{"report_id":"f1420749-8bc9-4c04-80cf-f1c3f54a2183","version":6,"status":"done","tags":["phishing","rockstar","aitm"],"date":"2025-10-06T21:27:07Z","url":{"schema":"http","addr":"mycutebabyshopbd.com/hdghnc/cefdf18ca35a696a0e529b8e92a78bad/bWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"mycutebabyshopbd.com","domain":"mycutebabyshopbd.com","tld":"com"},"ip":{"addr":"103.213.38.36","port":0,"asn":150142,"as":"Wolast Technologies","country":"Bangladesh","country_code":"BD"},"final":{"url":{"schema":"https","addr":"beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"title":"Enter Main Area"},"submit":{"url":{"schema":"http","addr":"mycutebabyshopbd.com/hdghnc/cefdf18ca35a696a0e529b8e92a78bad/bWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"mycutebabyshopbd.com","domain":"mycutebabyshopbd.com","tld":"com"},"ip":{"addr":"103.213.38.36","port":0,"asn":150142,"as":"Wolast Technologies","country":"Bangladesh","country_code":"BD"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-10T21:27:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"beta.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"aurevoe.life","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]},"summary":[{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":11393,"first_seen":"2021-10-20T05:02:03Z","last_seen":"2025-10-05T22:14:16.315625Z","alert_count":0,"request_count":10,"received_data":580912,"sent_data":7160,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"aurevoe.life","ip":{"addr":"172.67.154.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-09-16T07:58:33.860518Z","last_seen":"2025-10-06T15:29:34.486132Z","alert_count":3,"request_count":2,"received_data":210741,"sent_data":1016,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"nexoizaki.vip","ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-23","domain_rank":0,"first_seen":"2025-10-06T15:29:31.912792Z","last_seen":"2025-10-06T15:29:31.912792Z","alert_count":2,"request_count":1,"received_data":716,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-10-05T22:15:40.094389Z","alert_count":0,"request_count":1,"received_data":88690,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"mycutebabyshopbd.com","ip":{"addr":"103.213.38.36","port":443,"asn":150142,"as":"Wolast Technologies","country":"Bangladesh","country_code":"BD"},"domain_registered":"2024-02-17","domain_rank":0,"first_seen":"2025-09-22T23:58:25.029317Z","last_seen":"2025-10-06T18:01:11.63486Z","alert_count":0,"request_count":1,"received_data":469,"sent_data":557,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.1.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"beta.nexoizaki.vip","ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-23","domain_rank":0,"first_seen":"2025-10-06T19:42:20.692422Z","last_seen":"2025-10-06T19:42:20.692422Z","alert_count":14,"request_count":7,"received_data":13152,"sent_data":5161,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b5585ff13b968ab7241a36a222c66325","sha1":"939ef0042feaff19aa55827e27168b0d050fd47c","sha256":"6bf0e613cc287e675e88c8f134b0425ff3c277e593eca97eb706897f66001dc9","sha512":"75c05e2807bb06d4df3a98c380febe0b9ad88edded2ddcacf4a459dfae6e7577b5047c901ed36c247e008117bfa42e4079a180fd33d58cbc3c396a026ed74745","ssdeep":"","tlshash":"02711bc98b0da67963ef32b8a519739c38a060e2518164d1ddd5880b7d6ee9d413c54f","size":3571,"data":"","first_seen":"2025-10-06T21:27:11.185271Z","last_seen":"2025-10-06T21:27:11.185271Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"bce012e16d564982328cbe10717c14ca","sha1":"2ec3f06c30b5007c6105b785aa5933fe1d79478e","sha256":"7f658c3fe3936fb9996a1d67ea7f86373e97260a0b43872afee1367167154f5e","sha512":"d5703cf54bb9bd755e626263e14fbc0adfb7f6aea1b2eeb13a18d097c727cc6e341726c5894e396481c15c61ed7bd75f60d37a43d1a9e685fe1c0744c8cabfdc","ssdeep":"","tlshash":"7021cbdebf5871f0270291f9596f1309aeb3fc961821a5098928c6c03c76e14562ffb8","size":1176,"data":"","first_seen":"2025-10-06T21:21:40.431438Z","last_seen":"2025-10-06T22:39:14.243627Z","times_seen":154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f12baef72b2bedacab84c3a7f34d5661","sha1":"3fd71a5247f2f0704b8122c6a799a7a779d159c7","sha256":"2e79881002624778590207f6c34090ccf4508f24abe8cfc197b7409189b31a27","sha512":"4c9d339ee639d12038328548ed8acc967f9cff0a5eab063c2fc6604b78d7db1c7a468f8c8a8f699e685d8d4f62eae11959b9a4645a8665fafa3fa526d5be7e5c","ssdeep":"3:N/BKL1XEcM:eL1Uz","tlshash":"575504d0554030f01410d400d750543f5405044010550547705d04d41f30500001054d","size":1337359,"data":"","first_seen":"2025-10-06T21:27:11.187039Z","last_seen":"2025-10-06T21:27:11.187039Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"22df3c1d6f66bff17c697101f6f71eb0","sha1":"bb23914f48a927d2cb192878bb76db3c5a167f47","sha256":"ad4131113a359623e0758d5a58d652b429d44693614475b57d7b968ef72bb7a2","sha512":"19e8f5119bf8a08bff1fc1e0a387773fd7ad659e819ec7fa39fbffe65049e831df3f85824f478dc3d6f9452710a5e52361c8e765903d84debe9da291ce725549","ssdeep":"3:N/BKL1XEcI:eL1Uf","tlshash":"865500c0abc038b02c23e800e3a0a82ea80e0880202a0883b0ae88e82f302000020a8e","size":1337359,"data":"","first_seen":"2025-10-06T21:27:11.188328Z","last_seen":"2025-10-06T21:27:11.188328Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"1b8803df9ce99d9e25d027bb97d3cac3","sha1":"19cb76e8f04ae3b483b3e5686cb59b77236ca212","sha256":"00057272648d154bd9383a63c46d6951a225061b22b65c4ea1a479683e811a32","sha512":"082625fa1fb36ab88e96ac2e65768240cfde7156f7114a294cc2ddc8e555824ce4aca46fe00b10800070c7274f2cb3f7e48805b85d37c835239efc367d38529c","ssdeep":"3:N/BKL1XEcD:eL1UA","tlshash":"f35504c0d5c070f05414d400d150541d5405050010150453717d04d41f30151001454d","size":1337359,"data":"","first_seen":"2025-10-06T21:27:11.189296Z","last_seen":"2025-10-06T21:27:11.189296Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ca897fb253cc8807c5aafc947eb02fb6","sha1":"25137d68712ada7d3ad424c80bc0d688a696f7bb","sha256":"57f9c536daa79c4d770534dbafbe2e7b2b2aa48b9eb2617b4e670b8a78a4a4ce","sha512":"187200763128b83b777932b28834f8a21adf5824c5b9f8635249168aaefcc2451885b26da07411ccd56a52146f9b8cc2524647ebf2df4c1474f80d219d893f64","ssdeep":"","tlshash":"d96000030c00cc300033000c0003003f30f00c3003cc300c033003f003c030c0000030","size":16,"data":"","first_seen":"2024-12-12T23:50:40.144885Z","last_seen":"2026-04-04T23:45:02.308509Z","times_seen":246217,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-04T23:40:41.807057Z","times_seen":136421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"389364ebf2d947047c3676165c8944e6","sha1":"29f0953330f79bf4f8e0a9626012550444dc76eb","sha256":"a78f3486b44ea4bac28cc04fb859391fc7d4a2896efb1d870d5c7249c98c76e0","sha512":"a86e01188bd51242c612b4c62e3f6078ad04078c9b047082a37b1ff8c9932dde430a73d0f488abfc2ec062fefa3ac92e892bcc12a99ba891ba36920aa268b65d","ssdeep":"768:b3WpgUNy0rvhH2ykDbaTHbK2vgNnFZgL1Lub1myZMlZpeHh2G4geQg:7W1RprTRvaUJuhZS0Hh2G4RD","tlshash":"80335d2e4700e56d8c2a3e7e4d5257da532dce88ef0a9525d20788e86215f3c3bdb5bc","size":54084,"data":"","first_seen":"2025-10-06T21:27:11.190924Z","last_seen":"2025-10-06T21:27:11.190924Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"beta.nexoizaki.vip/UbDcMUlbA/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d27eff7463bb8a720b9e942b066c5168","sha1":"dbd37eec58122a82bc99107c722a4d092eebe975","sha256":"edbb5a74c077f9ce29847f6e30e354d336a65b6e544b32ad50526857f64ed071","sha512":"f8a71e662694a4f88b38721d30404047489aa04fd2795c21b247f5014a14878f9ee0dea05138c66d5067c3ea6f09b1ec5a33327264b0445610464ec8e708ecf0","ssdeep":"","tlshash":"06a0110abca2022008ba223e030a0b083020a0002c2020020008a8302820e280a22e08","size":71,"data":"","first_seen":"2025-10-03T18:50:54.870613Z","last_seen":"2025-10-08T15:43:46.294454Z","times_seen":952,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"ff03fc8f0c3179fb4dcf4389f88a1c16","sha1":"05ff911d7ddf2d7c14b4316a87fd08f42c618f9f","sha256":"025229ec6bb50e915572750c5045d22c5fe16851fd077f1411f41b19aa1dfece","sha512":"4acb3551ec49556a2a64f4a47e480df29f611f67d0ef4b2474e90f7b86caed3dedb0b56eba12e577f1401d4d701c9a4f0898a06eee8f6d7dbe3b4b5283a854e8","ssdeep":"","tlshash":"4f60000000c000000000030cc00300003cc0003300fc0300c30c003000cf3cc0000000","size":14,"data":"","first_seen":"2024-12-12T23:50:40.182598Z","last_seen":"2026-04-04T23:45:02.221992Z","times_seen":247338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"210593d4f868ec598e71d0960d862f20","sha1":"5118ddc183653b84a131ba8e89f75fdc522aa238","sha256":"5743c640722924aa6974b1f602ad1abb67f4c5240cc4829ed64147cf0e6ecf83","sha512":"ba85c82d1e8080eea1b01a2ccb9dd83805b911ac5bc65ed0f2e942f67ddf38ff6b4d5369322fea9e4646525b69cdfdf5a1b35b29ec8e98613748bc09cfc95f80","ssdeep":"768:1C6jR2KMgasLUU6+9Db69qBuug2Uw5jOyhMVNY1EbV9tGcpfBgQfuWVuY8t:r2PgasLUU6+RxuX2bhNDt","tlshash":"17232a583256397227d980e1a17b63437326753ae94ccc50a423d976367cecad233fba","size":49421,"data":"","first_seen":"2025-10-03T17:34:33.785374Z","last_seen":"2025-10-09T20:11:58.603455Z","times_seen":5784,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=98a83d1718be56bb\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea1c5c2295c452955a7efdc52bb86e73","sha1":"699eae33991a808f30def5cbf038dc3bff06d344","sha256":"925b4ad909e4e6fe6b006d85c2c9ae1f7b7054fc8b4f3f0448bf64d06a883af9","sha512":"365077ded2f6e66403674ec791873499f78d2198c64e06e7efaa6c3e9d956b8ac75061c064e70813e6bac98a8c9ef83fa6b041e04eec4cfc3b239c5775a8de74","ssdeep":"3072:4vQGa9zZ4ekzbwuTor8a2CmTx2jvolRNtEZ:8i9z7vuDf5x24Y","tlshash":"63d32c8935ce7789036670e4922739cb51e63c8860180c2ce735daec79d675db39beb8","size":142205,"data":"","first_seen":"2025-10-06T21:27:11.179891Z","last_seen":"2025-10-06T21:27:11.179891Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f60b465eda3c0d080b029ee13aa6edf0","sha1":"a4393e17126d423007073c9baa28393312a5adf0","sha256":"e9c345b106835fc587993e742366f778d8db617a574d5eb81b29e58f028c1689","sha512":"93b551532b5174b58fb33f842b33c9c3162d95edfd09f572a05123d9708a6db334f2cd6200c0ef08b383d81164c0cbcd85f2bbe83eddc145ba39b70554e27c45","ssdeep":"3:N/BKL1XEcK:eL1Ut","tlshash":"b45504c0554031711415d401d1505c1d5415045110150443705d04d41f30100001054d","size":1337359,"data":"","first_seen":"2025-10-06T21:27:11.193251Z","last_seen":"2025-10-06T21:27:11.193251Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"0c9d9d825e395e8566459a2d0ed9c75d","sha1":"bf13278f35b86f7f0721e66e860cc4e78e53c422","sha256":"5feb38109c5402933041adf0a628f762b411b43cb13358dc0205226d07e01e4d","sha512":"7eff142dbc0e4c568c46872730c0dad1bc6a1e83a51b233fc4fd3908d85c678e37c81f8ab8b54665a8fe88f7b09c79e2268c6725500a7a8cd13c77c97a575792","ssdeep":"","tlshash":"b6b012903af16010c3379034584f8904f048075224980404645993301f0001e45795a8","size":87,"data":"","first_seen":"2025-06-08T15:19:26.299645Z","last_seen":"2026-04-03T08:55:49.048776Z","times_seen":3697,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f47389d2f1abd47dbebeef3e2d3ae8a7","sha1":"dde5aa75f9a647e73d3e2d3fdda68898f850f72d","sha256":"30893b81b3c71cdbd5cf34b54fb52f8eef50b27d8a3f2498a28d2b89bd987fda","sha512":"3524a8ed2b83fe9d62a0708424707959d6cc8e89a918407da7c46540b5982fea9230792acffc47517cf5d009231375b00d5ec2ff5689bfb74ea6a3c926653318","ssdeep":"","tlshash":"56b0028869e5a404e21975a5495fd144f12cc802148a0515658885515f114294167868","size":94,"data":"","first_seen":"2024-12-12T23:50:40.522517Z","last_seen":"2026-04-04T23:45:02.284337Z","times_seen":245759,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"06967e90e1398595375477454e30f2cc","sha1":"c7440d52b3b91ef0fa4232a08a388410c0d96e26","sha256":"613f4d7a6c3d9bab7c291b666a4335ada0538de6d60b107681b28e92018c084d","sha512":"bce56e7eb393a746f7c713caf6086452b77acb024b372d2aab0c6f24a12cdeee9494f6bad36051592e5a3402f40a6092bb713922d54783fb901cbe6bed0b3547","ssdeep":"3:N/BKL1XEcz:eL1Uk","tlshash":"025504c0554031f0143dd401d170541d540d040010150443705d44d41f30100011054d","size":1337359,"data":"","first_seen":"2025-10-06T21:27:11.195698Z","last_seen":"2025-10-06T21:27:11.195698Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"fe4eb54518c4c35afef1f83f4c2b8706","sha1":"ab6ed838d94c4281284c4137a18b60ed699de9ce","sha256":"658b41e73a54311056db36f171c6faa333817955ecb638df76d3749ac82ca3db","sha512":"100fac331896329bc37e62607b0f68f899a975fe45065e6d99f7c4c2cd2d983e71073f80a3d32cef28fb6a33a3fc615b139f3325883c8bef8afb6c1225243e39","ssdeep":"3:N/BKL1XEcuX:eL1U/X","tlshash":"ba5500c0aac030f02820e800e2b0a8aea80a0800202b08cbb0ae08e82f30a080020bce","size":1337359,"data":"","first_seen":"2025-10-06T21:27:11.197023Z","last_seen":"2025-10-06T21:27:11.197023Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"c1e2ed71d7fcd3bd8dba8e0231255d49","sha1":"de3f2f6d2a1952c65c0f40a08e51e5cd599cd09c","sha256":"0c3cde7ebcf010b980a993779c10d70ec8ad2da94426e38e1761139caf929038","sha512":"e5b8ad293ee437525b8508549eca7fe52e6b0c6e1007d78665ac073336068c5c00e652bd98a38d899796b69a96fd3f5d20a3f8e5e828513915bbd6d53855727a","ssdeep":"3:N/BKL1XEcG:eL1Uh","tlshash":"7d5504d0554030701c13d400d3505c1d540d0400145d0443715d04d41f30100011054d","size":1337359,"data":"","first_seen":"2025-10-06T21:27:11.198093Z","last_seen":"2025-10-06T21:27:11.198093Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"33ff6022e88df59f8dfc9eb546435e9c","sha1":"7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4","sha256":"a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a","sha512":"99820974c649620d8dfd487054edee4863ca41025de5a87fcd6fddfafbecb53668799fdde6f7b809112fec178b18f28a9ff8e190d298aff5a29c6795ad639c25","ssdeep":"","tlshash":"0c600000c0303003000f3000f00000033cc000f0cccc3003030c00f000c000c0cc000c","size":14,"data":"","first_seen":"2024-12-12T23:50:40.556614Z","last_seen":"2026-04-04T23:45:02.213861Z","times_seen":248553,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T23:45:02.209964Z","times_seen":666541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"0dac7198ebd3bed641aad0379cc4dc8d","sha1":"6ad117284af4ea8608ac67d31225312b92730152","sha256":"2960e6e3b04e3c060e326f344ce4c2c6376aebe13c54b1e23115be1442079b52","sha512":"4b531b008ff6ecefd29c37a2457b48a4dd5c67d88550f4fbb19426f3ccfd03f38310f2964c83a2ae6bed07dc003f2ae5ee8a4bd5ddf968b0617847d97814ee50","ssdeep":"3:N/BKL1XEcen:eL1UV","tlshash":"fc5504c4d74031701410d400d170d41d5c15041011550443705d04d41f30100001054d","size":1337359,"data":"","first_seen":"2025-10-06T21:27:11.200835Z","last_seen":"2025-10-06T21:27:11.200835Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c1e3b73b9dc1b79cfec1b44055c59375","sha1":"ad283b833b3caaa3c80e25b92485444b70b2d819","sha256":"0de9406cb43bbc50f30e6bf0ba5778906b2bcaefbfe3f90196534ef3eaae5e6f","sha512":"57eef20d6e9171c7925f17f54793ab349b3458773a20908a7b0b7c936d2f7f0fed39e91851d361b7bb476ae448ef458193e6bfccb7222200a74a8d491602aba6","ssdeep":"","tlshash":"0ff059bd766d342090b3212f562b56c68e3c95149847b3a0232905030ebdd0a0351f15","size":467,"data":"","first_seen":"2025-10-06T15:29:40.260283Z","last_seen":"2025-10-07T18:43:35.02834Z","times_seen":696,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","size":39,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-04T23:47:22.272656Z","times_seen":748455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"088945cb96aee866128202a991345ac2","sha1":"d200e559d2437c8646a0b8722c534d3e518fe6ee","sha256":"8e893411d07ad5936c6e6deb9d585c2bba0ab7ecda1dfa796470c1e9dce65607","sha512":"e4fcc74272794484143351dae9c3aa15de5dab065d53ba01b24aa3efca0de9f1e545c0a48817d3a73a82c5556fce674e9d89a335e31715777ddd4dbe50133194","ssdeep":"1536:LLZRcjwnksZ2+ZkpsV4NxSrYB+f8nOW37M9wIoKlYhG7RHW1RprTRvaUJuhZS0H5:/MMlrokRH2TFaCuhZbYGt","tlshash":"71e3a6a0daf55123003385e51be277fb62b84239c5c72b14b7ac43a4bb8fc583e5b964","size":156941,"data":"","first_seen":"2025-10-06T21:27:11.202868Z","last_seen":"2025-10-06T21:27:11.202868Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"beta.nexoizaki.vip/favicon.ico","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://beta.nexoizaki.vip/UbDcMUlbA/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","date":"2025-10-06T21:26:43.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: beta.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://beta.nexoizaki.vip/UbDcMUlbA/\r\nCookie: PHPSESSID=lvcspeopqiisuambjlmvr9hhdt\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\ndate: Mon, 06 Oct 2025 21:26:43 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YiHdtT407RSNHMancP1qvlOx5hgLC%2B3rb2Br9BGaQoxF610vsWVp3TW%2By9bS5JJFPnPGOrxYiPaNSvd7Sg9eIKc9GP%2BGGKuZiBOth%2BQbt8U7NQ%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 98a83d171a1035a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-04-04T23:11:27.132036Z","times_seen":20472,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"beta.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T21:26:43.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 86\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a83d1758f856bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced","md5":"70c202196187ab3c11b4e094c20c6de1","sha1":"9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863","sha256":"6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643","sha512":"7e6168e40cce79239fc00a05381e1e95ca3534905d3fc1467973927f317b7f12b6f3e76960d5202c40046618b51e0895082e22338b1b9971038fa0ba158117e4","ssdeep":"","tlshash":"4ea022f3b2203c3eeb2a2333022e8030f83020b803828e0c000eec332a20208c0ca2c2","first_seen":"2025-05-13T14:11:45.873663Z","last_seen":"2026-04-03T11:40:49.866694Z","times_seen":265776,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/98a83d1718be56bb/1759786003309/dcuhDyfizPWiI3S","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T21:26:43.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/d/98a83d1718be56bb/1759786003309/dcuhDyfizPWiI3S HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 191\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a83d1c0c8c56bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":191,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 18, 8-bit/color RGBA, non-interlaced","md5":"3d15eda68603b1bdbd4b2bd9e1a26ede","sha1":"2b6ec872344a2f6420b91d78a4e42e4329d13740","sha256":"df196b709d79f881c066b30fabf4700d2fab7af8d7677ac94b096251816f96a5","sha512":"7854ba525f18c892a642f0f0ba9d554dfc6cd548bb68de0f1b0a10183e7a69daea531fa7e5b1781dc5936955add59b89f6f61779a414757e3efeaaa489ab20af","ssdeep":"","tlshash":"c4c0129ab6ac65608ff87cb29a78c7a54834111418901ce4c30b96f0d316de7855b681","first_seen":"2025-05-30T13:07:20.44559Z","last_seen":"2026-04-02T17:31:02.928623Z","times_seen":114,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/56927870:1759785228:KZ0KDYRV8CpFsgMvwxtzNvG0qi2R74o7fHqan3zLOLU/98a83d1718be56bb/x0.h.bX4FXaw7HwrMAIRT4sB2D3pfY.3OiRB3qSUP08-1759786003-1.2.1.1-40KHde1oP.GFiEaCX8AzpMdoR3XsWvvzzFKPHSiWRzNrjr0ouoIH5lhdZRh8TzxT","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T21:26:44.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/56927870:1759785228:KZ0KDYRV8CpFsgMvwxtzNvG0qi2R74o7fHqan3zLOLU/98a83d1718be56bb/x0.h.bX4FXaw7HwrMAIRT4sB2D3pfY.3OiRB3qSUP08-1759786003-1.2.1.1-40KHde1oP.GFiEaCX8AzpMdoR3XsWvvzzFKPHSiWRzNrjr0ouoIH5lhdZRh8TzxT HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\ncf-chl: x0.h.bX4FXaw7HwrMAIRT4sB2D3pfY.3OiRB3qSUP08-1759786003-1.2.1.1-40KHde1oP.GFiEaCX8AzpMdoR3XsWvvzzFKPHSiWRzNrjr0ouoIH5lhdZRh8TzxT\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 34210\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:44 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: MvRRBaTSIX3wMgqq0sPRX3kIMf6zneW5w6Cp46IP7hDEqFLsgb8D8lYw21edGQkT$ZFBFDh4tNiFiU9/XXi647w==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a83d21b9de56bb-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29096,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (29096), with no line terminators","md5":"26b298d9784531db876a7cc51345eeb8","sha1":"5b750443edb4f90b71727701a00692c5d246d970","sha256":"2c4518d9cefd40239d406c61050c928606e36b86a6db509573be85f7a04791e9","sha512":"3189d92d96ec0f68f0527c5fb633ed8cce106d63dd9c99c9c31713d44a5cb73efce7fea340ae1f111d46c3b57ec30ada4fe81c0d7b47e0969ccf3bc8d3d4fb0b","ssdeep":"768:DnX9EWDbsSRde4df0xes4LoinRr1ZyrGbjLFK5:DnX9DDbNemwefRr1ZyrUBK5","tlshash":"68d2e10339f52fd7a530c93b52b884ae249312d79c6cb8e037461d72e71af119c1daab","first_seen":"2025-10-06T21:27:11.170877Z","last_seen":"2025-10-06T21:27:11.170877Z","times_seen":1,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T21:26:47.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/ HTTP/1.1\r\nHost: beta.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://beta.nexoizaki.vip/UbDcMUlbA/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=lvcspeopqiisuambjlmvr9hhdt\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: PHP/7.4.33\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fRyViVNO5LMk9qZ2mEXnalmqBW2A1iZgPadvSNtciVMo5Z2%2B8DxIkXhzK8HqX%2FRqf4NR0Eq%2BSmkXFhWlEyjS6pf23JEhqSpxcWGXaxSo%2BPOXkQ%3D%3D\"}]}\r\ndate: Mon, 06 Oct 2025 21:26:47 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98a83d320cf035a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1355,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (465), with CRLF line terminators","md5":"fd5a5b5a7a3a57d0e201ac36f1b67865","sha1":"8e9629a5d0de32b2111cf3c0ebb9ec2dab3a8af2","sha256":"0ff432addcd7160790ef126407d83243239bcd09cba70da5b79f7b99137220af","sha512":"55578c8ed757dc671055df893f6996d7f99878baca300526d7b8215b4ab025c51beff0007e274bf055fa8de0a5672b444d229a4855c88e9cc966d884bf40c45a","ssdeep":"","tlshash":"2c21337d764a143ca1731225313b7a89cf7cc805c61b65a1761c254f4af99494bc7f98","first_seen":"2025-10-06T15:29:40.250957Z","last_seen":"2025-10-07T18:43:34.674164Z","times_seen":696,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"beta.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"aurevoe.life//","fqdn":"aurevoe.life","domain":"aurevoe.life","tld":"life"},"ip":{"addr":"172.67.154.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","date":"2025-10-06T21:26:47.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurevoe.life","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Sep 2025 20:35:56 GMT","end":"Fri, 05 Dec 2025 21:34:14 GMT"},"fingerprint":{"sha1":"04:1F:45:84:92:EC:CB:A7:83:39:22:94:68:AE:78:CD:24:23:74:F4","sha256":"6C:37:F7:52:85:C4:94:CD:F6:83:0E:E4:E4:1B:1D:03:8B:E1:6B:40:F8:01:FE:DE:1E:D1:36:73:B8:DE:76:AC"}}},"request":{"raw":"GET // HTTP/1.1\r\nHost: aurevoe.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://beta.nexoizaki.vip/\r\nOrigin: https://beta.nexoizaki.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:54 GMT\r\ncontent-type: application/json\r\ncontent-length: 68169\r\nx-powered-by: PHP/7.4.33\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0UKcj96r7pzHFi9TO4m6DbLypwjz3SWPb%2FsCeBhTanKiECdc6LDTVKx3hXZxxMPA%2BrC2TsN4v2EtXPM%2B%2F9Sps2vBoi%2FX4eoCkeSQ2g%3D%3D\"}]}\r\ncf-ray: 98a83d32e97ec272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":209256,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1c0dab16ecec9ee806677442ae961d1c","sha1":"07783cce0d1b84d676465f1a0880d9cc57874fcc","sha256":"1d9f1be37524f2e3fe81d09967d02962d249bbb988c43e606822fa91e0a90702","sha512":"412b46361d860ac879dac7b6c672f079da297986df49008fba8bb2482a9a32700b4a38bdbada078ee393b04712d35c87f4157b11646fd3ebbe67a01e2680ff06","ssdeep":"6144:W3+mw8cbmd/Z7dhWgkooHBdcQwWmyqQy2kQf:WR3pt7wdwy99f","tlshash":"e0146e2259c06f2b8e2b4517b9e38b06024e7451d0deec36c5be62b5cd5ffa31252adc","first_seen":"2025-10-06T21:27:11.172601Z","last_seen":"2025-10-06T21:27:11.172601Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7325,"timings":{"blocked":32,"dns":1,"connect":2,"send":0,"wait":7188,"receive":72,"ssl":29},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"aurevoe.life","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"beta.nexoizaki.vip/UbDcMUlbA/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T21:26:42.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /UbDcMUlbA/ HTTP/1.1\r\nHost: beta.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nexoizaki.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: PHP/7.4.33\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3PDvbeJCzOwzlDCEIAnRpceT38mkjV1gD8Cm%2FyPKZLO5Hp%2Bc%2FYabEqE%2FH50KXnd21uze%2FTDdXaDlvI1mUHWifNJAavlZ9%2B1qQbXaBq0Z%2FATeeg%3D%3D\"}]}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nset-cookie: PHPSESSID=lvcspeopqiisuambjlmvr9hhdt; Path=/\r\ndate: Mon, 06 Oct 2025 21:26:42 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98a83d14f9c335a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":2484,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"dddfdf7a0b70147061f8ec2a3b2674ec","sha1":"270b8722f06d6c7d1d9da4ce4a1fa6de452afde7","sha256":"33d1f52e5dfa7b0d9f948d030f5cc0672e4541d5a83ace3e051dccaf7ca8c716","sha512":"8bdfff0dab0616f7a91df403b4ce0e677972ea253d53907b5e7644bbba14fb5e8b89dc088f628efc3268140bcff4fb2ab82a7248bad6fe6de09c78d103e0ef40","ssdeep":"","tlshash":"9251511bea0065046033e3b9d7b39398ed29912793434468bbcc33638fb054c8aa3fd8","first_seen":"2025-10-06T20:36:10.139211Z","last_seen":"2025-10-07T16:28:25.359102Z","times_seen":6,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"beta.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://beta.nexoizaki.vip/UbDcMUlbA/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","date":"2025-10-06T21:26:43.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /turnstile/v0/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://beta.nexoizaki.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 06 Oct 2025 21:26:43 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public\r\ncross-origin-resource-policy: cross-origin\r\nlocation: /turnstile/v0/b/16f9cd2f90a6/api.js\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 98a83d16dd4e32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49421,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T23:47:04.105988Z","times_seen":13351467,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":10,"dns":0,"connect":2,"send":0,"wait":7,"receive":0,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://beta.nexoizaki.vip/UbDcMUlbA/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","date":"2025-10-06T21:26:43.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://beta.nexoizaki.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:43 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-sA37NQV0g6QukjXg' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\norigin-agent-cluster: ?1\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\nreferrer-policy: same-origin\r\ndocument-policy: js-profiling\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a83d1718be56bb-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27339,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (27339), with no line terminators","md5":"f49f75afcba5889169f397aa3804d5e3","sha1":"e29e9ac8a880ab7b3e102f35aa83784d8e9f7e1e","sha256":"ee744408709e7a9b3bf33d50ea324f0d241adc7ffb44673521649f961c6661d3","sha512":"ccb550f581cc8654482e3058ae144458400f907a046e557a99f3dad33f13c4f4395c145c7450425f9e362417a9a61a1077a6f88214d9ab17ad246302d6fb2276","ssdeep":"384:cA6U+qdB83E29aJC6tHzSk1b2xdLVSmda3mDI9FBrj/tIpm0tffZC9f:bdGrkHzlJUdLV9da3m8XK1tffZCV","tlshash":"9ac2c7038a101b7e7563872db3e1b5c8a338b9026f56b1b7f15412a58f4d6ae3b5370b","first_seen":"2025-10-06T21:27:11.175715Z","last_seen":"2025-10-06T21:27:11.175715Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/56927870:1759785228:KZ0KDYRV8CpFsgMvwxtzNvG0qi2R74o7fHqan3zLOLU/98a83d1718be56bb/x0.h.bX4FXaw7HwrMAIRT4sB2D3pfY.3OiRB3qSUP08-1759786003-1.2.1.1-40KHde1oP.GFiEaCX8AzpMdoR3XsWvvzzFKPHSiWRzNrjr0ouoIH5lhdZRh8TzxT","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T21:26:43.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/56927870:1759785228:KZ0KDYRV8CpFsgMvwxtzNvG0qi2R74o7fHqan3zLOLU/98a83d1718be56bb/x0.h.bX4FXaw7HwrMAIRT4sB2D3pfY.3OiRB3qSUP08-1759786003-1.2.1.1-40KHde1oP.GFiEaCX8AzpMdoR3XsWvvzzFKPHSiWRzNrjr0ouoIH5lhdZRh8TzxT HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\ncf-chl: x0.h.bX4FXaw7HwrMAIRT4sB2D3pfY.3OiRB3qSUP08-1759786003-1.2.1.1-40KHde1oP.GFiEaCX8AzpMdoR3XsWvvzzFKPHSiWRzNrjr0ouoIH5lhdZRh8TzxT\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3671\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:43 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: 6z5BPKQH8vI0BbpFoPRv88jI0JanbmJ2Lswm/brq75crelDUTb5gvP8I7SBZYhmfVw1R09jyXkoEc9zEMpf3AD1L1nvjYGVocpPLoe8emf0WOXzS1STWjnC2rCkdsP6vtSVl8c8aYLbuDPPmChVG64lRSUqyQaR2qY938W8CZJGNH06xDFDVPrjygzVbbKPLetTkSQDabW+u+5kQFHl5gDteEGG4TGgBFAFstbgdfhfKCyBS2BZOa3RtVWuWiTeccPcmcvUxkl0w3ffZFyLOFUifPd8Oy4Otx+QXhkbiechSla+ODyF/DaKjRKBcOi80m7SjcIOEOdK8pv+jj7mfJ2JMm1Cj0qs/K6ocqOhpOs5G2aU7lKIN9Zy1iYEKT66005yHPBIjv/BEKN6aT/K3ul2JTS8e6ILfkAW7roQf7TZMQVU9G04j5pggvFZnxpdN54aGG5KiAf+KSEz1LJ5Mgd+IOgN4icavgCvp79pvBk7Awd/McWkMIyLAptljdzhbpDyhUPzhplQ0NaCeY34crTc/n47RfByES/wdF2jHWu5hJkuJXFcg0zpP4W+7hEeiNbdm/Gw/h3eIhaOSqpNWadi8QDdEEIHV7/cIOFpsrvbf5NUXoD6TcrRH/PMEuz5xXYjBgN4pjPt8I08wXOWZP0YCHYXElxd14+uDIM9/6iUrc8+7E6OzHCyQ6uKcvySfy0SjzozA5bfEDQh4lXoJvKL9FNK7lxAK6J/o6ZP5rxNsunyiRw4/jvs0d7YsnCzcuE5UhuA6TJRJYda3Ibw96kjEcZkwGOZ6gdUFnVO16vw=$kHbtsuurnK25vudwFSoTzw==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a83d188a0156bb-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":269560,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"6aeaac3dbe4f793d6b1e469811f38386","sha1":"0c2d6b00b6c684bac040d90408bc384c21f5f012","sha256":"72a49621c415afbc9ea495c13bcecdf157b937ce1d099eae9bb79f21fc005381","sha512":"598865b2eb6215911c657630743cbe60de11a46be3577e4ce47fc535081f1408ab6a6dc88f9671e0711719e895a201f191bcc982b3c56840a661965d625490a0","ssdeep":"6144:kcXFcv9JSXKB8gNSST0ce3RVbBpvMQtwPmlFKiCB:71CXN2R1vPl0T","tlshash":"ec4422823ef372574793d01a99fef91c9ec1adb61056d1604ec12a8f981ecd0cea4e4b","first_seen":"2025-10-06T21:27:11.176774Z","last_seen":"2025-10-06T21:27:11.176774Z","times_seen":1,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"beta.nexoizaki.vip/favicon.ico","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","date":"2025-10-06T21:26:47.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: beta.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/\r\nCookie: PHPSESSID=lvcspeopqiisuambjlmvr9hhdt\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\ndate: Mon, 06 Oct 2025 21:26:47 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ue1DGJvaRk1RAAP997KNyUIoB1GD7rVeCTqAl5FDZuMWujLo86k9U7GbsonIGvK%2B1MXPH2teK6wC00mSQxtMJZqUd6YXrJReHT6N7fzZxT9dnQ%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 98a83d32bd0835a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-04-04T23:11:27.132036Z","times_seen":20472,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"beta.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/,","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","date":"2025-10-06T21:26:54.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/, HTTP/1.1\r\nHost: beta.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/\r\nCookie: PHPSESSID=lvcspeopqiisuambjlmvr9hhdt\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\ndate: Mon, 06 Oct 2025 21:26:54 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OmpoZHbqcw2Gmr%2BphyNb%2B%2BzoKL6y2JL5GYRFi6JqHviWOWGd8Iu0kf2tLL5pBBMChFso8EFxPfchNHNLgjG83bp74KZuu6JI2PAJVG3VyDXOBA%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 98a83d6069ba35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-04-04T23:11:27.132036Z","times_seen":20472,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"beta.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/,DQo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjI0IiB2aWV3Qm94PSIwIDAgMjQgMjQiPjxwYXRoIGQ9Ik0xOCwxMS41Nzh2Ljg0NEg3LjYxN2wzLjkyMSwzLjkyOC0uNTk0LjU5NEw2LDEybDQuOTQ0LTQuOTQ0LjU5NC41OTRMNy42MTcsMTEuNTc4WiIgZmlsbD0iIzQwNDA0MCIvPjxwYXRoIGQ9Ik0xMC45NDQsNy4wNTZsLjU5NC41OTRMNy42MTcsMTEuNTc4SDE4di44NDRINy42MTdsMy45MjEsMy45MjgtLjU5NC41OTRMNiwxMmw0Ljk0NC00Ljk0NG0wLS4xNDEtLjA3MS4wN0w1LjkyOSwxMS45MjksNS44NTgsMTJsLjA3MS4wNzEsNC45NDQsNC45NDQuMDcxLjA3LjA3MS0uMDcuNTk0LS41OTUuMDcxLS4wNy0uMDcxLS4wNzFMNy44NTgsMTIuNTIySDE4LjFWMTEuNDc4SDcuODU4bDMuNzUxLTMuNzU3LjA3MS0uMDcxLS4wNzEtLjA3LS41OTQtLjU5NS0uMDcxLS4wN1oiIGZpbGw9IiM0MDQwNDAiLz48L3N2Zz4NCg","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","date":"2025-10-06T21:26:54.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/,DQo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjI0IiBoZWlnaHQ9IjI0IiB2aWV3Qm94PSIwIDAgMjQgMjQiPjxwYXRoIGQ9Ik0xOCwxMS41Nzh2Ljg0NEg3LjYxN2wzLjkyMSwzLjkyOC0uNTk0LjU5NEw2LDEybDQuOTQ0LTQuOTQ0LjU5NC41OTRMNy42MTcsMTEuNTc4WiIgZmlsbD0iIzQwNDA0MCIvPjxwYXRoIGQ9Ik0xMC45NDQsNy4wNTZsLjU5NC41OTRMNy42MTcsMTEuNTc4SDE4di44NDRINy42MTdsMy45MjEsMy45MjgtLjU5NC41OTRMNiwxMmw0Ljk0NC00Ljk0NG0wLS4xNDEtLjA3MS4wN0w1LjkyOSwxMS45MjksNS44NTgsMTJsLjA3MS4wNzEsNC45NDQsNC45NDQuMDcxLjA3LjA3MS0uMDcuNTk0LS41OTUuMDcxLS4wNy0uMDcxLS4wNzFMNy44NTgsMTIuNTIySDE4LjFWMTEuNDc4SDcuODU4bDMuNzUxLTMuNzU3LjA3MS0uMDcxLS4wNzEtLjA3LS41OTQtLjU5NS0uMDcxLS4wN1oiIGZpbGw9IiM0MDQwNDAiLz48L3N2Zz4NCg HTTP/1.1\r\nHost: beta.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/\r\nCookie: PHPSESSID=lvcspeopqiisuambjlmvr9hhdt\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T23:47:04.105988Z","times_seen":13351467,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"beta.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"nexoizaki.vip/UbDcMUlbA/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T21:26:42.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"GET /UbDcMUlbA/ HTTP/1.1\r\nHost: nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:42 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/7.4.33\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=USHlpV94xIrpwpqXlp58o6GxDrug%2FRU91dea6fuZopRU7%2BBikZRKQAJQWvvD73uTUPsQrVZr1P0%2BBBfn7C0GhjMX0i0gp8Po%2FPk8\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 98a83d140b2856a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":103,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with no line terminators","md5":"3c21ed6de8b528775c109c0b37551c0b","sha1":"f9e5bf285d8c184ce0f0078eca1f88b9bb3f8504","sha256":"8371f7154f631c90d87cffeae1a05c2c8c6128c23b69fffe1fe49d43f0acd776","sha512":"3db6730926b87b2d5ed2ea06aa99afd5d48bfc2c2b67865257f6d8909b7f557a4a206d6b46abe98f8dfcac9ba226c1e5560031b25d56fb452ecc29bc0ba0bf65","ssdeep":"","tlshash":"9fb092d78a48c68422e2504386237a2e682252c99988a08260401612a1082abb92fc8d","first_seen":"2025-10-06T19:42:23.119674Z","last_seen":"2025-10-07T12:17:42.670651Z","times_seen":5,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":43,"dns":0,"connect":5,"send":0,"wait":107,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/16f9cd2f90a6/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://beta.nexoizaki.vip/UbDcMUlbA/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","date":"2025-10-06T21:26:43.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /turnstile/v0/b/16f9cd2f90a6/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://beta.nexoizaki.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nlast-modified: Fri, 03 Oct 2025 12:00:37 GMT\r\ncache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 98a83d16ed8132fa-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49421,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (49420)","md5":"210593d4f868ec598e71d0960d862f20","sha1":"5118ddc183653b84a131ba8e89f75fdc522aa238","sha256":"5743c640722924aa6974b1f602ad1abb67f4c5240cc4829ed64147cf0e6ecf83","sha512":"ba85c82d1e8080eea1b01a2ccb9dd83805b911ac5bc65ed0f2e942f67ddf38ff6b4d5369322fea9e4646525b69cdfdf5a1b35b29ec8e98613748bc09cfc95f80","ssdeep":"768:1C6jR2KMgasLUU6+9Db69qBuug2Uw5jOyhMVNY1EbV9tGcpfBgQfuWVuY8t:r2PgasLUU6+RxuX2bhNDt","tlshash":"17232a583256397227d980e1a17b63437326753ae94ccc50a423d976367cecad233fba","first_seen":"2025-10-03T17:34:33.785374Z","last_seen":"2025-10-09T20:11:58.603455Z","times_seen":5784,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=98a83d1718be56bb\u0026lang=auto","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T21:26:43.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=98a83d1718be56bb\u0026lang=auto HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:43 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a83d17590356bb-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142205,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ea1c5c2295c452955a7efdc52bb86e73","sha1":"699eae33991a808f30def5cbf038dc3bff06d344","sha256":"925b4ad909e4e6fe6b006d85c2c9ae1f7b7054fc8b4f3f0448bf64d06a883af9","sha512":"365077ded2f6e66403674ec791873499f78d2198c64e06e7efaa6c3e9d956b8ac75061c064e70813e6bac98a8c9ef83fa6b041e04eec4cfc3b239c5775a8de74","ssdeep":"3072:4vQGa9zZ4ekzbwuTor8a2CmTx2jvolRNtEZ:8i9z7vuDf5x24Y","tlshash":"63d32c8935ce7789036670e4922739cb51e63c8860180c2ce735daec79d675db39beb8","first_seen":"2025-10-06T21:27:11.179891Z","last_seen":"2025-10-06T21:27:11.179891Z","times_seen":1,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/56927870:1759785228:KZ0KDYRV8CpFsgMvwxtzNvG0qi2R74o7fHqan3zLOLU/98a83d1718be56bb/x0.h.bX4FXaw7HwrMAIRT4sB2D3pfY.3OiRB3qSUP08-1759786003-1.2.1.1-40KHde1oP.GFiEaCX8AzpMdoR3XsWvvzzFKPHSiWRzNrjr0ouoIH5lhdZRh8TzxT","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T21:26:47.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/56927870:1759785228:KZ0KDYRV8CpFsgMvwxtzNvG0qi2R74o7fHqan3zLOLU/98a83d1718be56bb/x0.h.bX4FXaw7HwrMAIRT4sB2D3pfY.3OiRB3qSUP08-1759786003-1.2.1.1-40KHde1oP.GFiEaCX8AzpMdoR3XsWvvzzFKPHSiWRzNrjr0ouoIH5lhdZRh8TzxT HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\ncf-chl: x0.h.bX4FXaw7HwrMAIRT4sB2D3pfY.3OiRB3qSUP08-1759786003-1.2.1.1-40KHde1oP.GFiEaCX8AzpMdoR3XsWvvzzFKPHSiWRzNrjr0ouoIH5lhdZRh8TzxT\r\ncf-chl-ra: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 42562\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:47 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncf-chl-out: Y2tc9TNyNIWowG1avBdG5P68pQdoeu2iz2gwCgTUEF/m8B2RJKpzb+1R+6zmzjaGM2hkpL/OsDd7hbjOODeOs4Q1d3LRkkrWcVbGyINKW9w=$TITwoBBt+SfPtdqGfYr7AQ==\r\ncf-chl-out-s: Hoxcf8eGhk3LHNQE7jztk861cvntdEMGnYYAUuDWdiPsFI7P7LYvTD0dGAsbzX7RGPLiT9gTKn7VL+4NS9abJjeAPZhUdzMQt1gcDlurg0ARsrw//EuAEDREwiiJ2rcvFWNet7hEsJAi7iquqt0CpAzkFdBmZjtyxDDrvZ0cEpcBxEzUqvlsbXeWwOTgoHhTFHlTussiVFg+4zjmgOtXPMG2V+DXYc1Vz7iSivSxJIH7oe9IzsfLMxpGDsIHen5QzTdhLCQfwOyJ0dhBX8AisM9Xvxr7t3hY13ahDyn4lqeNMneSmI6RBwdAYjm5zJhSzVw3Tiu3rD2b8NohMAeobt+4wmWSpIOjQLBkirz+Ew7/bd/8I9FVV6T2RGWlhJ6R1NPZPI3q232gdhXoB0EEvUk73WBUXViNtzfnHzC4bNllfHkrvZlJSi9JBiuJxYIMKwIOKQgEE1RvhuiskOSYsZq46Rnqm9WaHF9Ye2B0dw/Ud7ADYL1kuqmjVinSmXJVLlTaBvqQq6IJn+aVYwGDhNPtTId1Fs0kndLL0U/AwyUrVh8WjG6d2Q5P51+0J9qCWipAe+00N8njJIn+wYynjCFikLvJO0aYzFd9b052odDfeg4yJ5ZigV8rdVUNVgfQYuRDhDsbsGRNUrsxX6K7MUmmzymkLcQO3298ff1UI0sowc4u9DuubS0TjW4GPqEmsRuNxF9B3CBIcZDiwlZHXOzERapZ3e/YR9tEu0j06tKi5EG0e/ckwe0+BqvTcvok2wndqjdt5tcIXxyCfMFzeRlIJ1zuWv7OXy7PPLEocMrTrEri8Q3CTnJANRw0h6po9XbIAmltVq/L7DZVtKZWxtM+i7l2nI9Y8gwYlh/GBLtmZOlnSCfZvHpGGdhRmFp6Ht7YN9YCN/0CyBiKri1SpzKkxUJR4V0kdXpTq3uUxvdSJGIf6ygs1a4Wxwk8F8EMPmRNKtEBz03xmui6KFU/70txoB1GFZtf4iIpY5m5moTXke9PqHXmZ/beT9J5Ws+xdNChyBCP9EFQLsIEgEOwqdAPpoeLou8NFe8gSsWPjRMK33IyHPTxNxlzjhBpP7BFKxmro5qsCh1Q53LImS361aBKZkqjM5bGgCXhwYmgBB3cMmpyf1GfYc14oJ2khHwyTKQQb36glOkFuh4tF/6V8kYtGAy+tEwKoYcyT1vyocXUG4rJlIfnTdVVqw6D2EkrW/dY8ccJhxLjzW62J/TZurts+alEX1OK8iLQPAvRkKc=$85BS7bH7prs3OCk8zJcvYA==\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a83d301d9a56bb-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4872,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (4872), with no line terminators","md5":"562590b99bdbd0ae56e17a27a4731f61","sha1":"efaae6a994fa81592f09e970e75a39411a3904f1","sha256":"a0303da6f61e8e523a67e1d6bb214e7f315a99c94b97dcfd67e6678769453d12","sha512":"7c6d26de1edf56290a02462cf7088097b6c50094281a80a96353721dfb59b44ec3a742153c6775b7a5399145af4ee735978d120fd5a9579cc981f5d19490f600","ssdeep":"96:UrJr7jEYmOnQej21V2Qm0qgvu+obxwEEGKry5Zg:Ml7jEOnPE2Ly0vgry56","tlshash":"f4a1ae2ce4524fb93da32f14eb542111d8a3cf84de02c96997986f92e2e8f2e07b1c04","first_seen":"2025-10-06T21:27:11.180981Z","last_seen":"2025-10-06T21:27:11.180981Z","times_seen":1,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","date":"2025-10-06T21:26:54.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/jquery@3.7.1/dist/jquery.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://beta.nexoizaki.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:54 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 31402\r\ncf-ray: 98a83d609b91b4fa-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 3.7.1\r\nx-jsd-version-type: version\r\netag: W/\"155ed-7khZLR//lS/PBs4LZm7UeFSTr9w\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-etou8220132-FRA, cache-rtm-ehrd2290027-RTM\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 162474\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=YriigKJkqPlByN%2Fn6XOVEMxlURtkakXvSg%2BnlUV8pu7v4OpF88Z4xPd%2BGVLFBxXkTBPquqk81pLnU0tTu%2FRvmefybli98NjEHcw%2BIX2Ikg4AfH8MR0qTWIpZy3KnzIt8168%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-04T23:40:41.807057Z","times_seen":136421,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":38,"dns":1,"connect":2,"send":0,"wait":30,"receive":1,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurevoe.life/4869154788.php","fqdn":"aurevoe.life","domain":"aurevoe.life","tld":"life"},"ip":{"addr":"172.67.154.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://beta.nexoizaki.vip/262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","date":"2025-10-06T21:26:54.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurevoe.life","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Sep 2025 20:35:56 GMT","end":"Fri, 05 Dec 2025 21:34:14 GMT"},"fingerprint":{"sha1":"04:1F:45:84:92:EC:CB:A7:83:39:22:94:68:AE:78:CD:24:23:74:F4","sha256":"6C:37:F7:52:85:C4:94:CD:F6:83:0E:E4:E4:1B:1D:03:8B:E1:6B:40:F8:01:FE:DE:1E:D1:36:73:B8:DE:76:AC"}}},"request":{"raw":"POST /4869154788.php HTTP/1.1\r\nHost: aurevoe.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: 109\r\nOrigin: https://beta.nexoizaki.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://beta.nexoizaki.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 21:26:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/7.4.33\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0%2FgEzgZ7cd3JWvRIS2hbew96opsgOut9UYScLmY8Yqc9DPXIc5aLkTjlTXnjgIs1WeLUtyQGL%2Fvs%2BoHG2ZVShknj5LnuFAhVbs7%2BWA%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 98a83d60fea2c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":39,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"18ad5be193f88144f12ec36f79666369","sha1":"de3a1c8d663e9444046909d3e4d1537c1265bd1a","sha256":"0d3e4c9a9ae9c89fb96bfb581233a63ea6f4a869c5fe8e33b64b05266f316ab2","sha512":"9fda9a697aaca5cf9d0b92db98c8a888dadc020ed2bece302cfe1c0d73108b5d5d8f50b485af2abbcbcda74b9d16a60ff7c12ad4c325a1d726de3b6852afdadc","ssdeep":"","tlshash":"6c9004171c1d4755030040477c40055530f5410017547c005157c0c07541704044f531","first_seen":"2025-10-06T21:27:11.18308Z","last_seen":"2025-10-06T21:27:11.18308Z","times_seen":1,"resource_available":false,"data":null}},"time_used":675,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":674,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"aurevoe.life","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mycutebabyshopbd.com/hdghnc/cefdf18ca35a696a0e529b8e92a78bad/bWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"mycutebabyshopbd.com","domain":"mycutebabyshopbd.com","tld":"com"},"ip":{"addr":"103.213.38.36","port":443,"asn":150142,"as":"Wolast Technologies","country":"Bangladesh","country_code":"BD"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T21:26:41.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mycutebabyshopbd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 23:21:10 GMT","end":"Mon, 22 Dec 2025 23:21:09 GMT"},"fingerprint":{"sha1":"B9:90:1A:CC:06:23:D9:8D:37:EF:5B:0B:C9:C9:D9:92:C7:95:C3:C8","sha256":"BE:62:24:73:46:F0:F5:51:E0:FD:58:9B:68:84:E3:76:3F:C8:EC:13:E5:11:E5:0A:E2:B0:A2:23:DB:3A:B7:F1"}}},"request":{"raw":"GET /hdghnc/cefdf18ca35a696a0e529b8e92a78bad/bWFyaW9Ac2x1cnBtYWlsLm5ldA== HTTP/1.1\r\nHost: mycutebabyshopbd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 06 Oct 2025 20:36:51 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nx-powered-by: PHP/8.1.28\r\nrefresh: 0; url=https://nexoizaki.vip/UbDcMUlbA/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==\r\nalt-svc: h3=\":444\"; ma=2592000, h3-29=\":444\"; ma=2592000, h3-Q050=\":444\"; ma=2592000, h3-Q046=\":444\"; ma=2592000, h3-Q043=\":444\"; ma=2592000, quic=\":444\"; ma=2592000; v=\"43,46\"\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.1.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T23:47:04.105988Z","times_seen":13351467,"resource_available":true,"data":null}},"time_used":1202,"timings":{"blocked":456,"dns":0,"connect":225,"send":0,"wait":291,"receive":0,"ssl":230},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/98a83d1718be56bb/1759786003308/0a629f670a64a48e44f79c26c9666d66acecfac9bf2e2062c37b58810c8c262f/tGmbCDzE2kZs0zg","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.18.94.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto","date":"2025-10-06T21:26:43.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 18:43:17 GMT","end":"Sun, 23 Nov 2025 19:43:11 GMT"},"fingerprint":{"sha1":"E6:D7:22:96:F5:75:38:F4:31:98:86:D2:9F:14:0C:18:3E:EA:F1:7A","sha256":"8C:19:99:03:18:5F:A0:C5:46:F9:CE:6C:A5:40:91:3A:C6:83:68:6F:EE:9B:6D:71:DF:32:C6:91:6D:55:64:6C"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/pat/98a83d1718be56bb/1759786003308/0a629f670a64a48e44f79c26c9666d66acecfac9bf2e2062c37b58810c8c262f/tGmbCDzE2kZs0zg HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/m269o/0x4AAAAAAB4R4_EXAXaqyV-0/auto/fbE/new/normal/auto\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Mon, 06 Oct 2025 21:26:43 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 1\r\nwww-authenticate: PrivateToken challenge=\"AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gCmKfZwpkpI5E95wmyWZtZqzs-sm_LiBiw3tYgQyMJi8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAoFIsigelmhXUt6a6_SuiwmGJGiWqNd5uWsROJZcRkDAo_EOBPL1_ry6An2m9fdtqjmXDnKjE5RHUtvxYClzhWJDpdpTc8m5A7rD1uuS1FrisIdOGpqsc7HG_MBrEdLWqA_T5vMDhv1P3tB0bPWSfqXRN9n9zxc4Rxb6Pxv6Dcq-G9TVlf6PmUSXUEu4B90bcMGL86UfB48E6nfmDQnlgTVd4CNq5oJD0Twnw5TWE0GjBEy1Pgol7LZ4JwH16TLVOte1SEqk-AnTVkNZjPrfDCLrmQDVwRz1A-YwfEtvRMvtfalMQavfdnIInPVcNT6iaLPzstlU6Z4d3pomklYNrVwIDAQAB\", max-age=20, PrivateToken challenge=\"AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIApin2cKZKSORPecJslmbWas7PrJvy4gYsN7WIEMjCYvABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsN8Swq-3M489JXPD6LLyBf2SfiJc0Xqr2BB1TtMc73IxJwY7MTmwLaSOM6Vf9lM4QY68VxSEP3EMeTDhl1VfcSotq73IHev2GmApMZuRZUeFsWjbmFoXJX3QzDMGbnekPWozxur7IfcTNS0mptjXEccYigUpweaOduu4-I6O8MMQOkSVBOGEv9pKCWTqzW_ec0FLB71x1FvRN8_O2roG-knj6szl8rifUPzKFyqWHH2gYTmOrkgkdxfELtNACnTvjT-F_FhC051Q-DgVk3kv64wBMcOCY6RQlBmisyUogDi9i3oZgbMTNr7hsV5N8L2VK0Bs8Guu_IT-fnCeJLqcKwIDAQAB\", max-age=20, PrivateToken challenge=\"AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIApin2cKZKSORPecJslmbWas7PrJvy4gYsN7WIEMjCYvABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t\", token-key=\"MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA7LC_wzumB6AtzdsCSGuXYRRivNP9CAcc8aWoc-EkCUz3WTew_U70jo_KYUuj0o8QQk-dcYEEX9GZaLIfDUWTD2mE7VHJEp7Rsq3xTBbZq2XPsGCBgYQ4JlwnV3if77rSHX49sS1yJGBsELJIQdUhj8w2GH7YllRZhzWO0wWOxUGShREKS3puEM-9UU3st1PzZ3xEIY21HzA8UuKiSLK02j-5JLQIzcw2PAK2ICumsF7WgAwbsW44bWkhE4_lWKs5SMyoVCf3EM5lsGFUUSbt1m2ShA0j2mNNhe_R_OL-BSEEWjIytpSe3OTNMjOd6nkEArOZsc4z6PSkLsVQIbeY5wIDAQAB\", max-age=20\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 98a83d1b3c0056bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"ff44570aca8241914870afbc310cdb85","sha1":"58668e7669fd564d99db5d581fcdb6a5618440b5","sha256":"6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5","sha512":"3c266c0035de59eab2a0dd31b3dcb4a9dd157b310289e5db9ab4f8c2fddb7433466d48f25da7ad735a1cb8f2935aa612ad1f62f0efcece3933ba9979082e2304","ssdeep":"","tlshash":"c700000000000003c00000300000003000000000000000000003000000000000000000","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T23:44:34.266583Z","times_seen":400314,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"beta.nexoizaki.vip/UbDcMUlbA/#XbWFyaW9Ac2x1cnBtYWlsLm5ldA==","fqdn":"beta.nexoizaki.vip","domain":"nexoizaki.vip","tld":"vip"},"ip":{"addr":"172.67.208.215","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T21:26:47.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexoizaki.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 02:33:27 GMT","end":"Tue, 23 Dec 2025 03:31:14 GMT"},"fingerprint":{"sha1":"9B:B6:03:38:82:38:DB:20:52:6D:4D:EA:D8:9A:E9:9B:E1:16:DF:C8","sha256":"F2:8E:DE:88:D9:0D:DD:19:C5:3C:62:6C:9C:44:CD:49:2E:0D:E4:00:B0:DD:58:FE:2F:8F:9A:2B:57:93:8E:4B"}}},"request":{"raw":"POST /UbDcMUlbA/ HTTP/1.1\r\nHost: beta.nexoizaki.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1008\r\nOrigin: https://beta.nexoizaki.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://beta.nexoizaki.vip/UbDcMUlbA/\r\nCookie: PHPSESSID=lvcspeopqiisuambjlmvr9hhdt\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 302 Found\r\nx-powered-by: PHP/7.4.33\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nlocation: /262c78be89a697358-854d1540ae733bf8bf-e62879b0bfba-d09b699fd-a70c22c7ed442601-ef5666cd7-2f5fe15ef9c61445-6831386a413b/\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zIfTclg58V86qqbs23qhAjIEteUM8db4o9lP9gujMvd0RP%2FQGkIuGZFDGBo2XLjl6Kr0eUFw5p%2Bv9pjsBYo%2FosExMUShtCA6ThuQzRp0dn6vLA%3D%3D\"}]}\r\ndate: Mon, 06 Oct 2025 21:26:47 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98a83d307ccd35a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1355,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T23:47:04.105988Z","times_seen":13351467,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"beta.nexoizaki.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Rockstar2FA Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","rockstar","aitm"],"meta":null}]}}]}