{"report_id":"fb48c576-417b-4056-946e-a34bf853ca2a","version":6,"status":"done","tags":[],"date":"2025-12-09T20:17:27Z","url":{"schema":"https","addr":"ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"title":"Error 404 (Not Found)!!1","dom":{"size":2729,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (600)","md5":"45447f5bfe4b2ecc74d42da24f9d9f1f","sha1":"26793619329000453d9712840e36d89d2fbe259a","sha256":"998c0874b5a0d2724cf3fa311f2005341038a83a12f1d265b9525cebacdc1e92","sha512":"4e3ab84c783a708a79388770be30b12845ab4fa08b160457e4f153fded01e3593d25e2c3b1e53969eaa37729c157f3a3b1e5b4b0375407928870a35e7c9769a2","ssdeep":"","tlshash":"c0515187add9881751824585eaf1eb087a05e203d695c8e876ec01f1bf49fc949a3af8","dom_hash":"domhash9b2e62ff81ce73bd924264136ab8e8c0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-13T20:17:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"ghoogle.org","ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-02-16","domain_rank":0,"first_seen":"2025-12-09T20:17:28.678154Z","last_seen":"2025-12-09T20:17:28.678154Z","alert_count":35,"request_count":7,"received_data":1994899,"sent_data":3352,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-12-07T22:16:37.28363Z","alert_count":0,"request_count":1,"received_data":436918,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"1befca447193b1b854a106df359d3d41","sha1":"39e4163aa5c4953544cf2be491af74c94ddc7b72","sha256":"a4ee5e2bf7c8bf1fa09d67a5042c6e617eb6037cca9e0c1d0a285f881c6c665b","sha512":"e0fc1facfe489adfca5a6f4065ba9ad9d5849ecee228d2ed743e02b9a0040ac6919bfe3ccafd0880e7c50255dbd047a5752e4f2dbb491a6f9922062be2f8c930","ssdeep":"","tlshash":"f2b0128f6d8c207c63c3814854b51f313619d10985c414dca63000f6344448db4b1eb2","size":109,"data":"","first_seen":"2025-12-09T20:17:31.555631Z","last_seen":"2026-01-20T20:07:38.25669Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2001590cb9978b4e79bdf0b42caffed2","sha1":"fee3f7dd187283a8447c5b14503fdbd82cc1c038","sha256":"9789192c2f2dd0ddeba1e470f69eb688904581687e110ecaaa1284cbfe567b43","sha512":"9a17cf15620d4078414be64f0cb7b29c30d021feef1458aa5a68599bc0f03a9b17cea4b7b59a0bc0bd2665f17e2e56a0b647c959778e2b32b800ef0ff8e2cedd","ssdeep":"","tlshash":"a1c08c88220b0cb0a1ab2a450bafa600b1063213a4d29922b90ba3084f20e03d784854","size":165,"data":"","first_seen":"2025-12-09T20:17:31.564485Z","last_seen":"2026-05-18T05:43:52.905976Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-PVY9JN0Q77","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"54d9df25be2c692cdfc6d9d92e7e7b9e","sha1":"95dca22987268b5bf27fb860c446e232c9c9a4fb","sha256":"b5e4e4f51368003eaed1eafaeab5bf144b922b1bc065c87db3595b2731741f75","sha512":"447e77c18b26c300df8b3e68c4590de9deb03cf659bf43583a9f550b13151cd4a3c37e64b8d0d0898c61661bbfeb9cfa26b1db111984cae65985c1237fc6e73e","ssdeep":"6144:/cS0hsiCUe2bWYRosCtrVB/DeXFdn0Z+rXRBcUgW1fCV0qZXC:jiVe9YRdChZ+rohW1ayqw","tlshash":"9f9419ce73d674269396f078503f018ba57b29a2b45cc896f189cce42e7469a0277f7c","size":436314,"data":"","first_seen":"2025-12-09T20:17:31.54638Z","last_seen":"2025-12-09T20:17:31.54638Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/register-sw.js","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5199c12ce56d4477f0c413f776c5c8bc","sha1":"6d02cfbedf37008061a99c7c92e66954a7771085","sha256":"b5a8ab2cba73da72dc8fdffb3c143411e9c5760d79d7fd3a04fe5bb1994e0811","sha512":"d26cee802d3ff360d3fc0f55172ad81b75e773b3a6326db72c16de0a2fd36c53200362cc2e0f8cdb6a5fdf84f817428c248c9f18956e1f4917e01f5c46c710ff","ssdeep":"","tlshash":"0a01155ecd785b339be31df5dc815555720bc25d246499262feb42001ec7a7c811be51","size":763,"data":"","first_seen":"2023-11-18T20:14:02Z","last_seen":"2026-05-18T05:43:52.896538Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f3e69050ab6868d6b87c6fbad74a4a6b","sha1":"b8a304bf534c81f29c214ad1b5caf54376633036","sha256":"518be512684fb2862a459317ab50bca140f9f8ce60c79ee5ce884ecdf94d1e9d","sha512":"408aa096a4bc1210ff2aabb2e68766176d1b74eacfa7542ab4413c1e6d49b1b54af9bbf475cd456677872caef0b210474bd6d92a5d773b7489abfdaad2a6325e","ssdeep":"","tlshash":"96e0209b336709320edb752b1769534db463c057189ae8213e6c15400f99fc521f1d80","size":385,"data":"","first_seen":"2025-12-09T20:17:31.574919Z","last_seen":"2026-01-20T20:07:38.255835Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/h/uv.config.js","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"44410783667ef41e8d08dee5c7a4ba8d","sha1":"93667a1df2e4feca05c9819807443735bc3cc29f","sha256":"e5ae584fa3eb4b98a3fd63450ccb12a83af887fa3a0d45d917dc7853d8dbea48","sha512":"07c1f6fd875bfdf2f736c172a340b034dd0eb210a4779c8d914d2f0e68f0b7f4e4f0f8ea6cc32d462af416cbc0f7e654c4daf699505315049f32b2d07543a528","ssdeep":"","tlshash":"8dd0c2af989c0e43af00c498a09e0829161837670d09f0183a1193a50f0df8c60f11a8","size":272,"data":"","first_seen":"2025-12-09T20:17:31.536499Z","last_seen":"2026-05-18T05:43:52.883408Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"1befca447193b1b854a106df359d3d41","sha1":"39e4163aa5c4953544cf2be491af74c94ddc7b72","sha256":"a4ee5e2bf7c8bf1fa09d67a5042c6e617eb6037cca9e0c1d0a285f881c6c665b","sha512":"e0fc1facfe489adfca5a6f4065ba9ad9d5849ecee228d2ed743e02b9a0040ac6919bfe3ccafd0880e7c50255dbd047a5752e4f2dbb491a6f9922062be2f8c930","ssdeep":"","tlshash":"f2b0128f6d8c207c63c3814854b51f313619d10985c414dca63000f6344448db4b1eb2","size":109,"data":"","first_seen":"2025-12-09T20:17:31.555631Z","last_seen":"2026-01-20T20:07:38.25669Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-05-26T16:53:36.485058Z","times_seen":109707,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/h/uv.bundle.js","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5fae0c7eaf70361f16c6be542bb5c628","sha1":"2055836b92e9f7907bfb6c38f731647464585b10","sha256":"84c1ac2690f85de7ad853b438e6da286a2f3cece4266fa25d1ec78892707df29","sha512":"71b9569214f975027a51d85ea3513044bdfbda077ccfeeda1349c49e84f903113a3ab2395136e051cdec7c4d69e16d6f273117d63fbbc3bad5c619764276a338","ssdeep":"6144:bkyp7W3VxS/SF/+GxN0yGX74h2adYfEINVL5y979xTDrpvWwmp24e:4ygCKF/+WpQ74oaCfJ75y979xTDpW24e","tlshash":"3cf41cf33382a5b38bd680df9a562291a235411af4cc580dfafcc4db263556d1237e7a","size":763059,"data":"","first_seen":"2023-11-03T15:20:33Z","last_seen":"2026-05-18T05:43:52.882085Z","times_seen":86,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"07b36d5168c57a4664374f69ddaed174","sha1":"f277cb715cc6aafb1e90fd642bdfec0f040cc00d","sha256":"91ddc269b5d4bd66113480fa8942fe12060184c229bcff03e7ecbcabf514c219","sha512":"f9d0107e9020144b7000d51439fcb12a32914e5c2309210ee692a5530fb85e5833dfa14278daea0d8e2464ce623cd5e764921d2be32957d60ec76f5c1d4767df","ssdeep":"","tlshash":"0ab092db6a8920a9a292918464b117216628a2198ace28dca63000a6348488ea4b1a72","size":120,"data":"","first_seen":"2025-12-09T20:17:31.581326Z","last_seen":"2026-01-20T20:07:38.258892Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ghoogle.org/as/assets/ghoogle.png","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","date":"2025-12-09T20:17:06.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghoogle.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:47:55 GMT","end":"Thu, 05 Feb 2026 09:46:13 GMT"},"fingerprint":{"sha1":"C6:C2:FA:3C:57:1D:FB:43:7F:B6:F4:54:5E:BE:26:8A:95:F7:AF:F2","sha256":"F1:E4:E0:A6:40:E4:6A:C7:98:A7:C6:E9:F1:2D:D2:73:EC:54:F5:A7:D8:2D:E8:BF:A2:7C:CB:05:44:D3:0A:9F"}}},"request":{"raw":"GET /as/assets/ghoogle.png HTTP/1.1\r\nHost: ghoogle.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\ncontent-type: image/png\r\ndate: Tue, 09 Dec 2025 20:17:06 GMT\r\netag: W/\"6d2f8-19722bf6f95\"\r\nlast-modified: Fri, 30 May 2025 19:51:00 GMT\r\nx-powered-by: Express\r\ncontent-length: 447224\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EtW6al0a0WIeh3OiIrLuk6l%2F7HmbBZs%2Bvmc6LkI6D%2FtYes54nq6CdBRt%2FKqEdesxwDaVGy%2FxGTD6XUN%2Bcf%2Fg%2BZraIPZpi4Avsw%3D%3D\"}]}\r\ncf-ray: 9ab72f1d0ad156a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":447224,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1848 x 565, 8-bit/color RGBA, non-interlaced","md5":"824bf613caa166afad5b242258fd814f","sha1":"00def811e72375fa5e28d3bef3c21e1512d0bce5","sha256":"0d7f7b3c6bc9ae626e6f9b30b8a0d7002fe524606b6e29a147149a8625332a51","sha512":"a69fa0ca06970474d75ab6e9e50a8b2fcecfd4ee8d65d30392e06c4634d56f9246ed7bacd8f67ba4893ae573f0af3a649338a316244fdd8b4d2177bb366d3956","ssdeep":"6144:MspnxovwCieVZL5Ru3CcOLqXjUktOOfQofKBlFn5DyusIaWQHCBFIuUhgJUS4TJC:JFKxXL58CcbXjTgDONWQHvuz49Zs","tlshash":"4694238ee1fac119d8c9617fc827e49167b94b43824631de9371f04b6e258be0331a2f","first_seen":"2025-12-09T20:17:31.531207Z","last_seen":"2026-05-18T05:43:52.878831Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1365,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":615,"receive":750,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","date":"2025-12-09T20:17:06.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghoogle.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:47:55 GMT","end":"Thu, 05 Feb 2026 09:46:13 GMT"},"fingerprint":{"sha1":"C6:C2:FA:3C:57:1D:FB:43:7F:B6:F4:54:5E:BE:26:8A:95:F7:AF:F2","sha256":"F1:E4:E0:A6:40:E4:6A:C7:98:A7:C6:E9:F1:2D:D2:73:EC:54:F5:A7:D8:2D:E8:BF:A2:7C:CB:05:44:D3:0A:9F"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: ghoogle.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Tue, 09 Dec 2025 21:05:06 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3p1NFs9uM100jpt6BNjV8S3I%2BtdVOP3I7EZB5Xy9Gi4H%2FOfUzcPgaDSt%2BCRXpV2Goxtl0GDGS2cfFevDvtvSKf2XmcfcWQmvFA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Tue, 09 Dec 2025 20:17:06 GMT\r\ncf-ray: 9ab72f1d0ad256a8-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-05-26T16:53:36.485058Z","times_seen":109707,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/h/uv.config.js","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","date":"2025-12-09T20:17:06.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghoogle.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:47:55 GMT","end":"Thu, 05 Feb 2026 09:46:13 GMT"},"fingerprint":{"sha1":"C6:C2:FA:3C:57:1D:FB:43:7F:B6:F4:54:5E:BE:26:8A:95:F7:AF:F2","sha256":"F1:E4:E0:A6:40:E4:6A:C7:98:A7:C6:E9:F1:2D:D2:73:EC:54:F5:A7:D8:2D:E8:BF:A2:7C:CB:05:44:D3:0A:9F"}}},"request":{"raw":"GET /h/uv.config.js HTTP/1.1\r\nHost: ghoogle.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zgw80lhsWHqXm6dlmpKFXdbRjhysSbp%2BJlRA93oXMKiEXfVKnj4hjB6qPm0xAFjzhfuum1lKik5g%2FTa7nRT916MB7Ba%2BUdffrQ%3D%3D\"}]}\r\ncache-control: public, max-age=14400\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 09 Dec 2025 20:17:06 GMT\r\netag: W/\"110-1971a857e0b\"\r\nlast-modified: Thu, 29 May 2025 05:30:45 GMT\r\nx-powered-by: Express\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9ab72f1d2ad556a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":272,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text","md5":"44410783667ef41e8d08dee5c7a4ba8d","sha1":"93667a1df2e4feca05c9819807443735bc3cc29f","sha256":"e5ae584fa3eb4b98a3fd63450ccb12a83af887fa3a0d45d917dc7853d8dbea48","sha512":"07c1f6fd875bfdf2f736c172a340b034dd0eb210a4779c8d914d2f0e68f0b7f4e4f0f8ea6cc32d462af416cbc0f7e654c4daf699505315049f32b2d07543a528","ssdeep":"","tlshash":"8dd0c2af989c0e43af00c498a09e0829161837670d09f0183a1193a50f0df8c60f11a8","first_seen":"2025-12-09T20:17:31.536499Z","last_seen":"2026-05-18T05:43:52.883408Z","times_seen":4,"resource_available":true,"data":null}},"time_used":557,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/h/uv.bundle.js","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","date":"2025-12-09T20:17:07.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghoogle.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:47:55 GMT","end":"Thu, 05 Feb 2026 09:46:13 GMT"},"fingerprint":{"sha1":"C6:C2:FA:3C:57:1D:FB:43:7F:B6:F4:54:5E:BE:26:8A:95:F7:AF:F2","sha256":"F1:E4:E0:A6:40:E4:6A:C7:98:A7:C6:E9:F1:2D:D2:73:EC:54:F5:A7:D8:2D:E8:BF:A2:7C:CB:05:44:D3:0A:9F"}}},"request":{"raw":"GET /h/uv.bundle.js HTTP/1.1\r\nHost: ghoogle.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vcbRB6aniwRWD7wtIAeAvKGgZG2HUhGXx1YKiEdWZY6GuBdlfcsJUTh7LJlP2bJsNsVNIfbju8sYX8dmrJ4xOsOn5ADV7DPkiA%3D%3D\"}]}\r\ncache-control: public, max-age=14400\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 09 Dec 2025 20:17:07 GMT\r\netag: W/\"ba4b3-1971a857e09\"\r\nlast-modified: Thu, 29 May 2025 05:30:45 GMT\r\nx-powered-by: Express\r\nserver: cloudflare\r\ncf-cache-status: EXPIRED\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9ab72f25ab6156a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":763059,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64030), with no line terminators","md5":"5fae0c7eaf70361f16c6be542bb5c628","sha1":"2055836b92e9f7907bfb6c38f731647464585b10","sha256":"84c1ac2690f85de7ad853b438e6da286a2f3cece4266fa25d1ec78892707df29","sha512":"71b9569214f975027a51d85ea3513044bdfbda077ccfeeda1349c49e84f903113a3ab2395136e051cdec7c4d69e16d6f273117d63fbbc3bad5c619764276a338","ssdeep":"6144:bkyp7W3VxS/SF/+GxN0yGX74h2adYfEINVL5y979xTDrpvWwmp24e:4ygCKF/+WpQ74oaCfJ75y979xTDpW24e","tlshash":"3cf41cf33382a5b38bd680df9a562291a235411af4cc580dfafcc4db263556d1237e7a","first_seen":"2023-11-03T15:20:33Z","last_seen":"2026-05-18T05:43:52.882085Z","times_seen":86,"resource_available":true,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":131,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-09T20:17:05.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghoogle.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:47:55 GMT","end":"Thu, 05 Feb 2026 09:46:13 GMT"},"fingerprint":{"sha1":"C6:C2:FA:3C:57:1D:FB:43:7F:B6:F4:54:5E:BE:26:8A:95:F7:AF:F2","sha256":"F1:E4:E0:A6:40:E4:6A:C7:98:A7:C6:E9:F1:2D:D2:73:EC:54:F5:A7:D8:2D:E8:BF:A2:7C:CB:05:44:D3:0A:9F"}}},"request":{"raw":"GET /go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko- HTTP/1.1\r\nHost: ghoogle.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 09 Dec 2025 20:17:05 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pd%2BGKaeIly8OXEFTW%2B08k7%2BZDg95n88Cg9WtoQFcv6LcqDxRSxEW2eQmnQkdZozvbgf40cWYn5OO%2B5xQ0n3eY4GVzI0g1SEmPw%3D%3D\"}]}\r\nx-powered-by: Express\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9ab72f182b4ab503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3087,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (646)","md5":"ab4305d8071081b3ffebcf9f43834885","sha1":"c3ad86bf7fd38d2c6695c85dc6c448f0cf2805d9","sha256":"d49ece0389cacb40f916f7cc7c2b795d6fadc7f4129974b576ccf502e616075e","sha512":"4fc61ac4c0b9f4925fcfc569f29cbcc11263cae28bf0050660cee6652a692a7f16b01d0cdd65321d050ad4e0695076ef7ccc6ba5f3110727cbeb8ec5b98c2056","ssdeep":"","tlshash":"ea5166866dd6884320834585a9f1f70c3645d2439795c8f876dc02f1bf49fca8ea3eb8","first_seen":"2025-12-09T20:17:31.542967Z","last_seen":"2025-12-09T20:17:31.542967Z","times_seen":1,"resource_available":false,"data":null}},"time_used":735,"timings":{"blocked":42,"dns":28,"connect":1,"send":0,"wait":646,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/register-sw.js","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","date":"2025-12-09T20:17:06.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghoogle.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:47:55 GMT","end":"Thu, 05 Feb 2026 09:46:13 GMT"},"fingerprint":{"sha1":"C6:C2:FA:3C:57:1D:FB:43:7F:B6:F4:54:5E:BE:26:8A:95:F7:AF:F2","sha256":"F1:E4:E0:A6:40:E4:6A:C7:98:A7:C6:E9:F1:2D:D2:73:EC:54:F5:A7:D8:2D:E8:BF:A2:7C:CB:05:44:D3:0A:9F"}}},"request":{"raw":"GET /register-sw.js HTTP/1.1\r\nHost: ghoogle.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v%2B6gvppF0sm81YeTLFY8uUiz7nI8Tc3S1G7colc8FhQ4QBcFjLq6uxPwv6VXpGEVbtKHD10TbIWxarq5WP5jsgdo1YAzevENVg%3D%3D\"}]}\r\ncache-control: public, max-age=14400\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 09 Dec 2025 20:17:06 GMT\r\netag: W/\"2fb-196ada61745\"\r\nlast-modified: Thu, 08 May 2025 02:07:45 GMT\r\nx-powered-by: Express\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9ab72f1d2ad456a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":763,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"5199c12ce56d4477f0c413f776c5c8bc","sha1":"6d02cfbedf37008061a99c7c92e66954a7771085","sha256":"b5a8ab2cba73da72dc8fdffb3c143411e9c5760d79d7fd3a04fe5bb1994e0811","sha512":"d26cee802d3ff360d3fc0f55172ad81b75e773b3a6326db72c16de0a2fd36c53200362cc2e0f8cdb6a5fdf84f817428c248c9f18956e1f4917e01f5c46c710ff","ssdeep":"","tlshash":"0a01155ecd785b339be31df5dc815555720bc25d246499262feb42001ec7a7c811be51","first_seen":"2023-11-18T20:14:02Z","last_seen":"2026-05-18T05:43:52.896538Z","times_seen":9,"resource_available":true,"data":null}},"time_used":552,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":552,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-PVY9JN0Q77","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","date":"2025-12-09T20:17:06.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=G-PVY9JN0Q77 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ghoogle.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 09 Dec 2025 20:17:06 GMT\r\nexpires: Tue, 09 Dec 2025 20:17:06 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 143589\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":436314,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"54d9df25be2c692cdfc6d9d92e7e7b9e","sha1":"95dca22987268b5bf27fb860c446e232c9c9a4fb","sha256":"b5e4e4f51368003eaed1eafaeab5bf144b922b1bc065c87db3595b2731741f75","sha512":"447e77c18b26c300df8b3e68c4590de9deb03cf659bf43583a9f550b13151cd4a3c37e64b8d0d0898c61661bbfeb9cfa26b1db111984cae65985c1237fc6e73e","ssdeep":"6144:/cS0hsiCUe2bWYRosCtrVB/DeXFdn0Z+rXRBcUgW1fCV0qZXC:jiVe9YRdChZ+rohW1ayqw","tlshash":"9f9419ce73d674269396f078503f018ba57b29a2b45cc896f189cce42e7469a0277f7c","first_seen":"2025-12-09T20:17:31.54638Z","last_seen":"2025-12-09T20:17:31.54638Z","times_seen":1,"resource_available":true,"data":null}},"time_used":328,"timings":{"blocked":110,"dns":0,"connect":21,"send":0,"wait":44,"receive":61,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ghoogle.org/h/uv.bundle.js","fqdn":"ghoogle.org","domain":"ghoogle.org","tld":"org"},"ip":{"addr":"104.21.0.141","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-","date":"2025-12-09T20:17:06.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghoogle.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 07 Nov 2025 08:47:55 GMT","end":"Thu, 05 Feb 2026 09:46:13 GMT"},"fingerprint":{"sha1":"C6:C2:FA:3C:57:1D:FB:43:7F:B6:F4:54:5E:BE:26:8A:95:F7:AF:F2","sha256":"F1:E4:E0:A6:40:E4:6A:C7:98:A7:C6:E9:F1:2D:D2:73:EC:54:F5:A7:D8:2D:E8:BF:A2:7C:CB:05:44:D3:0A:9F"}}},"request":{"raw":"GET /h/uv.bundle.js HTTP/1.1\r\nHost: ghoogle.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ghoogle.org/go/hvtrs8%2F-rmcievbmtpo%7Bane0.uiltgrrizen.ko-\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zhz9QBBP9SoLK%2BvAx645r69MkgE9RxO5TZVQBB28fsG7LVyjgWj4ynZ73rVqKt2gwStpmt0akyGv1DGcHPTncP1sdzvSe3zacw%3D%3D\"}]}\r\ncache-control: public, max-age=14400\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 09 Dec 2025 20:17:06 GMT\r\netag: W/\"ba4b3-1971a857e09\"\r\nlast-modified: Thu, 29 May 2025 05:30:45 GMT\r\nx-powered-by: Express\r\nserver: cloudflare\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nvary: accept-encoding\r\ncf-ray: 9ab72f1d3ad656a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":763059,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64030), with no line terminators","md5":"5fae0c7eaf70361f16c6be542bb5c628","sha1":"2055836b92e9f7907bfb6c38f731647464585b10","sha256":"84c1ac2690f85de7ad853b438e6da286a2f3cece4266fa25d1ec78892707df29","sha512":"71b9569214f975027a51d85ea3513044bdfbda077ccfeeda1349c49e84f903113a3ab2395136e051cdec7c4d69e16d6f273117d63fbbc3bad5c619764276a338","ssdeep":"6144:bkyp7W3VxS/SF/+GxN0yGX74h2adYfEINVL5y979xTDrpvWwmp24e:4ygCKF/+WpQ74oaCfJ75y979xTDpW24e","tlshash":"3cf41cf33382a5b38bd680df9a562291a235411af4cc580dfafcc4db263556d1237e7a","first_seen":"2023-11-03T15:20:33Z","last_seen":"2026-05-18T05:43:52.882085Z","times_seen":86,"resource_available":true,"data":null}},"time_used":1396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":572,"receive":824,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-09","alert":"Sinkholed","trigger":"ghoogle.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}