z","times_seen":12,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":408,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fortunx-h.com/assets/index-BEjjogd8.js","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fortunx-h.com/","date":"2026-03-18T15:43:13.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortnuxe-q.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:09:49 GMT","end":"Thu, 11 Jun 2026 10:09:48 GMT"},"fingerprint":{"sha1":"C0:1D:2C:3F:AF:0A:BE:B5:5C:CA:63:1F:93:AA:A2:21:EF:01:B3:24","sha256":"82:C2:FA:38:C2:C4:8D:0F:27:F9:44:9E:33:D8:9F:AA:A4:CD:67:56:E8:6B:E5:97:3B:E2:A7:23:D7:6E:9C:22"}}},"request":{"raw":"GET /assets/index-BEjjogd8.js HTTP/1.1\r\nHost: fortunx-h.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortunx-h.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 15:43:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 28 Jan 2026 06:23:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6979ab50-1bf29\"\r\nexpires: Thu, 19 Mar 2026 03:43:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":114473,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (36333)","md5":"3f986736809dbe445ea0470f8c3cff5f","sha1":"46f5e1723d00491218c67bced13120d727155701","sha256":"bc66f941991c0a5ef026a6f08c745805cc5d1f7b46f16130e4655dc24e78a0d8","sha512":"346d789f32956df685814cccb54c4e9c7bb9f007d62e94cfba69cabe908f91bffde8c69cb8d1c8ab6f045a172122d8575d45633b4a412b8ea4d34bf46feaf9b0","ssdeep":"1536:klNt4RudTMX50bKz/9ELXqijHorhGM0m7TtzXEgSw612zeirWc:m3TMibKz/9ETqij+hGM/zXyw6125Wc","tlshash":"bcb307a93282b03293fa19f6503b0505b33a1955380ed488b16ceddb3d3755a62fbf6d","first_seen":"2026-03-06T13:13:19.989514Z","last_seen":"2026-04-13T20:12:52.446412Z","times_seen":12,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fortunx-h.com/assets/pages-index-index.BcNqUA7S.js","fqdn":"fortunx-h.com","domain":"fortunx-h.com","tld":"com"},"ip":{"addr":"65.20.73.254","port":443,"asn":20473,"as":"AS-VULTR","country":"India","country_code":"IN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fortunx-h.com/","date":"2026-03-18T15:43:13.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortnuxe-q.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Mar 2026 10:09:49 GMT","end":"Thu, 11 Jun 2026 10:09:48 GMT"},"fingerprint":{"sha1":"C0:1D:2C:3F:AF:0A:BE:B5:5C:CA:63:1F:93:AA:A2:21:EF:01:B3:24","sha256":"82:C2:FA:38:C2:C4:8D:0F:27:F9:44:9E:33:D8:9F:AA:A4:CD:67:56:E8:6B:E5:97:3B:E2:A7:23:D7:6E:9C:22"}}},"request":{"raw":"GET /assets/pages-index-index.BcNqUA7S.js HTTP/1.1\r\nHost: fortunx-h.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortunx-h.com/assets/index-BEjjogd8.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 15:43:13 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 284\r\nlast-modified: Thu, 05 Mar 2026 04:58:35 GMT\r\netag: \"69a90d7b-11c\"\r\nexpires: Thu, 19 Mar 2026 03:43:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":284,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"907d2a87499a9015fe3706946c5a8488","sha1":"91ca8b2e6542e2b6b5dd1a71888d88583b5fa04f","sha256":"e82633a16dad046e88f0f1c35d61b39a465cc3822c9d397e748a2f1c02ce8d4b","sha512":"5c2e99bee46307c35a6517c6e999e736e918be78dabb0ea456f070fa79ea92d1899a7e5458f4073e2f9468d3d292dd0f1283077cf0d0cea34c86a5c16072cdc8","ssdeep":"","tlshash":"a1d02bdb14c6e0f613541ada322d1044d16514543abadca1d1dc0e2b54524dff11fe1c","first_seen":"2026-03-06T13:13:19.975449Z","last_seen":"2026-03-18T15:55:41.151283Z","times_seen":11,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":166,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/firstpage/music.png","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/firstpage/music.png HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 851\r\nserver: cloudflare\r\nlast-modified: Wed, 06 Apr 2022 21:59:06 GMT\r\npriority: u=4,i=?0\r\netag: \"624e0d2a-353\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jrM8ZAc88WIeMyej1CXvsMPhI52QBVkMDfbE1gfIhLi%2BfDvCw1K2faV5Fl6M9MXJzJogs%2B6T5gJVg4k8WM1NjC%2B0JQgfM0jZYZjxLZbnL8M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11df9d8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":851,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 30, 8-bit/color RGBA, non-interlaced","md5":"012c409c4c74e043a54abc3426002d7a","sha1":"e0628d9fbe8e2abbc9e56305c71493d9332c41b4","sha256":"47a9828e8b11620a7e7e5b2c42094f262b38aafc7c10d3973484182307708a0d","sha512":"66ab900a249493acfce443c6551b581fcbe89638604ed50534b3b174e12a73101bcf8c912aa7396c7400000a74b783a9d395b1fada9c00f6bd6dfd3efb92a75b","ssdeep":"","tlshash":"160196ea6a3028740c1800787345242347f8befa8c9281cdab4c794155321a3b587e85","first_seen":"2025-08-03T23:39:18.170811Z","last_seen":"2026-04-13T20:12:52.453504Z","times_seen":17,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/swiper.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/javascripts/swiper.min.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:10 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"5f97b5c6-1f3be\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bXNhyQhV6g%2BPOxTVUM5scfycX73cyZr3IY3rfw7msZnKXJbGSuNmIvIm24ysBFiqXIDumu6iyyn6uxeRa1HtX0GTR3E13oG6IZ6ROFDp9jk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11dfcf8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":127934,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65270)","md5":"53fc0155c6c3cb55f34b749325ebb370","sha1":"a0738b4767a38b90e17792041d648ed621dab2ae","sha256":"b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6","sha512":"13d7b31f6f6dbad80617d644160e3720aff5074ad1ae2426e681c21b91f2ac91c022706764f3a0a11727b229d667efd07154626ad7695eb741650873a5bcfb47","ssdeep":"1536:+apNOiO5/c9XrYK8SnTLANcelWyVAyvK05Du1u+GlpuXvH7WcWUmcPqMjCE8EtO7:N9XrTrANcwQIl+GqfH7WcWUmcPquXbq","tlshash":"79c31849b35075e551e72256539ec601a3b66805b90ac0a831b2d8d7acbde8c03bfffd","first_seen":"2023-03-07T01:20:30Z","last_seen":"2026-06-13T14:54:14.166056Z","times_seen":6516,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/bootstrap-theme.min.css","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lib/bootstrap-theme.min.css HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:12 GMT\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"5f97b5c8-334f\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XWlsFuMQ%2FsWlWKf1NxGrxffFfFky1JRofUZWxtdFk3B%2F7HBAg4covvQZJQR40No76FtCqEVbRe45dxNZBANw5y3IJqIUyTMwUTXoCWDfcsk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11af278a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13135,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12987)","md5":"2eba6afef4ec3eff6ff250d16880f4c0","sha1":"e99818c017c447b5e26db6b55e47aff671282f42","sha256":"9fcaeb2ce94bd25c75486fa826ef54058db4960c522755718573dd1c09842d75","sha512":"b08a7c3d85310d49aeb0e79b145185437ca1bc321b646ffd15e98545aa4a1699d15e88b8c1492c811cd8ee71854365545633bfc3ba57134a375890283e84b4b8","ssdeep":"192:vTbdOHdOqE35zU2dObdOZqKOtfi6OCdOSdOUqk0HO9HOA:HCPEJZ2KqDfPVRYgB","tlshash":"05426135e082a81efa1385ebf5991f58730e8bdbc5058fafe46b75f8e6021c55067322","first_seen":"2023-06-27T04:40:34Z","last_seen":"2026-06-13T09:20:56.416661Z","times_seen":93,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/en.png","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/en.png HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:52:56 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"5f97b5b8-740\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UB7Zb8aS2Xr2OX2qDa%2F4S3fbjwFqwqI3JlmH29Yw8PJwLyYbTwQphxITiWUwTX0QYGiHfDoSJydiMB%2F%2FrOJ1K3xEHVSD%2FATGHtS%2FHp562RQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11cf968a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1856,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 49 x 32, 8-bit/color RGBA, non-interlaced","md5":"19e8aa640b1d129c94e299dfd580f210","sha1":"ccfa030c16120a11d224fa1ba72afd55f0776523","sha256":"7385aee2de7d89a525b33e6ff1e8c1246de9234fcc7346f5877ee7d3301f8ca1","sha512":"6ca9e3f44d4ce8a0f7734c8f814138fe54c3224f08905a6e0634f36f1c4de6ecef43281df8a7b29f473300a1096565b148ced5e51fb23b050457c63714af11c3","ssdeep":"","tlshash":"e4311bb469a26052fa5e2ad4be1045df4ef89c0605d89251e60645e13c9eef19f0c437","first_seen":"2023-05-06T18:37:16Z","last_seen":"2026-06-11T02:17:54.617969Z","times_seen":410,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/language_cookie.js?v=231","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lib/language_cookie.js?v=231 HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 29 Sep 2025 07:52:39 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68da3ac7-11cf7\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w1YPqcNbKvcgOZnzPVgmREyCdIzRSeHDiHmiIikZWG99p43gts1%2B0gUic%2B7qgV5VY0p2F60k09O6CGUH%2B8iBJqy7vYU6fAv5UmBVvDbpJrE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11effc8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72951,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"c4d438511cfec37fd10591b206a15119","sha1":"f6de5f79c0c6b0eb5046d26bbd62ec67b60a09c0","sha256":"56487d4c9b3fa949a63bbacc61c1fd69d60d6a53a0849b3d18738f9f6e2463d1","sha512":"582ad96e21da8c1aa0202fd6d64b649b2f4e0fb9f0790c9684e7f100bd618c505511b6c098aafb0eb20511ff12c304d47729848472a4df6271344749035357bd","ssdeep":"1536:zEVksfl7fJG1SJ2XpWeYvVGARp4FwKx2K/:zEVks97hmSJ2ZWeY54FweT","tlshash":"486393bb644b09a138955957296e364412146c8bbf12b4e43bcc91142feeb5fc0f2efe","first_seen":"2026-02-26T04:54:47.844053Z","last_seen":"2026-04-13T20:12:52.455931Z","times_seen":13,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/mine/myb.png","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/mine/myb.png HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/css/footer.css?v=5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 709\r\nserver: cloudflare\r\nlast-modified: Wed, 20 Mar 2024 06:47:57 GMT\r\npriority: u=4,i=?0\r\netag: \"65fa869d-2c5\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kL2obMprKQdU9SxoY52Ve%2FsojXcd8ejMV13ywEqliCo20xslo2qlD5Y9oZonjYB8YWhEMbxKMC8k%2F3lfkhwqD23fwgVhy7pPCTIuoL6zw8U%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a1299e98a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":709,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"de66f669bcedc5446d9892f486f1f91a","sha1":"9f5aa1c5ac79ebe2cade83cb817720336977f2cb","sha256":"b0e717b39598cae9c92b66a4fb9925a4a48c0e203d296a375b4f6487a448e760","sha512":"ed6a847e7b222a8634f18b8380a10f4aec3c26d7b58709898afae63ec2e71353583e195455cf8484fcde58a7dbf7787e31ad9499411185928183c0b4e9edef86","ssdeep":"","tlshash":"e40144e3f327a57ae9d16e1b673a101094c25f886664037c6941ecdc475a41eb194a4f","first_seen":"2025-08-03T23:39:18.222552Z","last_seen":"2026-04-13T20:12:52.457517Z","times_seen":17,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/css/swiper.min.css","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/css/swiper.min.css HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:52:20 GMT\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"5f97b594-4d42\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nHgmXJzzKf2YVFptVheskJgc5xNPX4zbrcOfuwG5iD6LkOIahi7OauTnBw%2Bqco06oMgkxoX8tcpA0EeCxp2GSt3EzCHhE6%2Bai%2B3840zkE1g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11af098a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19778,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19512)","md5":"9097e7972b059ecae0f5bb78a0186f71","sha1":"87312e89335aee051f552ba29644ae9b1f8cc0c1","sha256":"5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541","sha512":"34ad5af9fc158079d6939ee5882715778fc29bd99e4a6618635df462a4377c4383ee0c37190dfa509f8265655fa4cfc2b44d3c624a488383011b3c0d1b63f749","ssdeep":"192:cpaNf/lSSyJWCh8zfi5o/mXDN3eBxwdJ5c:cpa1/lS0Cifi5o/mXOGJ5c","tlshash":"6192622c17003057e6334f1a87d99778c724c9939e4358ef6250ee48c7bb96a32af766","first_seen":"2023-04-05T07:33:55Z","last_seen":"2026-06-13T16:39:51.76038Z","times_seen":6899,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/bootstrap.min.css","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lib/bootstrap.min.css HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:12 GMT\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"5f97b5c8-21a44\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TZXIh6zmS0bwa8xJ7ue2y%2Bi65I%2FEnTBODyTYt5ZZfsQBIeJocwJdiRmLJoBoTYOEtLLdyuoIJMN%2FL4mJE7U6MfP8VCvhgksG2U9IEHRsbdA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11af178a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":137796,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (375)","md5":"c24b732c9e3838a4ccfb3bd7b0c6838d","sha1":"e952046ff6e8c721d6776afe4c28911a325eb5ae","sha256":"eb7db883b300ad7db015a3aae93af86bd323d0eba73386648515141897a5c256","sha512":"9ca72070f97e45091aa8b7d7de6f5f3c668f5566d5fa02d2e4378d46387cd92e4c6b8da8ddc019aa927acdf6f68aef6a49c6974931aeafb8582081222c9e6b7c","ssdeep":"1536:sSF0fndpJUBapjaPAW5A8dvzOKQoTzDSyoUsS73vABO:sNndpfVUJbOozOxUsSd","tlshash":"0ed3a5d0b6b03544322bd19838d1de92771a91c2d81fce76f7e6349c8b496e90673f8a","first_seen":"2023-06-11T17:08:27Z","last_seen":"2026-04-26T21:50:15.576942Z","times_seen":32,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/node_modules/swiper/swiper-bundle.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/node_modules/swiper/swiper-bundle.min.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nage: 72\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p%2Flo7aVhHvT4xwXwEHQzjHQaZAwUuX1vvtUZrgyi9TNNx21pnYd8ZeEiKGwHghabBMWXsza%2Bag58C3qVMG3AeuLh6fdj9GFMyuE8CCeqq%2B8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9de55a11cf6f8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":138,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7389d931c86b3d7bb6b8af46d8c4172b","sha1":"8d2a4760aa0b47984d11cd1a66448719177fb791","sha256":"301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f","sha512":"dd6d1511e4fcd5bc09d821ffe091fb5946ac9654c48664aed504e479e9ac20c1cad44b6df90f42190d47e28f5f96bfb09d24056df6b950243d68ee8100a9a889","ssdeep":"","tlshash":"d9c09b5d755366449913155167c33641d196837f689a84510941c593f0cf69ac4c73a9","first_seen":"2023-03-13T12:56:15Z","last_seen":"2026-06-13T17:10:04.692368Z","times_seen":280153,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/kor.jpg","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/kor.jpg HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:52:56 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"5f97b5b8-1a26\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z0nyV3%2B5NE74XSnCrRhCKRc4faWFhWF0gYettvokKe3iNdXAA3UztpeDCwibiNgiYhUYiNh6SzrsG%2BmcucXp%2FyKZyRlik7wZNDsS6O6tU9Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11cf8d8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6694,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3","md5":"d79ed8d6f7950456860d835c301135f2","sha1":"8da7786e5f97a1888e31982ee92cb1ae1bb83f55","sha256":"15602c09f1ccd0153a7e00c00c24e9d593f26e8ee7fc7d0287461b93e5148e6b","sha512":"d189e9fdbcfd424d645bfc267698794fa8be27241ec2d97b74a2b2a2b8879bf4150757a66a5f846f456657ef9818f09ce0f7c3ee4c0d8ef80d077398b48e2641","ssdeep":"96:ghtDA/fRodG6D77wEVi9rDfIlBS8sQPeTxpbR8MEQTnbSraDqTorD5Fkkqi2Q6sf:mtDA0oB4lIThdAcTnaagqD5VNxT5GqBz","tlshash":"87d17d267943ea06cf544e6b60ca77d191831614a6c057768f06c0baf84adf148d7ff8","first_seen":"2025-03-18T22:04:01.095487Z","last_seen":"2026-04-13T20:12:52.430326Z","times_seen":21,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/api/news/list","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"POST /api/news/list HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 7\r\nOrigin: https://ini.zkzrjytn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":7,"data":"c_id=28"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nset-cookie: __0ed372dd060958b07dc3c9eaf185973a=1773848594\n__0ed372dd060958b07dc3c9eaf185973a=1773848594\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\nababccd_session=eyJpdiI6Ik1oK2M1anRsemtkUFwvT25PbUN0MitnPT0iLCJ2YWx1ZSI6ImdWZTdoSUlaclBTWGI4KzhUaE56WVc1VWJja1FuTmJjSE1HNVVWZUcyODdTNGc4emlOcnJNOVlTYXVPZjdtVHoiLCJtYWMiOiI0YmViMzVhMDY0ZDFlMDk4MjkwMjY4ZjNiODI4MWU4ODFiMjJkYzI1OTZiNTAwNjQ4ZjcyNjI4ZDlhZmQ0YmVkIn0%3D; expires=Wed, 18-Mar-2026 17:43:15 GMT; Max-Age=7200; path=/; httponly\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with,Origin,Authorization,User-Agent,Referer,Accept\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DuSXqW9HqEMY45pthomQ68Bg5mWtKC7loIMzF1hO11Hasr%2F8pRVJP4yM7cZlKLYErNlsI8U0xwnk0PmxpxIlxuntZ3SlKbLTXFh6uunPB7k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a12eaa78a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":883,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"fcf82f2680abc9d0cc7ffb4260f0c23a","sha1":"8436e50926a29750d87113946f5585559e97aea0","sha256":"7d7215c52ece5a877aebc358e597cd643db89488cc0eff03bdd067c43e99e5e0","sha512":"dab9c4ff3d665233e5db1f6ce46d36d4ff6a25a6287e3a8aaffaa2a188ada693ab5706940a3a819c69c6ad6fd93ccf4406a34046fa3b1213b7da88001f4a44e6","ssdeep":"","tlshash":"6311597630d565fba18801e0388f7b08ce9b61578144d79616fccd5085182ab552a173","first_seen":"2025-08-03T23:39:18.260385Z","last_seen":"2026-04-27T08:20:19.447896Z","times_seen":18,"resource_available":false,"data":null}},"time_used":1441,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1441,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lang/text-en.json","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lang/text-en.json HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Thu, 05 Mar 2026 07:41:09 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69a93395-4c7b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c1zhb0ilVnOAeJIM1p%2Bun%2FpJ5MoVuCiagRI6cnqzWC%2FocJs26kXPuVmNzPTsfO0he7Amdm5xtRA5cHylqa%2FKtbwEKnIPGZMK3%2F5EKTdoeG8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a12eabc8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19579,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6b2410435c4bbe1e810ba75f4c43f8ac","sha1":"b75b3b897de9e57bc51a69e321c2540e5e8b1847","sha256":"7627caae3ed1583c92aef751049d3a713eae1e7dfd9ea955717b680207c9cca5","sha512":"1df7336295bee480290f96a700bba963854c023d5e9d32300cb75022699b8194545ad150040d073ed9ddf3307a9b61492b456541c64737febf0f26ea5ff042ce","ssdeep":"384:zrp1vSFgOE+mSKI6gfpjGHs+rCI+ymEFgUcnGuJp7OjVrTfoMk4nT8:zrp1KFgOE+mSKifpjGCymEFgDurkeI","tlshash":"4592732de6040e730ae5868530eb0a67667452834f553c1d3bd8858c1faf9bf90fb5ae","first_seen":"2026-03-06T13:13:19.9229Z","last_seen":"2026-04-13T20:12:52.438786Z","times_seen":11,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lang/text-en.json","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lang/text-en.json HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Thu, 05 Mar 2026 07:41:09 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69a93395-4c7b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PrqISnYvM8Qk4DwNc1hjYBMGjyNn72mdfhbM1vB72qgTbx%2BV6v%2FlWPavq6ZgYEa9%2BPiBRhc1A7pg2WRroK2MkinYso8QVkfnJFCkxTvD6X8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a159b0c8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19579,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6b2410435c4bbe1e810ba75f4c43f8ac","sha1":"b75b3b897de9e57bc51a69e321c2540e5e8b1847","sha256":"7627caae3ed1583c92aef751049d3a713eae1e7dfd9ea955717b680207c9cca5","sha512":"1df7336295bee480290f96a700bba963854c023d5e9d32300cb75022699b8194545ad150040d073ed9ddf3307a9b61492b456541c64737febf0f26ea5ff042ce","ssdeep":"384:zrp1vSFgOE+mSKI6gfpjGHs+rCI+ymEFgUcnGuJp7OjVrTfoMk4nT8:zrp1KFgOE+mSKifpjGCymEFgDurkeI","tlshash":"4592732de6040e730ae5868530eb0a67667452834f553c1d3bd8858c1faf9bf90fb5ae","first_seen":"2026-03-06T13:13:19.9229Z","last_seen":"2026-04-13T20:12:52.438786Z","times_seen":11,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/digitalicon_new.png","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/digitalicon_new.png HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 08 May 2024 09:25:53 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"663b4521-2aa1\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FKta0EbSUI%2BnE7m06NWpo9Hm9TC3Z%2BdfeB27SpmyDZC005QoPDaQ2jJd7IYQqav68sjrb96Pfoa8pW1cDyY40pTzWNVGI9daWIeKg52sv9I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11dfb58a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10913,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"261cef6794df925201ade87cd7a9b503","sha1":"19b3f46cd4e7100222e3ef988c98d5e981cfcc34","sha256":"950034f5733da8361a7abca6941a64e111bba18ed90705e045c1331b7669fda2","sha512":"3de03d31a9ac79fc801beb07fe3ab94749f4d5fbf5fb80c0c2f2ee81cd1aebfc238fbe1a02437e65113eacc6733e57aff8b9e55ba6f4e81109a324e322d6fc10","ssdeep":"192:ZPb4x1pfjVesmrRH8+vT4EyF49ClPPjYiSGTdkYE7rf2+OkTWK8HfA26emnxTMLd:q9fpesmr180/Q49CRYiSGRkYETXuHoeB","tlshash":"4d32c0f853873b95e089f56d4a1b2202d8403d854598bb4c11ebfcb369ef98f53bb601","first_seen":"2025-08-03T23:39:18.142408Z","last_seen":"2026-04-13T20:12:52.423104Z","times_seen":17,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/fonts/iconfont.css","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/fonts/iconfont.css HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:52:50 GMT\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"5f97b5b2-17d2\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q5J%2F%2BID8ZACzOX5rbm2bI0yq02GT9xqWYrpTyRdNW7%2F0SlVYg%2F%2B2qrNs%2BXq14E5DZqaCJSZLPRVRxfcYw7Q5HT4JIJc7SCL2TIE1XipzrTA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11bf338a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6098,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4633)","md5":"c8126fe57505d59e6ac9e1edffb53ba6","sha1":"de9d19f8db7b599bb984b2f4d373faae3013319a","sha256":"416cb417c0a4e9352710b5410c57eeb7fbdcd66bed7936f870d1ba99f4c76d8d","sha512":"662ce5f15dfe5904fe7b808f03d01dd0bfd36b961d88b81c29e802cad1699595824f2c40bc0ae6dca022dd7bd4d71813986afd762771429a2ecebf00d065ca2d","ssdeep":"96:+jLn7rOfXzBNaFYxu86y1WkiJ6agviHeSrLkNKa13bY2Xn9LJJqULXOGFerGOVVV:+jD7S/z6Wf6VkiJzgviHeSPCM2X3JqU2","tlshash":"a7c14cf044bd1c744388f891b352ae24af24618a8ea74c6ff723bc4c6af3245128679c","first_seen":"2023-08-31T09:09:58Z","last_seen":"2026-04-26T21:50:15.55938Z","times_seen":30,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/bootstrap.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lib/bootstrap.min.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:12 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"5f97b5c8-9004\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4KNHO%2FztJCNXIvnY0jr4t3Ywyr0IKXsLWuBgx%2Bur2%2BsXDaKmxv31vOiW8NmVKx1GrDLYfgVMpTI4ovEbXU6v1uvuL41W01rekNlnA6c6lXM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11dfc48a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36868,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32003)","md5":"c5b5b2fa19bd66ff23211d9f844e0131","sha1":"791aa054a026bddc0de92bad6cf7a1c6e73713d5","sha256":"2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a","sha512":"d9ef2aab411371f5912381c9073422037528c8593ab5b3721bea926880592f25bd5dfdec5991cdfe5c5ef5f4e1d54e390e93dfd3bca3f782ac5071d67b8624d4","ssdeep":"768:4UfYD27UwlNHMl9lqNuCPNjhqg8epm5CCJFXflA8Gf3ZTbQ:z/76whqKGvlm3ZXQ","tlshash":"47f29606b23031a147efb1e1525b020a7239696ee906907c78b9daf53db9c48717bf3d","first_seen":"2023-03-07T01:02:25Z","last_seen":"2026-06-13T16:03:30.962367Z","times_seen":20278,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/jquery.bootstrap.newsbox.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lib/jquery.bootstrap.newsbox.min.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:12 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"5f97b5c8-1495\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F77SQCqxUaiSVn3i3TpeGf%2FdDusTgE9GKs3C8iUyC9XwBWlhl7dfR6eGDHbLLTTTYj1xs4ms0lPnnuCDEbiUvlIsfhzzQggfcBArev3u30M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11dfcc8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5269,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5056)","md5":"72ad762a5dd8f6fd19b020b912ff56d6","sha1":"01a2963da354661f81062aedf8383d3d790f31e4","sha256":"26e80fcff8951804661310d9fb3fff76bde48341effc12762bfb9c60de7cbb62","sha512":"374a41b3b0098226b76120c62dbdc615d4b36f3b12dff15a1ad09edd9a966a14574d74ef883e582cd8080769933d2086145e27b3d13abf1be9d3fc1eb9c5c46c","ssdeep":"96:lqSDJUI5c1gUbNdN8vsMNTO37qENV/iViu9ax36gxIZGv:l7DJUI5qz+vsMcmeV/iViMDPK","tlshash":"82b10d19b3502a61d1a770e74c1fc80db976666665031720fb6dc6b2bc3082c6b7bebc","first_seen":"2023-03-08T01:35:32Z","last_seen":"2026-04-26T21:50:15.607057Z","times_seen":68,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcimg.net/img/shadow-grey.png","fqdn":"cdn.dcimg.net","domain":"dcimg.net","tld":"net"},"ip":{"addr":"43.134.73.94","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fortunx-h.com/","date":"2026-03-18T15:43:16.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcimg.net","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 12 Aug 2025 03:53:46 GMT","end":"Fri, 11 Sep 2026 03:53:45 GMT"},"fingerprint":{"sha1":"59:22:37:6F:C0:60:41:69:3B:75:92:CC:39:FF:78:E2:DA:0C:41:24","sha256":"52:2D:FE:EF:2F:19:40:C1:55:4F:33:A2:B9:D0:99:DC:0D:84:5F:89:A6:6E:35:A0:80:53:B2:DC:1A:3E:A1:C8"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcimg.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortunx-h.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 15:43:18 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Wed, 18 Mar 2026 17:43:18 GMT\r\ncache-control: max-age=7200\r\nset-cookie: __uni__uid=rBYUBGm6yBarf072AwnfAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcimg.net; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-13T15:20:27.124062Z","times_seen":16330,"resource_available":false,"data":null}},"time_used":3437,"timings":{"blocked":1587,"dns":0,"connect":1268,"send":0,"wait":262,"receive":2,"ssl":314},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/mine/pinglike.png","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/mine/pinglike.png HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/css/footer.css?v=5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 20 Mar 2024 06:47:58 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"65fa869e-403\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vK0WkpGSPtnfMQ66umpyGjQDnSX7hae7gNdJgL2Ej%2Fd8XybbqHRkY2cKzPTI%2BqtAoYNWj5tLvv5gs8UTKuyOkM7IWa%2BVGdEVo13JBZF6mI0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a1299de8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1027,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"16be87b7f025fbd50106e3d1f69b531d","sha1":"f1f9dc04b5991e8c2fdcb2a9a1c46290d982d6d0","sha256":"a22d08d1d723cd76d80eafa85c3bfcc7cb819fdc20ff45bcc6a69d432b370e58","sha512":"74e95751f9d092ee7a8014bac0c42bf07393c5c5f2fb5273129d51ba2a70873648c45953b8f29908628581956d76d907c2a811fd6b7273bdf8df5d0a89860f96","ssdeep":"","tlshash":"19111c9f4d893f81cf3242bc38154003da3485095cbc3908842cdb515d2740fddaa947","first_seen":"2025-08-03T23:39:18.187227Z","last_seen":"2026-04-13T20:12:52.445001Z","times_seen":17,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/layer_mobile/theme/default/layer.css?v=3.1.1","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lib/layer_mobile/theme/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:12 GMT\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"5f97b5c8-381f\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 758\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ym1o0U79gCYtfi1jIvVL0W1uqbWomqQ07d7kjdypabBqEd0kwkYN1P5B8j3xmQdEo5cYk7jNsv%2FjZsNdLgXIa0BgwDkj7dIkcX1mU4pAuXc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a12ca458a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14367,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14367), with no line terminators","md5":"920d51f9e3c517575b9a2db97ea5d68e","sha1":"291e5d0f9c8fd30fe322e05af1ac360eca016f1e","sha256":"ab1dd29e87380902c07ffac525bfe2aaf6bafa495912aacb14e37b8960768355","sha512":"02058623775e36168ad1cb170a394525c84a164f563b9244760754b505ec6bd31b0817c1c162b133ece5375408416b02ab44600dd3d2f669275bc4172a7b1800","ssdeep":"96:mp+Ntha8qNEp+wRY1vUPXiK6nMLPD2OtLzXyPHL/LztJDzyv2OQ7KGx1jrd2/SWz:1WmLr2OtSrzzt42OQ7KGx1jvWR2b+RcU","tlshash":"fe5231e144811299b0278721d6dc7eba32f88d43e5630dbef257381f874c6dba2b6647","first_seen":"2023-05-09T04:33:15Z","last_seen":"2026-04-26T21:50:15.57312Z","times_seen":43,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/api/set/lang","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"POST /api/set/lang HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 7\r\nOrigin: https://ini.zkzrjytn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":7,"data":"lang=en"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nset-cookie: __0ed372dd060958b07dc3c9eaf185973a=1773848594\n__0ed372dd060958b07dc3c9eaf185973a=1773848594\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\nababccd_session=eyJpdiI6Ikx3a01xanJ2RHBhZ1hnMEhmb2pwdVE9PSIsInZhbHVlIjoiYWQyYnE1RUJvcEZQZHpnN0daeVUxeGFCc2Z2SEtVbEgyVk1MdkFWVENHcVVcL0tOZE9ReWhLTmtPOVFFalNBM3MiLCJtYWMiOiJmZTM2MTcyNjgwZjQ1MzlmZTMzNzc2NjgxZmVjZWQ1OGRjYWFiNzYzNDJiNjNjZDhjMDBlYmRhMjk0NzY1ZTM1In0%3D; expires=Wed, 18-Mar-2026 17:43:15 GMT; Max-Age=7200; path=/; httponly\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with,Origin,Authorization,User-Agent,Referer,Accept\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2YBB10AKBuOC21FzElhT8v7EXu3cLlIYEro3ImYfKJQwCU3POlL1lYsFSmGOzK0dcSECJ%2FoNwnQHev4GnlXAkZfUyGKYrlPBHj2K4XpqVwM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a12fad18a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8d911e4df0952bc061c65d9f9365b249","sha1":"02d2f9efd2f2ee6a1e95c721f8fa4f6c35a51bd4","sha256":"0e193a34dcb2ea79094c89f2b3b31ea0eda5d82da41d4abf83b4e45cf6ef9f4c","sha512":"11de0c2e0f3d4479577ae86331459ed3a6150fd989d58d5cf78cf06d9920fb08e2ff60f629947241a4b8594cb7457566745850f44d58043d9a87a4a6c64053de","ssdeep":"","tlshash":"eb8000000208ac3a2302030238882c00888e0082c0c22202a808aa28c30f8a0203232e","first_seen":"2023-05-23T12:42:48Z","last_seen":"2026-06-11T02:17:54.617327Z","times_seen":189,"resource_available":false,"data":null}},"time_used":1533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1533,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/node_modules/swiper/swiper-bundle.min.css","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/node_modules/swiper/swiper-bundle.min.css HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nage: 72\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JCiI4KieFtd5ZWRzBo0EfK6WvUTrdLd0fFd0IsQavbk5HFfxpdSM9LoiQvHtJziwmXiL6xGS6%2Fuj6hwYOrqdyICz%2F0geixx9wMMujN3P95U%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9de55a11bf5f8a33-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":138,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7389d931c86b3d7bb6b8af46d8c4172b","sha1":"8d2a4760aa0b47984d11cd1a66448719177fb791","sha256":"301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f","sha512":"dd6d1511e4fcd5bc09d821ffe091fb5946ac9654c48664aed504e479e9ac20c1cad44b6df90f42190d47e28f5f96bfb09d24056df6b950243d68ee8100a9a889","ssdeep":"","tlshash":"d9c09b5d755366449913155167c33641d196837f689a84510941c593f0cf69ac4c73a9","first_seen":"2023-03-13T12:56:15Z","last_seen":"2026-06-13T17:10:04.692368Z","times_seen":280153,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"167.82.5.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/jquery@3.2.1/dist/jquery.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 3.2.1\r\nx-jsd-version-type: version\r\netag: W/\"15283-EFUBjCirQQh++czv5BFgaJPavqI\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 1706707\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\nx-served-by: cache-fra-etou8220134-FRA, cache-osl6544-OSL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 31258\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86659,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32058)","md5":"c9f5aeeca3ad37bf2aa006139b935f0a","sha1":"1055018c28ab41087ef9ccefe411606893dabea2","sha256":"87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de","sha512":"dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58","ssdeep":"1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9","tlshash":"4483e6d9b2c67062977730b950bf410bb17a98dab44c8c60f158d9d47eb8a8d907bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-13T17:23:21.484528Z","times_seen":93849,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":72,"dns":64,"connect":1,"send":0,"wait":2,"receive":2,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/mine/home1.png","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/mine/home1.png HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/css/footer.css?v=5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 809\r\nserver: cloudflare\r\nlast-modified: Wed, 20 Mar 2024 06:47:31 GMT\r\npriority: u=4,i=?0\r\netag: \"65fa8683-329\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6wNbTu7uXDsdVz2xAiooeEDP4%2BXpFqPAxEkDMwZU%2F0Dy51NaPfJ5NzeN9vzu43eSL9zRR6aQ1TduELJARNgvgkFvXHYXBkfN3MZtnRb%2F4mI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a1299d98a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":809,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"f7d0de6dea714cc7c5cb16fe4c79059e","sha1":"9497e7c1c97cdd7f5df0e08a6a451b3f971f7a40","sha256":"37416b0a7f17daec7964eab4de6cfe70c50235e5b1210daa36ad79a860ae8a0d","sha512":"cba6137d8f32f02b45b66230b2825c34a155402f0eefc6a0d32ebd80642d7fe335329311b97c572bad34de9eb4d29fe57d658700668eb9170e6f0f3cfe443eba","ssdeep":"","tlshash":"9101cadd4d225ce5a3dbf835797f9003554135c81c27cd04e89cf2a7b94e9a6ad0163b","first_seen":"2025-08-03T23:39:18.274719Z","last_seen":"2026-04-13T20:12:52.456732Z","times_seen":17,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"ini.zkzrjytn.com/wss/?EIO=3\u0026transport=websocket","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:17.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /wss/?EIO=3\u0026transport=websocket HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://ini.zkzrjytn.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: UAS69qbCCHZjGRF5lh3ZIA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Wed, 18 Mar 2026 15:43:18 GMT\r\nContent-Length: 0\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Accept: ylBRqkNmwnTUk84+FYHgX9Xvi+0=\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=O2Ffz7XgIbqjyCas8o%2F7WRaV7zTQEhIfcSNHBRZmThT8xr9vi5W5H%2FaiddfgNcBq5rZWm%2BpwDJGE%2BGf4HfWoyvlwn%2FAUuE3BxF289uV%2Fx2M3SuhremQNLuRRHewHCoASpR86\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9de55a27faa5527d-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=8871\u0026min_rtt=8384\u0026rtt_var=3208\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2345\u0026recv_bytes=1190\u0026delivery_rate=274945\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=f6da5858b7e31895\u0026ts=434\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":532,"timings":{"blocked":0,"dns":38,"connect":46,"send":0,"wait":424,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/iSliders.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/javascripts/iSliders.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:10 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"5f97b5c6-e270\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mLZ4X899lpzH0dYmk6shvmP01uibwkUr8pgaAioUmyyh31ZR3mzsY7Qn%2FwcrjQkO0yU5Dzlt51DHrcDwBMsZwbci%2FsihNZQi4ZA%2FACzoUMU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11dfba8a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57968,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"393222b99f1ec73da7d6586438f4f12e","sha1":"ad9936119b1bf30c1cf46ce689dc5e9631ca3b0d","sha256":"bfa6f811691f851a6edbd687160a6a2014ba832531ec4174e2b96f06ab2f62d0","sha512":"b977c66ace6811278e3749178bf6ebe8893fb5e7ac11726488e500447d9201b3133f482cca955edeee54a289bc063a33de2ec188cf92761e092ca2273aa27db6","ssdeep":"768:zZQfJmsdL+Qkoz+C0Nzae5xLnrXTj1Ax0RxJ3S3iiyhgmdngx4xQ5KMi:zMJms5+yKC0NN/XTO0RxY3ViqyF","tlshash":"de432e4a2eea10168123b13e5f8f6a02e579921f560dd9887d6c57f48f85b3402bdff8","first_seen":"2023-06-11T17:08:27Z","last_seen":"2026-04-26T21:50:15.60218Z","times_seen":36,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/layer_mobile/layer.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lib/layer_mobile/layer.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:12 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"5f97b5c8-5664\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bOJl7Q6sOIRxuii8Hcxco9%2BOFcjiQM6w0y%2F9uZdSlRHfHJsn1ErxFB9gljjdiSrMdGZMIYbKOd7Yso4GHgPqsHfKhELh%2FAYsdHALStbFIJY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11efd78a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22116,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22020)","md5":"d0c975e34297f3e44e99c9d83555ffc1","sha1":"7e465bd79e65428cf07e5991196cff512ce44a4b","sha256":"691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82","sha512":"1d9dcd7e1afe695e5716ea55f9a5a3e3aa45852722b4e1a2653ebd3f3a85c8b7a34b15264751f5ee26ea56ee49c8683a00d771197d8b32d9ea53d842d6db3b79","ssdeep":"384:41xCih92A3igrLXSt/SdMrXqE6tGLxzAOTElH0jjhtjfs8:41EiV3i+WtXItqF13k8","tlshash":"56a2b66a754034976323906ad11fba0b31f21d24d7078128f22bb4ae1dbcd95a2b7f5f","first_seen":"2023-04-05T06:05:22Z","last_seen":"2026-06-13T09:34:04.056715Z","times_seen":5753,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/lib/jquery.localize.min.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/lib/jquery.localize.min.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:12 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"5f97b5c8-a18\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=59IwerCJD3IVYC%2B9VbQAc3zOm2gkxRxM7noZ2NZSMCp8aF4FG1IHe2glANvz6iv1xAF5vS5bMUGt8fghEcCLEUiP8aCqOTeOrCgQ%2FCUlpU8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11efe18a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2584,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2450)","md5":"49a2d7c216fb7eb25667265661da4765","sha1":"d9520c141f1ecb5dd4d69bb699f8564533fbf6ff","sha256":"d5972860c78478db7f2011f92090e9c282a075fa81f09a99d64a39ce6f384982","sha512":"2c23a17793de3350c2867e1867240be8e3b3cb32614317ea4838a75bfc8ec8b0ad8f1b65124c3ca55a66917e107c42c67d112dc39903c5d21379c6dc75e79157","ssdeep":"","tlshash":"d75153cd7483f0055761f8e26aff098bf1aeddda34480c99e182a5803a6565cb273f58","first_seen":"2023-03-08T08:29:06Z","last_seen":"2026-05-28T05:02:15.24008Z","times_seen":54,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/css/common.css","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/css/common.css HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 10 May 2024 09:12:04 GMT\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"663de4e4-21f3\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6d3Wa4QuKYwBPUEjtQpt02W3ogm%2F7bnRIdnaQ2TzFCRs2T7g31WtytSxcm9WPF0FTORxI1VeVydDHCoexgojyFBZV4CB%2B%2BXsLa%2Fb314Be4Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11bf378a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8691,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"e0f1fee9eaad98084b6eeddf3bcf054d","sha1":"8f8b42d5607cda09ee36f8c4532ae7b6c042bcb1","sha256":"1793769457e848ac2ea78f5cba972c47d1180533b9efbc0e1641f1e20b714dac","sha512":"94d7f729a797600c870554f3e5fdb019fd114f9bb1923e53f5b4e55f4677f8c19a442e77d216543a0e35f5528c2a0a21a25febfbf26085b7a1044b1893358107","ssdeep":"192:M9xiQqA9LLc687AKnHNnJxC1i0cYalZWv:c5LhcAKnHVJx2i0cYalZWv","tlshash":"b602a552e641301db027d4faa438f7a2632d5443c5471ffef2a6306ada8e09d06736cb","first_seen":"2025-08-03T23:39:18.277195Z","last_seen":"2026-04-13T20:12:52.428943Z","times_seen":17,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/css/footer.css?v=5","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/css/footer.css?v=5 HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 20 Mar 2024 07:26:10 GMT\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"65fa8f92-9a7\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jLokIGr%2F3EExyD4OKkWsuHAHlWQmgWL5el%2Btc5BMRZKe3QlqxoQpFnSO%2FwfkRYlBc5nG3O9ghSj5IfI8stv4sECHwYymjhqoTKElFV7arY4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11bf588a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2471,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"b4b41c731cdcf2b2bb35cc1b5e060311","sha1":"dbde42e9ccc242bb0008a47837bcd3f68ba61c81","sha256":"810f5eb7d26ec59c0c485ef9fa0323ff4174343b6e598371c5b97606dabb305c","sha512":"96066db6ee73c6ec567f1955526198ae18d640f622f57d871b222866fede2d12aeed31dfc7c7ee6bad704f4960b363a0cc6d9a7c0438424bb6170c342b823699","ssdeep":"","tlshash":"8951e212b69763c73502c87639297796b27c8693c20ad7ba7a7c31d5fd5f0e48033281","first_seen":"2025-08-03T23:39:18.183785Z","last_seen":"2026-04-13T20:12:52.449391Z","times_seen":18,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/socket.io.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/javascripts/socket.io.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:10 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"5f97b5c6-2a7e0\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iJ%2FXDfGEpATNRNZQXrXFUkIy6o3Hp6iexDPjvBU3KjlmRc0xyhbRgM2Bz3t183CNkegtKIVzOn6Y%2Fy6XptMjILGRhbeMjnhqKiLtQ3w2zaQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11e8048a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":174048,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (766)","md5":"c0bbb14cef9cf308f647b3a3bfb85ceb","sha1":"1c1afa989402efa7e0b932ffd5079db4f0137209","sha256":"437e7ab926c379bd8067e83eee263c3eed50028a4483ff2ea055fa4a59448592","sha512":"324334b0614d3313e06a5db882b42a087d98f7d7a1d7fceb545c0885dab6127fd99ea3550e3fa7dd660030ff08add96c2b32c1818ab77f6e09389a310375773b","ssdeep":"3072:sy12HUwUN3EmGn55OHd8U4MP9pAGogNfCHADliE3ZXgtjjnZw+Wd2x4ZXpNSryDG:sy12HUwUFEm4fO98U4MP9pAGoMd3uMNw","tlshash":"b904d6496bf23011467370798b9fa046b63dc017262ec989785d93e42fe447893baff9","first_seen":"2023-03-07T18:40:30Z","last_seen":"2026-05-28T18:22:57.647725Z","times_seen":125,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/images/mine/jokeke.png","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/images/mine/jokeke.png HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/css/footer.css?v=5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 20 Mar 2024 06:48:11 GMT\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"65fa86ab-57b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BZx8XWMfguZH243h193rZTo5B4OkwaOrnCDMxUBf4IBUz5XKCrF4E7gg%2BH948EsvX%2FU4WSkCgJh%2F0SxEhnhmI7eb087cIUnEsWE9ObKC4fY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a1299e38a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1403,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"bfdff3149404e07df577a900900c590d","sha1":"a1b0b5aa6b08ea8821e4c2594382858373960681","sha256":"f4275379a3ae3d197ff5ada1f9f7295a4b76d8e4aab120371cd931064cf12bb2","sha512":"5b06592eed77d3f37f0ef61ab975176bb3d817d6fca137b799c08e9c5a4649089412bd3b8379d1357d63f00641a1a5a522dac274780d9f265079047aa5f781ab","ssdeep":"","tlshash":"72213b53eb4395b3c48982d0987839e3a9243f7c2411c3c80605a4e3df0c66c3c4c35e","first_seen":"2025-08-03T23:39:18.162729Z","last_seen":"2026-04-13T20:12:52.434914Z","times_seen":17,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/api/news/list","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"POST /api/news/list HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 6\r\nOrigin: https://ini.zkzrjytn.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":6,"data":"c_id=4"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nset-cookie: __0ed372dd060958b07dc3c9eaf185973a=1773848594\n__0ed372dd060958b07dc3c9eaf185973a=1773848594\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\nababccd_session=eyJpdiI6IjlvWmYwOThMM1ErWnY4K0swcTJDaUE9PSIsInZhbHVlIjoiZHVndWgrZEVBRFVWd0l2QjN2aTlGSTFiVzFoTm1Ka2JaclVcL3VkY21hMUd5K1hEaFp2SnVVMmZheXljTnRHVDEiLCJtYWMiOiI0NmY3MmNmZGU4ZjNiOTFlZjRiNTM1MTVlMjg4MmFlZWU1YjI4MjA1ZTc4ZTkzYjZmOTRhZWM2OWZmNjE2NDNlIn0%3D; expires=Wed, 18-Mar-2026 17:43:15 GMT; Max-Age=7200; path=/; httponly\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with,Origin,Authorization,User-Agent,Referer,Accept\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MLjy2%2ByMvF5qsQjoF6HNHPvv6Ao%2BatCQVUeQn4fVtbgyFSCoZjmLxyIrdbQpQFouCRAtQHTfNQt2GFgJ34ejwM3aHd%2F5VYEoPrhmQMhptbA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a12da948a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"aeb65a80c1fcb5e6e9f7d2357db19f6b","sha1":"d1df3caa186dd55d278365f5d0d2d319b1d7e240","sha256":"3bb113c92ff96fcb9bbc456bbd44e794be049497aed4d0f7036ee7fe30b6ed55","sha512":"3ca0db76772a6e69a7cb5b7bc4639f3193fd42288139cb192b9422124b79bab2fdf8c96f9758b5e637e034f51b8871a52aa687651f9bf2202ace042fdbb27840","ssdeep":"","tlshash":"26a0222200000cba030a2223300a20028c8c00808f0383000280000cc38c08c082222b","first_seen":"2023-04-13T23:29:03Z","last_seen":"2026-06-10T15:07:33.983838Z","times_seen":157,"resource_available":false,"data":null}},"time_used":1239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1238,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/api/currency/order_info","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /api/currency/order_info HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: 0\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nset-cookie: __0ed372dd060958b07dc3c9eaf185973a=1773848594\n__0ed372dd060958b07dc3c9eaf185973a=1773848594\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\n__0ed372dd060958b07dc3c9eaf185973a=1773848595\nababccd_session=eyJpdiI6Ijk4d1U0YTdkYUJuc2hETnN2am8xWEE9PSIsInZhbHVlIjoiUEZscXBTSGp0U01xYjFNbWJvanFUNE0wcytkWnhLXC9tQ1NhSTFicTFXM1Joazl1M3VmTDVkYWNiUzF6bjh4bmUiLCJtYWMiOiIyZTc2NmExNTI2MjI3MmNmZmExNzU1OTc5YTg2NGZiMmFiY2JlMTMwOTYyYzZkN2E0MzU0ODI3MzI5MzQ5NGNjIn0%3D; expires=Wed, 18-Mar-2026 17:43:15 GMT; Max-Age=7200; path=/; httponly\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with,Origin,Authorization,User-Agent,Referer,Accept\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W04ahkMR%2FH6xGrasKUWpXYmG2ix0GfrvnAlzhOjHk215S2rxUa4yd63WUcuJGqJWCqBe6C4QIBABSsoGZECXdmUtsCwotVzOg%2F5MIpte5gs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a130af58a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d1efbbb93bf6803e0430046a02190e6","sha1":"4adda235eb50321b9c27036fdbd63e6f6fd24a14","sha256":"dd3407fe52da9be03003f5d4d82604d15e1fce8b012ea2c5db4830cb94a86a1a","sha512":"ac982e74169ba7085d84260d3cab66c4a18c42126060cf205f7aa5de9621f8514781bffcb7202a5cc03005e0d3d10d7432d5ef3692da0e3c0b4d74aadaa7e32b","ssdeep":"","tlshash":"fb8000080288ac2803020202b8882800828a0082c0a222220808882a830e8a0283232e","first_seen":"2025-04-18T14:40:57.337157Z","last_seen":"2026-04-18T14:47:45.392104Z","times_seen":69,"resource_available":false,"data":null}},"time_used":1422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1422,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://fortunx-h.com/","date":"2026-03-18T15:43:13.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/ HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fortunx-h.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Thu, 05 Mar 2026 08:21:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zy0OcgDlOenhZG4aksLFgde8J5lyNt8%2Fx%2FifmTON0JmCcAUCYwPwy2T9NB8UUu99pVvIwuIlzW4MEe4tsYkSCjZUJxV30l19yk0O080pqmE%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9de55a0e9fcafb58-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:2.1.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":37874,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"eeb31ed5111e34d50cf28ee13874c06f","sha1":"63131745319c45523afe2cce9c320b47a75d4061","sha256":"04d45b79143815bd126f31bff53dbccc5bec21881fc12e564b5267d35a0d82a0","sha512":"9f99d8a83a7d2ae158f38c2a84fb1dfbffc1e63b6450768228f716061571f98c09202a09dafc140b4411096e55c6590537ead54173bf6e6f1598d41314300b3e","ssdeep":"384:m6Imc6AkuMhb6Mot4I2ERNKnPCFlp8eOpppC90deZDzR90YR90gR90crJv:miAkuwbZxI4CpPyHCvP0K0S0i","tlshash":"2803b71094a61c376417529556e7b75ab8b68803e10edfe872be0e81ffc2f1879336c6","first_seen":"2026-03-06T13:13:20.021594Z","last_seen":"2026-04-13T20:12:52.452224Z","times_seen":12,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":29,"dns":1,"connect":8,"send":0,"wait":412,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/islider_desktop.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/javascripts/islider_desktop.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 27 Oct 2020 05:53:10 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"5f97b5c6-597\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jANipaHXt4J9V9ivfXqf%2FGij2Y122gh%2BV5rY%2Bi%2FvT7YDvkjz901PxT3jnZGJz59pXZ%2FHU6l2IS%2F3zCiivoyTiTs5y%2BxTM78RW6B2IHqu4DI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11dfc08a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1431,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (424)","md5":"b8a7452c569707d96850a46e48588deb","sha1":"ae597bf86bf29d7522297cb4624142ff13dc90bc","sha256":"1b39f8f03aaf1f5f78fffab0d36a295f8034e73f3427d9a27d8b93560d6dd1f4","sha512":"9236237ff0140d2b49a809df98c8a1d964b4591318eda34ea35d15a1de7447af42dc96fb8c588416a7ddeb8ffdcbfe48608523d4c609381779e1eea037847577","ssdeep":"","tlshash":"ca21f112637098db9047d33d94deea17bb310366484fca134dbacc507c2087609b7e9c","first_seen":"2023-03-07T18:08:54Z","last_seen":"2026-04-26T21:50:15.624104Z","times_seen":35,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ini.zkzrjytn.com/mobile/javascripts/jquery.cookie.js","fqdn":"ini.zkzrjytn.com","domain":"zkzrjytn.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ini.zkzrjytn.com/mobile/","date":"2026-03-18T15:43:14.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zkzrjytn.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 03:15:12 GMT","end":"Wed, 03 Jun 2026 03:15:11 GMT"},"fingerprint":{"sha1":"22:51:53:86:3C:AC:7B:08:F5:ED:E0:6D:8D:CB:AA:52:AA:3C:B0:52","sha256":"EA:FD:B7:0E:E4:71:2D:59:BD:F7:9C:E8:1B:D9:A4:6F:E0:AB:04:09:3F:54:AB:E7:86:F3:DA:85:AC:CA:7B:A4"}}},"request":{"raw":"GET /mobile/javascripts/jquery.cookie.js HTTP/1.1\r\nHost: ini.zkzrjytn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ini.zkzrjytn.com/mobile/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 15:43:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 08 Nov 2021 16:19:55 GMT\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"61894e2b-f8b\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 759\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LoR27sc4nqi%2BNZGPaqpgURyBD2cZyvj5qit6%2BAWYJdN3FTNJzp01vgfcBNUJWcJxHjLdzeu6E6VA%2BlKimK9qhETkLTeG1fzbYEOAdV7eJ7E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de55a11dfd18a33-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3979,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"0621c2b4f6f909d7a1747b9ce574780e","sha1":"a776f9b0c90225e9eaf4aa5445f497bf4d2f4d8c","sha256":"9d790c3575cee72f1d57f4520cb21d37257c0a888b1afcecc9a01bb41ea04c63","sha512":"323421cefcf2bf7a6cabb3b71da04b5f15c388683b6120e4a8a3d045620013bbfb3583084620996fb1019148378e2b77897dfd337d3718f82eaacb7bd2ad9609","ssdeep":"","tlshash":"6c817554bedc710e066b31525a7f50a8b63cba331114848cbc4d99a82f70c7acb6fd6e","first_seen":"2025-05-31T14:13:59.582381Z","last_seen":"2026-04-18T14:47:45.372511Z","times_seen":22,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"ini.zkzrjytn.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}