{"report_id":"0a801da4-cb98-4fb9-907d-0183d7884be8","version":6,"status":"done","tags":[],"date":"2025-11-25T23:53:46Z","url":{"schema":"http","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"title":"Where Art Meets Digital Experience","dom":{"size":117817,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4461cd57f517f48e83dc27d80ea08312","sha1":"6dd807f84a69f9bb7f964a8fd5493c6402ccf44d","sha256":"2492e6f16b53dca7c46978843f0a48a0c03009ff73ccab87c6b181fbbb9673ed","sha512":"c21e3491cbea2cd924eaf0ad4ff0b1797a0e0ae9907eea408b92e044ef302bf7a2dfa1e601dbbf3c40355d4902b4ee2df21f544c42270f7d8873eb4d1e3a8a51","ssdeep":"3072:cafafbvMqKHtndMmr88Whi2hRHDTijwd3S53xUGP9DYn/E:Ufg3HxdMmr88Whi2hRHDTijwd3S53xnP","tlshash":"d4b3d75a5b72012b7d2fa2f2d195eb58b217b782ff2933e6f802111087d16eb1e73614","dom_hash":"domhash396f0f6faa638e3974b1ca3af8754688","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-30T23:53:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdntechone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.gfpxw.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2022-03-02","domain_rank":1407520,"first_seen":"2025-07-26T12:08:46.01149Z","last_seen":"2025-11-22T09:51:10.647801Z","alert_count":90,"request_count":45,"received_data":457712,"sent_data":18213,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Astro:5.12.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]}]},{"fqdn":"datatechonert.com","ip":{"addr":"185.49.145.45","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2021-12-24","domain_rank":17968,"first_seen":"2021-12-24T16:44:17Z","last_seen":"2025-11-19T03:23:40.635023Z","alert_count":0,"request_count":1,"received_data":482,"sent_data":551,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2025-11-24T02:06:56.360613Z","alert_count":0,"request_count":1,"received_data":836,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdntechone.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-12-24","domain_rank":31929,"first_seen":"2021-12-24T17:09:58Z","last_seen":"2025-11-25T14:41:02.33678Z","alert_count":1,"request_count":1,"received_data":17282,"sent_data":378,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0fbb7dbae3c20bc81da1b8bf41c13e8e","sha1":"f333d36b1dbecd026483e78eac843bdeb2dde04c","sha256":"eeeffffc79c48f4fbe510fc3fcdae29885a18a48ae121968e03fe502fb48fecc","sha512":"1e82716fa5da363b595ffc7b569caaa347df281bc89fb9d62dd89d2dec789280d9574694f6f78d250922e8d0d3bdc8a637f5748d7c4f4e5cb4e5465106542e0c","ssdeep":"","tlshash":"9ff0998af3c8b623410666e5321b801be67e1851b407a864a0a088e2ac7a449c189f3a","size":636,"data":"","first_seen":"2025-03-04T04:04:04.143618Z","last_seen":"2026-04-03T10:34:56.738183Z","times_seen":3281,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/y7009caac-DfKyVrot.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e2edf98d11d8f4ca67490affb1cdc48","sha1":"6f6837a0884bb5724f4ab8dd5aa993c2be00aed4","sha256":"a0283354bdb3a1f46c2dc163a038e39cad2f33348e71b08302222fde0a878194","sha512":"66e4ee18490f2223a9b6650f118ec5ee520bf2adef672687fcd583a01738f280e575c55f1bf839544acaf38a699d3b25f2c6f4a8e798019de97ba3c59e0ee902","ssdeep":"","tlshash":"a55196bf8488a479064d71dfc63781663d1828537c59c9e1a4bc8e2d27da095e13df2b","size":2748,"data":"","first_seen":"2025-11-25T17:05:28.655598Z","last_seen":"2025-11-26T09:09:26.558913Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/i8759748b-Cl-rREfY.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"1898c2c190edab61c5ae2ec43e53de90","sha1":"3560fb5a0fa1f380f9d1e8561f124f02dee2e20e","sha256":"4cecf199244c2734115f7547cb8a6deb3c2bfdc73bdd6302de053f315067921c","sha512":"cfd1de81e2a24c400fd815f8e959e3428c19c9203e35535cc9529f0aa6cc9c63563e18b819c5eb0b5d83ceea8edbf4b40a42ce526fc4b34543e9d824eecbd844","ssdeep":"","tlshash":"28f05cca0ef08254824e27dcd122aa0232c40077168c8f55f27d5b3c379aacbf820307","size":465,"data":"","first_seen":"2025-11-25T17:05:28.649956Z","last_seen":"2025-11-26T09:09:26.568076Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/d4d99461-BdDa48kX.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"7a62928e6b59897238e3839401f9b811","sha1":"e1801f9ad7a11765da590e79d65901883a669989","sha256":"a6e9637158d637d19098a03d828e6fb1c950a36fc9248de2818dc52c22c53219","sha512":"f90f791bde5292d117a0436418659a6894e4a5f0e46d1f7ffac110f4108a3445a01fe593539a17aeddef0b3c6e428c5d188c5838c94c7f364f0bced0e25c76db","ssdeep":"","tlshash":"d111d09216f105348266059cf170d385bb840122658dcbd0f16d4e6ab796dddc945b57","size":935,"data":"","first_seen":"2025-11-25T19:25:30.635344Z","last_seen":"2025-11-26T08:32:59.111114Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/i67a12af6-CC3IibOF.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"d94ca8df6a7b01af10f76d4710e2f478","sha1":"ebd9e335adc671ff7a6019912c4689983701fd70","sha256":"e18dbf8ed060f3b19bfb838b487e7309f72dfb91d097683e5578ff8fbb9c91d7","sha512":"4985c35b4b6764eca4b37adcbec389b6f0eeac7c126e433e193785e8bcaee729a8c16d67cf041c890b06d31e088d9f3ea925e535cf8db4fd3190a80729b30917","ssdeep":"","tlshash":"db311fcd36e12971819824ede63b7181f07e1162714e99c0c17d4e3a3e999cbc771aab","size":1744,"data":"","first_seen":"2025-11-25T17:05:28.714456Z","last_seen":"2025-11-26T09:09:26.582691Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/o522eee3-DVbo2GS4.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"a22255e85ce16ae40888e13a7bd283eb","sha1":"4a75f08bc0b0ff176fec576474c886debf4ff103","sha256":"0c7dba46b9e9f5ca76fa1e4aa90e5e9a5251567e70b977088133ad461cae9543","sha512":"d8d505c8e600fb9e404435aa885970b260bbd1342050de20ec95560b500f86addb91ea20ff1d93372f3c43cc06bafadbc1cf62b9182d7e29ca72575e183bfb7e","ssdeep":"","tlshash":"6a51c80e816d24b550cc8aeb9d330d0dbfba6006698c3899fc2b4cdc074ed9dc21a97d","size":3167,"data":"","first_seen":"2025-11-25T17:05:28.71004Z","last_seen":"2025-11-26T09:09:26.556411Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/x77a8620-CsWAWzWn.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"6345d4ca05a50433c75eb0c5c6d6ed29","sha1":"8d98c309f0b9c3748c725c7bda519b3babfa8d2d","sha256":"0e87b09adaaecf86becae4655f9f66b2d70bd4ddfe1d2f9a947e9d3d10ed724c","sha512":"4b6d40c7a31b99e271bcdc6b5f0188c0671522bab3c8654b35c2706ab5449e306f932643d04e3fe28b15b6f3c8cbfa918fd9e8f102177829f9c616d0d5e7a5cf","ssdeep":"","tlshash":"08f0dde55bf019744045229de175b382396900b691cc0b90723c8f692384ec69610fc6","size":632,"data":"","first_seen":"2025-11-25T17:05:28.69423Z","last_seen":"2025-11-26T09:09:26.592964Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/u7dfab0-DMEnjxUz.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7cbd4ecef89f831af43e8a39ce724474","sha1":"4c72bdff9b46f3a8caf0aa0905ac010f337a840c","sha256":"0f5c316aec225b8466212a128c5668f14a73d890c004285e0e0a0e038a44e3f4","sha512":"a90b3a7339416da484ac8b97e65a09b1d57a21c34d71a94c1fb38cc1a47e6dfde4b3898ef166b30eb9381468be78d63ae0a5e9d816ef5da29c0d0f6827d52941","ssdeep":"96:IYPs4BP3fwisK7V5AWEjMgiYEtWvB0DDeam/UoBtBB8bmM:BxBtsK7VeWE5iYE0p0XeagUwHB8bmM","tlshash":"e781c5caa06112bd68da89cdc132e731373616d67148d2d0f05e0f3543a9c8ba59df4b","size":4161,"data":"","first_seen":"2025-11-25T17:05:28.707362Z","last_seen":"2025-11-26T09:09:26.579077Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/s9f56d71-Btc61UmU.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"b8aab4bea17019a95742ad5158dfa698","sha1":"b5db4bc212529b27cecc1149e26ed8ad556a17f4","sha256":"d481f0c1ae61a7f61211600b2fde6b019694f40cb5b6bd0a82e23d7fb0cd9d0d","sha512":"2f007873d21ce357f13ff1803b72b9c75374db9257e9a0218dec469d6bf9288f24b8ba8836582428b654d077da4cb6f03fa9f6f24cd5a2c0928c68343ef0cd75","ssdeep":"","tlshash":"ad414643b232d2b16155798fcb62730ef670576726e4c5b4fc385c2053c948b4b2d729","size":2405,"data":"","first_seen":"2025-11-25T17:05:28.664783Z","last_seen":"2025-11-26T09:09:26.577071Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/e9113cb0-CpCkXZOP.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"5a4fe39016f676c96c6a793cbdd28a54","sha1":"90a5686110e342ab968069368c2dce79252dc5af","sha256":"8afad5108fe997ee04b009b97e11f3e6830c5d0c507ee0bc950439f342d2a642","sha512":"708f85178656961423e783a711aa3bce247eef388a856d8fd8a95407bbd9b1f8dd1f9170485620d62a0e6ebcfc4d04e08b52852c4bb332e6b593df2d4283fa06","ssdeep":"","tlshash":"b83179e908e48d34718d55d8763f4f5123f9160734d94f52e16e4ab4169cc8f8236b3a","size":1874,"data":"","first_seen":"2025-11-25T17:05:28.702375Z","last_seen":"2025-11-26T09:09:26.572438Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/r17dfdcff-DMst5HVJ.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"94ec50eb6b0b7e3e5f9ace0dba086dec","sha1":"0f9676a7f9135184dcbd4bfee776c5c290d4168b","sha256":"e156be3dbe37d5d1a540d4cdb04e724d354d01947812fbe629a03387318bea59","sha512":"d4feff8d64c5716ff88fcccd8be1b700dca79b32abeaa32d57755c9de05f64ab6edafc8afc7f06fe47192ee11e3aa566c43d32024af87afc5ca3eb6fb6dac652","ssdeep":"","tlshash":"e651644bd4b064bcd10f8aaee016d136272716671b8cc371818e4b382b6069df1b6fd7","size":2903,"data":"","first_seen":"2025-11-25T19:25:30.611282Z","last_seen":"2025-11-26T05:01:46.320798Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/o5e0059-DVtxabQt.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f0f97b405fefe9de489ba8e41456f7c","sha1":"76a483e83019da56859683b5b07daa78184b1ec0","sha256":"cfebf3948820e48ed4fac47f2a5b823745fc8ed6546b3ecd467b5d421743c61b","sha512":"7a151f914787b65276ad2f9c1e70e9922b833ac0577671f7336d8641420cf1f338428f1a022ee0fe54eb9ff6a3b584048a9381b0b93b17f989b21f2e051cf79c","ssdeep":"","tlshash":"bbf0c04a5af455c5c70722aec25b514130be10b30bccaf76b1bc07340715d9d9904b47","size":552,"data":"","first_seen":"2025-11-25T17:05:28.643782Z","last_seen":"2025-11-26T09:09:26.576404Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/i5eadc0e-CSMdQ9f6.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d73f095b991d57568a6fa38a7a27a16","sha1":"1d2481fda925a832d34d9b5d16898ba9f1dbcc21","sha256":"603f6eb16c53176d064e2bc1f805ad2dc720e607975102ac01d5313387d494d2","sha512":"d993f934f8bc7047a0746eb54e8945b2071840ad10a15982500c372269f0ce35f071357bab730de218a336d43d52c93cc1d4e0cd074ebb1d9782fb76d20a2e56","ssdeep":"","tlshash":"db41865ab1252b7cf00f448ef66c8287f0277746db4eca50f1bc8d1a27498956b46f80","size":2206,"data":"","first_seen":"2025-11-25T19:25:30.652957Z","last_seen":"2025-11-26T08:35:06.34529Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/q2cd6345a-DooyreT2.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fbd0d3f30199e5847b754c3779a260c3","sha1":"829317fbf05289f6327b3d50eac51d1837e627cd","sha256":"13b5c4e06008839a901bc4fcc4ad692277661b0fd69b587a2758a9806e391235","sha512":"f997ebf2735e6c3376b9dcf540a275820fc72a496dfb5bd8f2049f18a28dae4c1faf4ec7b024e3e642c703d27adb5cf37dd2d9dff28bf7e89ef764c6b7da6f17","ssdeep":"","tlshash":"0371d8cdc8e5c534428e36ef5029121076ba4f1b752d83c4a1bd0f294b5da4ae085b6b","size":3735,"data":"","first_seen":"2025-11-25T17:05:28.646843Z","last_seen":"2025-11-26T09:09:26.580296Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/m4bbd77209-BCVcSiqa.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"6dc616b0d627060e594bc41f061086e4","sha1":"cd2637e2867c48e67796beefb7989a8653a4a4c3","sha256":"a3e7b4404f52ecfc8da8cc6fa0702f102582abba3e65958e0864333882070605","sha512":"45877cdf314b92758915b56a8efd1e00ab87bbd77620d3ccc79d3b0e8e5b94d96b88a48cc1909d98d9e4fc025a5b22c935f4be50d010a6f076a36de5422d6b98","ssdeep":"","tlshash":"18211186b3b7a07813a9139ce4333742f554493652ccc6d0a1ba12352ed8e9f9c30a2f","size":1347,"data":"","first_seen":"2025-11-25T17:05:28.703891Z","last_seen":"2025-11-26T09:09:26.57306Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/fb4c6c-DeKLYifp.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"9273681e08ba2de4d5c9def1b868bcde","sha1":"0fa720a5e91c96637e2700218a7501fd734fc582","sha256":"d02651076e6f9670e2845e4c2e22f6c247584a862042c314758a16fd3f54039b","sha512":"06c1d3b4bcc5b1159a7c1b2b09bcb245cfd3ceb21c5b71803a195713019e21c7c78eee76b3d7c902543e600adabf1dbb36c0a2690c3a21a5e4feeb11390bbd5b","ssdeep":"","tlshash":"7651f28fd02610594fd4dfbcb87526173ed7c21a39c2894823c4a83c41e8bd6227f7a5","size":3069,"data":"","first_seen":"2025-11-25T17:05:28.698947Z","last_seen":"2025-11-26T09:09:26.5718Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e8ce7601698260c8104976a27dd37266","sha1":"0c07cc951205a3963f37f98b2b04f25fe87ff833","sha256":"3ac79bcc49eed190c26b4bc8653c3b5687bd11f7fd7ff51a0ad1ed77d1102346","sha512":"9220bc9d87747c45d55276716bac9bbffb28d729f2eef2fdf2d05718e8d39aafc1daa5371a737823ad0b03354a5f05ce2bb1c7a3727ad4c7d71bd9a080cd523c","ssdeep":"","tlshash":"4831b51372a62b69bd29fc350efcee6ca15f0eb57064804e52593e4d1a4318a24fc2bc","size":1509,"data":"","first_seen":"2025-11-25T23:53:50.040653Z","last_seen":"2025-11-25T23:53:50.040653Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/e9771078-DQxsnHIz.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2009a854cf1ce5a9171432cf8e79263","sha1":"c133070d3e314d31fc0e59549be2ff457f770728","sha256":"ffaac725a2a58468b69513380ccfb56948d746bd9be896cd2d7941cb71ade025","sha512":"20d9ffcf0dea8a238f4cf739dc6b51f266d02bcecadf3f08b0fc1ca8300c8465945caff014f45a4ba24b294bad0e2d47b9525eb7a2c2a56decccefd0eb6352cb","ssdeep":"","tlshash":"f9f0a24f87f00a5a831e65bfd7a7d320207a007347cc476591fe9b340f596aee404d56","size":644,"data":"","first_seen":"2025-11-25T19:25:30.614525Z","last_seen":"2025-11-26T05:01:46.286489Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/u68675b88d-DTfpTLHV.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0ebebba507c8fa3a9c8747e0d59c0a85","sha1":"d37d9f192eeaa0fb5fe514341f667d46a24cd4c7","sha256":"5ad2c36879de6652c7ee90c3c46dfe950380c5e08c6a56b002a0400981d9945b","sha512":"84370436798ab8114b7f5ab9c8afbd97baa48e84551a892d239bba2d93180d513a5d7d388c7001b874c610cacea449aefbb49b016cd15f68f1c93708b609e38d","ssdeep":"","tlshash":"4801f44a64b93644800755bfc355e1523415402ba7cccf97a1bc0b390791eaab905f53","size":692,"data":"","first_seen":"2025-11-25T17:05:28.657214Z","last_seen":"2025-11-26T09:09:26.565506Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/p50affb659-Dk84axeQ.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"f9982efb1bd9ade5781f536af58fbed8","sha1":"7276da9a7623768af5eaa5fc2ef74c2cae229787","sha256":"c5d1435e4c98b755518029ae96ca48dd5b9e8a6fa682c50c890b8731aa1093ac","sha512":"a3b73b884613cc9472bb079cc3cfd3bcfe9e31595853add835fc1e0ffc2af14d73a63927d7ea78c55837ff624f28dbbf4c1be0a84a42dc06d684ae3cea56650c","ssdeep":"","tlshash":"9401108ba5f09758804973cdc6676003734001234fcd8f80f0bd463a4be51caa90d70b","size":721,"data":"","first_seen":"2025-11-25T17:05:28.677338Z","last_seen":"2025-11-26T09:09:26.571163Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/o0dd635-DIJXmrG4.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"949951a7a33270b4637a086fe0a755af","sha1":"0efb58052efa08862710e475ee2c84bd41ede9d2","sha256":"e8f96a06d018d5324d92f0bb255da4dc6c2ce137bd06fa17e5e0802b34d1d1c6","sha512":"2c71cc3e67646c3d3ecb436d3478b9aa71cd6f6872ee60571eadc62eed9fdeebee10ccd22eed0cb352225dc7a478c5865c24525688acdd28dc8e6efdd75f787b","ssdeep":"192:Kcbl6G7U9dvOyzqcb8WjPIjUawYJcDjXJkTlFEq4Db0jPQhbqs38gG/2:Kcbl6G7U9dvOy+cbajUsJcDjXJiERX0a","tlshash":"65021988a0db197cd1da8cfaa561c055b53f0a59a54bd2d0d3ee9dac0190c4422faf8f","size":8628,"data":"","first_seen":"2025-11-25T17:05:28.711651Z","last_seen":"2025-11-26T09:09:26.569939Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/m11ceab482-aDYWzb5t.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"6c54a9a3002e7ff8a89ef0c1f6f925b5","sha1":"4b9e58fffe537a7aab4aa2a7391a67d62a85ec63","sha256":"3deca59b92a0209315a11102f7648a62fd51e16cada6147375e0806e47e0a0df","sha512":"8a2cc01c0d160b2b4cdf056243ff3a39eca8d9886d9348b18e5ba42788c455b48865726f0a8f665b4873143e74f1012267bd4a077483dc0e86fe974d2c0ce2df","ssdeep":"","tlshash":"a84161ad81f9c1b482c52bdd8232e932349a443334accf95e27e8a3517bde9550b4632","size":2194,"data":"","first_seen":"2025-11-25T17:05:28.668273Z","last_seen":"2025-11-26T09:09:26.577712Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/l8f15219-BdcZg3gV.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"18d081cb52d4a2917ff28c9e222656a0","sha1":"e96448082d9f29cb3495d899ef2ab70f9bb471fb","sha256":"deaf7efd02ee9e5900393d848bfe5de83096cae2d0b2a94097f482ea2fecb094","sha512":"1e70c041660485bb19d5853d42b6203a87fb37e461476eb2f2efcdc2524776e46c99308474f03cdfa7b3c3484f087538224cf1f0387149db76af6f42ff7caf01","ssdeep":"96:fi/OuYz6zuxzvPdBb9QQNaAwNS7SH/GSxaA2:fAOuYGSzv1B1g+7SGY12","tlshash":"1591438fb47920fc7697c79da133e1d31a3b25162989c1f4a4d74f2807a0285a33bb47","size":4305,"data":"","first_seen":"2025-11-25T17:05:28.680553Z","last_seen":"2025-11-26T09:09:26.567466Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/h27907b07a-BiFN1XjN.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0e0742e856048d34d4659a994aeecc5f","sha1":"27e2652d940e40792118cac428f18c8f1e0e6413","sha256":"8f1b36f16de5d67f99db8575ed0f0f70b556b851e58830f9ff63b15a353effe7","sha512":"f4d082d7994ff0dafee0ffe0ed03d00652b5fa9f46522f203e674704c52f81f67c5eabcd70cbd329e1065dc5c53582d4c98c0a5d3895c066a3d452e84d96dfa0","ssdeep":"","tlshash":"dc3154cf886046fc8456c6e5d22de63037690697e24c5711e4fe5e301722c8bd22aa8b","size":1750,"data":"","first_seen":"2025-11-25T17:05:28.688805Z","last_seen":"2025-11-26T09:09:26.586432Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4c1af0f7b285642bb8af9be1358ccdf","sha1":"99684de7c628cfb3226e2859359829cd59044f4f","sha256":"1232c8f0c830c49e369ad8e76abf02d09bf431195fc82201480edc1515c217db","sha512":"b474f80e218865474416415cc857664a6f1e0934a4aa82ab217111f4baba262f92b0b9b69c5e5eeff8677b28bed39967e8752d16310a6b2d3bb60bd431603fcf","ssdeep":"192:8r3c1SyRoFCbsFOEzBr4WuVuYoe21WUfcdova4EUAMRjlehEeVGcnW/RGGb5ao8o:8XCbPm0WuVuYoe21Wucdova4+MRj8hDY","tlshash":"d922d6463ee7f2412e2467b1c07b9111b3f25952316ab192b91b7522786108fc3f3fba","size":10465,"data":"","first_seen":"2025-07-24T08:17:40.839961Z","last_seen":"2025-12-09T05:17:14.075084Z","times_seen":1721,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f9b308d2b60038830ad23a38fe7378d2","sha1":"ffff1b947bf97ed50c37cf709358ddbef1327e24","sha256":"fa4cd9592f1e4e853c12a8de14d6f85f6892fa44e799f6351efad08fdf29ae82","sha512":"423f6918b76e8a6344cd7eb7896b65aa65ffefcecbdc6d3abaef00ea4569c18db324ace0bb3df64c0e6950b57852df7b8d775d8ad706b31165605a39135ecfe5","ssdeep":"384:8MLg4o4MvMD9S2YVKqFnQ7cjuGys4+GISTZ4Ex3ly0eqnatI8MfZGpsuVe6:8MLghh92YVPFnQ7cCGys4+GISTZ4ExVm","tlshash":"a082ecd69f5316443b2ce752e2678121f65c6c80f3d8b630782e5a41e8d0cea8b775bb","size":19205,"data":"","first_seen":"2025-11-07T18:38:32.601423Z","last_seen":"2025-12-08T13:03:51.548614Z","times_seen":547,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/i662be15-D916N_GQ.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"c1e505b2d2056e6f581997c756c628fa","sha1":"8e0b5ae289848f27914c26bc2e4698f62b107088","sha256":"2ae99bb9c074ebbcabcdbb84b61c39dd33a92603d5594a79c45da1cf15e6bbac","sha512":"08146347c815b0c325fcaee4a8301e6eec9f162c69f6c12b76ec6d1ae286bcb7fc05f28c86127bb6b16c2414b22e2d9600e62b9d853ff58c043d6ff35585ac6d","ssdeep":"1536:Ur2RivKGOUC9dpjXOnlVS+NLcgzAyOx+XuPqTeJcvmzhCQ8:UiRMnlM+NLcgzAye+XuPqKJcYT8","tlshash":"2063f88a3391a1145ba9409514ba0403e399fe9e705994d4f6ef54cefb8ccc5f23bb38","size":73302,"data":"","first_seen":"2025-11-25T17:05:28.661069Z","last_seen":"2025-11-26T09:09:26.566232Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdntechone.com/stattag.js","fqdn":"cdntechone.com","domain":"cdntechone.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"80d7433dbc2b7708f2fa4e6a9943a116","sha1":"350c6e2bb1cbd07de260856f918f4ececcd96894","sha256":"54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251","sha512":"6c065d9d4d04b7c4a11ae28751a711a064410055e1db34daed1c74d98f0257a304481bbf2af96b0845075f43d43bafeab34a49241a2a63f967fc0867748f6052","ssdeep":"384:WDC77FbFjbRN8h+eYFCatOJ39BEisNWP7gDhlPQ5EKQIkT8:d771Ff8h+eYFC/JNYa71","tlshash":"ac72e8c631a474afc6c292f04a7f092ef768509060be2986c1d5b4ec5ab51cee7c3f95","size":16490,"data":"","first_seen":"2024-07-11T14:08:01Z","last_seen":"2026-04-03T10:34:56.693266Z","times_seen":9003,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/cea480e1-DcrR0Q_d.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"df2cb7fcc46a4ef0a6a3fa0618bddcac","sha1":"9d8aa93a343dc82595d2fbf96e865a3377c2bb4d","sha256":"820db802a6730151318492a3e28ff4c49c6c0c2957cc0a8402acdda62932c740","sha512":"8f0a5d51ec7c04a920fdddc190ac8909963495ce8e89b23fbde4ef58f77155a3e8b7a0e44b7d972dcfeb25cf8d7e312a02ae8892c25791deddd5da228bd1e454","ssdeep":"","tlshash":"0711048f45f4b2b9825b26efd2214422745a087367cdcbd1e6ec4f290751ada9114f82","size":931,"data":"","first_seen":"2025-11-25T17:05:28.690561Z","last_seen":"2025-11-26T09:09:26.581672Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/f287fe3-C9-JbQ8Q.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"9731f6c1d31c817275f1e264fc65ee45","sha1":"548e102ebc6ccbaded91f38ee9bbd3f931fcb1f4","sha256":"e97864dbede36a658a92afbc906b272dbfc2ba8b48ccffe22a41b171ff52fc7c","sha512":"69a1087ec5d1bbac7296a4c62acfb4fc5bb76a034b813cf565431ac5a580c23ca0055220902d8100dd920269b7ebb3303c1adad58daf6d2ae2ccf823fb6e31d9","ssdeep":"768:Y5FCDDOqykJ7QNp4N70H1KcvXCyLHWxA9k/eWj8kcj6tKwtZHNMSgz6lDNwnfZRn:eeqs7QX4qz4PNcj6ftZHNMSZE","tlshash":"bf534aa87056203a03ef51e6e0bf6a4bf2356812e48dc644e316cef06fb469d4257f2d","size":63520,"data":"","first_seen":"2025-11-25T17:05:28.673789Z","last_seen":"2025-11-26T09:09:26.588237Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/r271e7651e-BGMreeeV.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"8506d4e19453aedbf3c1fc04342b89c9","sha1":"0e2bb5bdcf7088e8614858622e74e932b0c2fa2c","sha256":"184cd18e2112ed9660cd49257113c5aad97d659890668992cdc1635e21f374a1","sha512":"aea362c50d524712756f68f2889fc20a454c6d90196b625c6970314765b332c69bbca873363ba29779f6bcf904bb42f976a317349f70b3a85158398d0bd1b97e","ssdeep":"","tlshash":"a02100d1b6486b0ea53e3fddf0cb184036301123ce8d5683d2174722634fd49427dba6","size":1135,"data":"","first_seen":"2025-06-24T19:07:51.391409Z","last_seen":"2026-02-23T22:20:45.176058Z","times_seen":2159,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/e2786bd9a-DRPJUHrJ.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"4267b9f31a20230e2316e8e1a9f9a04d","sha1":"f47f540d71cebbcea692c3d00a895ea0b167d2e4","sha256":"69e632aa14d3e9e97d54edd30d86809d612cab05d41bb02e0d56c98c31c4b144","sha512":"1055765fe1a96f01daaf16ff7373f45b846adbfd31dcb392d830079fac60893051bf894d8b7009a4ec5ee500327081e8d3d3928b5447684a8feaef559a6db046","ssdeep":"","tlshash":"f911390eb6a41c69001914ddd014b9114145516b6bd64fd1d0be517d37baecf7d13f07","size":1061,"data":"","first_seen":"2025-11-25T17:05:28.671561Z","last_seen":"2025-11-26T09:09:26.578384Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/h4f47ad1bd-D3nUCPkV.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"75ba34654a066141257a7de3fa1f137b","sha1":"94fd4ab0bca4aad20f2885540795f5e849e6ec9d","sha256":"43ce09fe38bfcd819a8edd6febac987501d7d4dd6dc713745c73d027588e281f","sha512":"d5009138cbb8b274ec80bded95fa7d10ae8342783710c5a4dade631f00251890f08e69fc77ccbed6e1fa6bf23b5d7ddbe5d180c7fc25434b6b030cc7f0c9a4ff","ssdeep":"","tlshash":"4861236967fa3b6f4ca92b7a524dc14f062e1d0b6489c6346cd7cb2cfd5058c38b0b52","size":3234,"data":"","first_seen":"2025-11-25T17:05:28.662626Z","last_seen":"2025-11-26T09:09:26.559703Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"091fcea2ce8db1aa7fe44a4051e96b41","sha1":"4d1b368bcbddf456742d0abacd23ee510e609158","sha256":"433585662f852c8c76ded9e6f52054e1a120c78c7c0ecb8048fd3b99faa897f7","sha512":"765886ace161a524d53d770197f9f99de2c574df18129c8f32c3d4805f4680e2bd3c538527c6ed7e053b462fd1482e2eae75fcdf545bbeb795feff24d9c77d7f","ssdeep":"","tlshash":"14c02b9512f3e130f2a741c5c3cf32430000725602f841d351055c70401cc8a55a4f30","size":130,"data":"","first_seen":"2023-07-22T04:09:49Z","last_seen":"2026-04-03T19:59:02.244373Z","times_seen":8156,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/z6b2c41b7-CBrfQvaJ.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"414d1600f831893e31cf21e8960be501","sha1":"be21761ef555bf6a09b45da4c8e9c8301091bc65","sha256":"649a6f3c23c58420dc6f46b713c582047ffb5f1638319e98527d9743911572ba","sha512":"e2b73ca2aae7b6049978f4a89fd3683b2c93398361ce7ebd4b17baeb5e6e5fa8f7e5066c77d2c77e5636d78f0e68de0f4ce70e3717a644d09a6b13f908f787e8","ssdeep":"","tlshash":"da31748df950926c843a29adc66d06613b06272f13db8b41a2fd343a23596c8b526f53","size":1651,"data":"","first_seen":"2025-11-25T17:05:28.717087Z","last_seen":"2025-11-26T09:09:26.561081Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/t6b72301e-uKiSnrbr.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"ddb08ad6fcb495956ecb5a55ba472d9a","sha1":"c5ddb6e22c1d5c337d4a6fd5acfaed754027b2b3","sha256":"8b7814b13adc6d7caf9d50533aa86899827e596a04ac827d2f276294a05306dc","sha512":"7688e93e884751699f683cece75af94dafe4a219c19ceae2fb3d90f38f2e63abf4668bfbe2000b3735f28c567801580d06f0d27c73289abcd8e758b0a3cc9dfd","ssdeep":"","tlshash":"e3e0e5984ae09ad9419e26ded616540265c81863179c4f61a6b80a382775bceca08347","size":421,"data":"","first_seen":"2025-06-24T19:07:51.329462Z","last_seen":"2025-12-16T11:57:19.837877Z","times_seen":1806,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/h7810a2-B2Yx9ukG.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"9d8e49467618b45e44c4ac91692aa963","sha1":"6cd0f8f7d04e4294cfad39f484c17ef7d4939e90","sha256":"d7796036a0aba6e0df462fcb64e5837ce8b2dfd5b8a103068e570028c47068c1","sha512":"ac2e089e1216d8ccf7884e4e3590a804ee2d46cdf57744cf3b8c96ec11a6f902e644bb932e576821ae7075332c6ee690a67587f52f28738f00e8987bebbfafd2","ssdeep":"768:XkVirOw/oDfftYxaIIjv0hM6CBInlCYDeYsMiBATx+E1lzXf27dorO6DdK1alje0:UVvw/9BhOATx+EznxRuxKgfPwGi","tlshash":"74435f9ed2529fe988b31788b95d2a11b22d0d0ded4991a0ecdf0f16176ec87213b79c","size":59414,"data":"","first_seen":"2025-11-25T17:05:28.712802Z","last_seen":"2025-11-26T09:09:26.570503Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"15505b2350e129b787d479f7507edee9","sha1":"09ccb3a84e7f25a30bf97594c9c98b6878fd4483","sha256":"53b6bbda82ae145cfc0fb1941cb035359d1c8b298798339cf53f5a543836ad65","sha512":"970991ac74c61bd2a25fe8a331be62b328d99d1f04b87a83cf50deda9d4d6b68a04403ba120796b1e2f9de04af78d640626fb95d2370907f4b626385f0562178","ssdeep":"","tlshash":"3a61947813111bb33ddda0a9dd286ec3dda51834859a887e784e5cf30658e4381bebb9","size":3462,"data":"","first_seen":"2025-06-11T22:43:11.360804Z","last_seen":"2026-04-03T19:59:02.244911Z","times_seen":7177,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/c4e14fb-D4KTBcoN.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"importedModule","is_inline":false,"md5":"210689db28e13344278d1bdcbf8113c9","sha1":"3fb472f759c571a4caff85cfab1a6fca830cd157","sha256":"9db7cb22ead2c622cb918eb0f655a8065ceb766da0dea3ab03356ffa680ed19d","sha512":"30b86bd094e404ffa04bdfa81097d8d906b25fb355b7e542998f54872c26b615264e81bfe3dd5b1334df7e53a81983b242b5f9b838f68397b35377b2738d9729","ssdeep":"96:FM67RatOb/QIlnnUjOfez9YTGDQjgHQjski8Qj5IVzxJY6M9ysxmgUV+sszEQT9F:FRXDPntfez9Yan/8sIVzM6M9vxmgUV+/","tlshash":"e5b1a3c5d0a9dabd0eefaade2550d16273504f033c8ad934b2a14c2927f9c0661ab74b","size":5345,"data":"","first_seen":"2025-11-25T17:05:28.669899Z","last_seen":"2025-11-26T09:09:26.564515Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba0f4e77cb3d1968e8bb09e81cc6345e","sha1":"c3dabda4cfc7ed18627ba989f8ae8766b1ce4933","sha256":"7885d6bc09b192bdb9d4b2599239e210ae4b70f1773646a96c97a9a21c184487","sha512":"57baf1a1c836348e36fb6c38e649c142601110dd231faea9bc2a5c9c653c4b014dc4d02b3bbd7dad06a67eb2418bde568ca6f698086f9ce179718b5b1c56261a","ssdeep":"","tlshash":"f3c02bd612f36130f3ab40c7838f31c300207016027840d351014c70101c4494594e30","size":130,"data":"","first_seen":"2023-07-23T05:20:44Z","last_seen":"2026-04-03T16:15:24.27591Z","times_seen":6595,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/r17dfdcff-DMst5HVJ.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/r17dfdcff-DMst5HVJ.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: W/\"6925d0ab-b57\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2903,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2903), with no line terminators","md5":"94ec50eb6b0b7e3e5f9ace0dba086dec","sha1":"0f9676a7f9135184dcbd4bfee776c5c290d4168b","sha256":"e156be3dbe37d5d1a540d4cdb04e724d354d01947812fbe629a03387318bea59","sha512":"d4feff8d64c5716ff88fcccd8be1b700dca79b32abeaa32d57755c9de05f64ab6edafc8afc7f06fe47192ee11e3aa566c43d32024af87afc5ca3eb6fb6dac652","ssdeep":"","tlshash":"e651644bd4b064bcd10f8aaee016d136272716671b8cc371818e4b382b6069df1b6fd7","first_seen":"2025-11-25T19:25:30.611282Z","last_seen":"2025-11-26T05:01:46.320798Z","times_seen":5,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/cea480e1-DcrR0Q_d.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/cea480e1-DcrR0Q_d.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-3a3\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":931,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (930)","md5":"df2cb7fcc46a4ef0a6a3fa0618bddcac","sha1":"9d8aa93a343dc82595d2fbf96e865a3377c2bb4d","sha256":"820db802a6730151318492a3e28ff4c49c6c0c2957cc0a8402acdda62932c740","sha512":"8f0a5d51ec7c04a920fdddc190ac8909963495ce8e89b23fbde4ef58f77155a3e8b7a0e44b7d972dcfeb25cf8d7e312a02ae8892c25791deddd5da228bd1e454","ssdeep":"","tlshash":"0711048f45f4b2b9825b26efd2214422745a087367cdcbd1e6ec4f290751ada9114f82","first_seen":"2025-11-25T17:05:28.690561Z","last_seen":"2025-11-26T09:09:26.581672Z","times_seen":23,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/s9f56d71-Btc61UmU.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/s9f56d71-Btc61UmU.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-965\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2405,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2404)","md5":"b8aab4bea17019a95742ad5158dfa698","sha1":"b5db4bc212529b27cecc1149e26ed8ad556a17f4","sha256":"d481f0c1ae61a7f61211600b2fde6b019694f40cb5b6bd0a82e23d7fb0cd9d0d","sha512":"2f007873d21ce357f13ff1803b72b9c75374db9257e9a0218dec469d6bf9288f24b8ba8836582428b654d077da4cb6f03fa9f6f24cd5a2c0928c68343ef0cd75","ssdeep":"","tlshash":"ad414643b232d2b16155798fcb62730ef670576726e4c5b4fc385c2053c948b4b2d729","first_seen":"2025-11-25T17:05:28.664783Z","last_seen":"2025-11-26T09:09:26.577071Z","times_seen":23,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/m4bbd77209-BCVcSiqa.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/m4bbd77209-BCVcSiqa.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-543\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1347,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1347), with no line terminators","md5":"6dc616b0d627060e594bc41f061086e4","sha1":"cd2637e2867c48e67796beefb7989a8653a4a4c3","sha256":"a3e7b4404f52ecfc8da8cc6fa0702f102582abba3e65958e0864333882070605","sha512":"45877cdf314b92758915b56a8efd1e00ab87bbd77620d3ccc79d3b0e8e5b94d96b88a48cc1909d98d9e4fc025a5b22c935f4be50d010a6f076a36de5422d6b98","ssdeep":"","tlshash":"18211186b3b7a07813a9139ce4333742f554493652ccc6d0a1ba12352ed8e9f9c30a2f","first_seen":"2025-11-25T17:05:28.703891Z","last_seen":"2025-11-26T09:09:26.57306Z","times_seen":23,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/fb4c6c-DeKLYifp.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/fb4c6c-DeKLYifp.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-bfd\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3069,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3068)","md5":"9273681e08ba2de4d5c9def1b868bcde","sha1":"0fa720a5e91c96637e2700218a7501fd734fc582","sha256":"d02651076e6f9670e2845e4c2e22f6c247584a862042c314758a16fd3f54039b","sha512":"06c1d3b4bcc5b1159a7c1b2b09bcb245cfd3ceb21c5b71803a195713019e21c7c78eee76b3d7c902543e600adabf1dbb36c0a2690c3a21a5e4feeb11390bbd5b","ssdeep":"","tlshash":"7651f28fd02610594fd4dfbcb87526173ed7c21a39c2894823c4a83c41e8bd6227f7a5","first_seen":"2025-11-25T17:05:28.698947Z","last_seen":"2025-11-26T09:09:26.5718Z","times_seen":23,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a\u0026ruid=888f1ba7-1c47-43f7-9ad2-13d08b25e2eb","fqdn":"datatechonert.com","domain":"datatechonert.com","tld":"com"},"ip":{"addr":"185.49.145.45","port":443,"asn":35415,"as":"Webzilla B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"datatechonert.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Dec 2024 00:00:00 GMT","end":"Tue, 23 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"ED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72","sha256":"A3:45:F2:05:D1:B6:89:92:B3:05:C2:75:20:48:5F:3C:AA:EB:B3:A9:32:5E:CF:38:C4:37:CD:C0:B9:57:CA:E8"}}},"request":{"raw":"POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a\u0026ruid=888f1ba7-1c47-43f7-9ad2-13d08b25e2eb HTTP/1.1\r\nHost: datatechonert.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1349\r\nOrigin: https://cdn.gfpxw.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1349,"data":"L\u001bRR\u001f\u001c\u0026\u001c\u0014\u0005g\u001f\u001cK\u0012\u0003\u0001\u0005P\u000eL_\u0003\u000e\u0011\u001aX\u0016\u0010JO@T\u0005\u000fT\u0011\u0003\u001e\u000eP\u0018L\u001fA\u001b\t\u00147\u0001\n\tWN\u001a\u001b\tICP_[^\u0016\u001a\u0017X\u001b\t\u0006VF\u000e\u001fWX\t[A\tMH\u0019\u0003P\u000e_]\u0005\r\u001f\u0014\r\r\u000eJOS\nQI\u0015C\u001d\u0007\u0003P\u000e_]\u0005\r\u001f\u0014\r\u001c[REN\u001a\u001e\u0000\u001b[ZBI\u001bLLW\u0007\u0015\u0011A\u001c\u0007[REN\u001a\u001a\u0018QCP_[@\u0000BODQ\u0011\fKTK\\Y@K\u001e[\u0003PXV[^\u0016\u001d\f@\u001b\t\u0007H\\IDW\u0016K6\u001d\\\u0015\u000f\r\u001f\u0017PLW\u0007\u0015\u0011\\\t\u0011\u0018JO@u\u0006\u0003P\r\u0006\u000fDG\u001a^M\u001fnZX\u001e\u000b\u000e\u001bU,lIH\tOZUK%]\u0000[\u0003\u0002\u0013NLPBH\u0007\u0014\u0002XJ\rOZGK5Q\r\u0006X\u0016\u0001\u0006KTIYES\u0018/\u0010K\u0004\f\u0001\u0013]\u0005]Y\u0019\t\u0011\u001aX\n\tJOS\u0014K\t]CPL\u0002\u001c@\u000b\u001fYX_\u001b\n\u0000\u001fE\u0003\u000b]\u001e\u001cK[\u0003\u001d;;\u000f\u0007\u0003C\\AX\u001b\bT\u0018\u0011\u0004\u0015\u001f\u0010\\\u0016\u000f\u001cQ\u001bG\u003e$\fP]B\u001f\u0016\u0017\t\u0019OH\r\u001f\u0014\u0017\u0003\u000b\u001c\u0017FT\u0004Diz\r\u0013\n\r\r\u0007\fY\u0005TI\u0005\fC\u001d\u001bQ\u0019\bE\u0003ZE*-B\u0001\u001b\u0016]\u001b\u0017X\rG\u001e\u000f\u0014\u0019\u0018\u0004RNVD@\r\n8\u003cY\u001aE[L\b\u000eLQ\u001cA\u0002\u0001\u001b\u001bWD\u001cFCJWN\u001a\u0019\u0015\u001b[H\u0006\u001f\u0006D\u001dW\u0018\u0016PR\u0014J\u001e\u000e\u0005\u001aOG\u001aV\fE\u001d\u0002\u001cS\u0002\b\u001aIRQ\u001fKHYGV\u0017\u000f\u000b\u0017\t\u001e\u0003\u0007P\u0018L\u0003P\u001b\t\u0006VF\r\u0012WX\u001a\u003c-zCFL\u0005\u0010\u0016T\\\u001b\u001b]W\nFCJ\"\u000bVZK\u001bMH\u001e\u001fP\u000e^A\u0015\\EW\u0016FC[BN\u001a\u0001\u001a\u001b[^VGPP\u0003O\r\u0014\u0002\u001aX\u0016\r\u001cWX\u0015XU\u001b\u0002\u00021\u0004\u0010^LW\u0007\u0015\u0011X\rFCYY@O\r[\u0003\u0007\u000b\u0002\u0018\u0017\u0018L\u0002DZCCX^[$\u001c\fM\u0011YAY\\1]F\u0016BO_PWR\u001f\n[R\u0013\u0003T\u001a\u001c\u0015C\t\u00064\u001dV\u00042^WWS\u0002FCEDN\u001a\u001e\u0010W\u003e\u0001\u000b\u0012\u0001k\u0002\bY^G^X^KZAN\u001a\n\u0016U\u000e\u00181\u000f\u0017D\u001a\u0005\u0015\u0003\u0001\u0002VF\u000f\r\u001b\u0006W\u001b[\u0003CHBI\u0015U\u0003\bGXWEX^IDW\fTKC\u001b\u0004\u0004C\u003e!\u0016BOYU@\u0014@F\u001c\u0006X7kE\u001cWCFL\b\u001dX\u0001\u001fh^R[\u000f\u0010[RW\u0011J\u000e\u001b\u001bMH\u001e\r\u001e\u0016TO\u0015\u0015\u0011U\u0016\u0010[R\u000e\u001f\u0014K\tU\u0000\u001e\b\u0004\u0000Y1\tRMVU\u000e\u000b\u000bJO\u0019\u001a\u0000\nf\u0000\u0004\n\u0019\u001d]\nO\r_RZ\t\u0001UJ\u001c\u0011g\u001d\u000bP\u0005\u000f\u0000\u001fP\u000e\b\f[JV\u001aX\r\n7\u0016\nJ\u0006\u0014P\u0014\u00071SDk\u0001\u001fhWVA\u001f\u0016[R\u0013\u0003T\u001a\u001c\u0015C\u0003\u001d4\u0011\\\u001c\u0002ZPF[X^\u001f\t\u0019\u0011]E[P\u00125\u000b\u000f\u0015QLWQX_E\u001fH[\u0001\u0006=_\f\u001aR\u000eHT\u001f\u0000A\u000bA\u0015P@i\r\u0001\u001b7\u001e\u000bLKC_\u0000\u0006\u001d\u000e^\u0016\u0007\u001ehNVT%\u000f\u0010\u001c*T\b_\u0026V\u00135\u0000\u000e\u0005Q\u001cO\r_RZ\t\u0001UJ\u001c\u0011g\r\u001cJ\n\u001e\u0001\u001b-G\u000f\u000bVKZ\u0014@\u0002\u0018\u0004\u0006\u0007\u0014K\u0010J\u003e\t\u0006\u0019\u001dY\u0007\u0018Zf\\F\u001f\u0016\u0018JO\u0004Y\u0005\n\\\u001cFL\u0005\u0017GLW\u0015\r\u000b\u0000OSJ[FT\u001aE[Z\r\u0003\u000b\u0005\u0006k\u0007\t\u0015\u0003\u0011S\u001b\u0007\u001f[C\u0006YD\u001a\tW\u000eC_\u0016\u0003_@\u000e\tPUW\\A\rFR[\rM\u000bUZ\u000fI^\u0016\u000f\u000bQP__\u001b\u0010\u001c7\u001c\u0006\u001aS[\u001bMH\u001a\u0019\u0013R\b\u0004Tf@Y\u000f\u0016\u001a\r*\u000b\\KC\u001bCFL\n\u0016B\u000b\u001fCP@S\b;\u0010\fWX\u001aKU\u001b\u0002\u000b\u0003\u001b\u0013]\t\u0003hPW\u0014@F[DW\u0001M\u001a\rV\f5\u0007\u000f-\u0005LW\u0015\u001b\u001f\u0014\u0019\u0011\n\u001c\u001a\u000fg\u0000\u001dfSHTIP\u0018L\u000e[PP]%\r\u001dJO@\u001aE[Z\u000e\u0019\u001aIH\u0016LA\u0015TVB\u0012\u000b\u001dJO@R\u001a\rX\u0006HBI\u0000k\u001b\u0004S\u001b\t\u0014B\\A\u000eD\u0000Y^T\b\u0002^YFF\u0007\bZ\u001a\u0000RRHIH[\u0011R\u0000\u000bK\f\u0004X\u000b\tP\u0018L\u0002VfZRX^[JY@Y\r\u001dP\u0015\u0003\u0001\u0005\u0013X1\u0004SJ\u0011\f!9\u0004"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.5\r\nDate: Tue, 25 Nov 2025 23:53:24 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 12\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://cdn.gfpxw.com\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adb4650bfc9d2a73d4dd69583b0ceb14","sha1":"1ce399d6e936232aaf2192cd7903a279c5015f22","sha256":"21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed","sha512":"3fbce22572bbed1aada0f7c6706f16a97e7c0ea132dfee1a7eb80f5e68da1cc63c891a5bc3ea8e87f0c97be3002212a0efbb2af9553acb45e0d447a685cd805b","ssdeep":"","tlshash":"436000000c3000000cc00c0000c00030ff300f00000f00c0000c00f003030c0c00c000","first_seen":"2023-04-05T07:30:31Z","last_seen":"2026-04-03T20:29:48.296072Z","times_seen":55966,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":117,"dns":11,"connect":17,"send":0,"wait":18,"receive":0,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/fonts/ef9f0e0f5104d1b1.woff","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/fonts/ef9f0e0f5104d1b1.woff HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cdn.gfpxw.com/single-page/1124/fr.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/font-woff\r\ncontent-length: 56576\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: \"6925d0ab-dd00\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56576,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 56576, version 1.1","md5":"5124fc87f7e66441db795a8912043f91","sha1":"9b5c62e91aa66a514d484f39b22e7ffc9381cc18","sha256":"a2aea7fa4bd1d898403a770bc2a4ff45e48254f81be851732df29e8437414041","sha512":"f969df99917bfee75a09c50e7016dcba4446775b92a5263d3aa678202961baf2bf4d395711663b95f4a47add649a91e86a58a4c742a4c1f1081d68fcdad9cec5","ssdeep":"1536:lhPdeGApA3bIFUVp+DLy5lZQK4EtEglGzIQeVSc:XlexpAEFUpWL2ZNjUYSc","tlshash":"ea43f24e9ecd710fff8a7ab7d998695b818f6094866e75c33141227ef839280d4b6306","first_seen":"2025-10-17T10:36:57.958595Z","last_seen":"2026-04-03T05:39:53.253114Z","times_seen":885,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/ef1ffcd0-UPtv7WGn.svg","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/ef1ffcd0-UPtv7WGn.svg HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 192\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: \"6925d0ac-c0\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":192,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e6133168dcf129f4caf267388d0ab6d4","sha1":"922552d51294b494d6f1692134f0dea23dc64431","sha256":"fb53fcd165190dd2d1aa7e621288f03b6f229e5e178bc34597ae8ede67017507","sha512":"bd7014e79fcb6fcd6df5bc6f578e50ac006c579d51728ec60f97e3374101ba8d6645b3588235ac700a4f36639918c934d38a5c4e744b63a722c60946aff8819d","ssdeep":"","tlshash":"5ec0c0f40062342980d345d00a7878bd288b1017f0c10dbcd1e8324012d0f93b1ca4f2","first_seen":"2025-04-09T05:05:24.735699Z","last_seen":"2026-04-03T21:01:43.571285Z","times_seen":262,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/h483a5f-D4nR0lfR.svg","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/h483a5f-D4nR0lfR.svg HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 188\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: \"6925d0ac-bc\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":188,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3a5ed931bf8dce50979e079fe75ff2a7","sha1":"81fe5622743f7b1ff0f144bc0c66f0b17a5043d6","sha256":"4dc63a8077ecf6fd39bf2f00432597165fbc6bed69fc008daba266492dc5c19d","sha512":"e4cdebc3562f81ec557cf681919fa2fcb491bde4e59c26202271993f4f46af740984c020bfd86431ba377ef1f751055d2021ac42c0ae616198e2fd299ba01b37","ssdeep":"","tlshash":"43c0c0f2217409040882863c39bc324a60771047b04204bce2e425683286f7a70c50d7","first_seen":"2025-04-09T05:05:24.722099Z","last_seen":"2026-04-03T21:01:43.580717Z","times_seen":263,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/t6b72301e-uKiSnrbr.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/t6b72301e-uKiSnrbr.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-1a5\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":421,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (421), with no line terminators","md5":"ddb08ad6fcb495956ecb5a55ba472d9a","sha1":"c5ddb6e22c1d5c337d4a6fd5acfaed754027b2b3","sha256":"8b7814b13adc6d7caf9d50533aa86899827e596a04ac827d2f276294a05306dc","sha512":"7688e93e884751699f683cece75af94dafe4a219c19ceae2fb3d90f38f2e63abf4668bfbe2000b3735f28c567801580d06f0d27c73289abcd8e758b0a3cc9dfd","ssdeep":"","tlshash":"e3e0e5984ae09ad9419e26ded616540265c81863179c4f61a6b80a382775bceca08347","first_seen":"2025-06-24T19:07:51.329462Z","last_seen":"2025-12-16T11:57:19.837877Z","times_seen":1806,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/i662be15-D916N_GQ.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/i662be15-D916N_GQ.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: W/\"6925d0ab-11e56\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73302,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c1e505b2d2056e6f581997c756c628fa","sha1":"8e0b5ae289848f27914c26bc2e4698f62b107088","sha256":"2ae99bb9c074ebbcabcdbb84b61c39dd33a92603d5594a79c45da1cf15e6bbac","sha512":"08146347c815b0c325fcaee4a8301e6eec9f162c69f6c12b76ec6d1ae286bcb7fc05f28c86127bb6b16c2414b22e2d9600e62b9d853ff58c043d6ff35585ac6d","ssdeep":"1536:Ur2RivKGOUC9dpjXOnlVS+NLcgzAyOx+XuPqTeJcvmzhCQ8:UiRMnlM+NLcgzAye+XuPqKJcYT8","tlshash":"2063f88a3391a1145ba9409514ba0403e399fe9e705994d4f6ef54cefb8ccc5f23bb38","first_seen":"2025-11-25T17:05:28.661069Z","last_seen":"2025-11-26T09:09:26.566232Z","times_seen":23,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/r271e7651e-BGMreeeV.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/r271e7651e-BGMreeeV.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: W/\"6925d0ab-46f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1135,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1135), with no line terminators","md5":"8506d4e19453aedbf3c1fc04342b89c9","sha1":"0e2bb5bdcf7088e8614858622e74e932b0c2fa2c","sha256":"184cd18e2112ed9660cd49257113c5aad97d659890668992cdc1635e21f374a1","sha512":"aea362c50d524712756f68f2889fc20a454c6d90196b625c6970314765b332c69bbca873363ba29779f6bcf904bb42f976a317349f70b3a85158398d0bd1b97e","ssdeep":"","tlshash":"a02100d1b6486b0ea53e3fddf0cb184036301123ce8d5683d2174722634fd49427dba6","first_seen":"2025-06-24T19:07:51.391409Z","last_seen":"2026-02-23T22:20:45.176058Z","times_seen":2159,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/single-page/1124/fr.html","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-25T23:53:23.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /single-page/1124/fr.html HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:23 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:23 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Astro:5.12.3","description":"Astro is a new JavaScript-based static site builder.","website":"https://astro.build","common_platform_enumeration":"","icon":"Astro.svg","categories":["Static site generator","JavaScript frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":115864,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"07fe7d1d83e2f416f957972e0eb3dbc3","sha1":"4c85e6ae27f04f24ec50e0b5b2d6618acaab6384","sha256":"1c40ec12ac9db70a2e6dcc7ecf3c7c1ccba55ae13cd89a08277ced9eed2b07d5","sha512":"b45f2b0617d8b24934e5d162947ea447f0ec9285660eed27ff942600510d120c98f2aacf021bd22a672577eec808311a0cffc72a95ae2cc0037d6ebc04d60698","ssdeep":"3072:daf9fbvMqKHtndMmr88Whi2hRHDTijwd3S53xUGP9DYnhk:kfg3HxdMmr88Whi2hRHDTijwd3S53xnH","tlshash":"d2b3e85a5b72012b7d1fa2f2d195eb58b227b782ff2933e6f802111097d16eb1e73610","first_seen":"2025-11-25T23:53:50.020764Z","last_seen":"2025-11-25T23:53:50.020764Z","times_seen":1,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":99,"dns":48,"connect":19,"send":0,"wait":38,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/d892e590-CWv6IkKN.svg","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/d892e590-CWv6IkKN.svg HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 199\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: \"6925d0ac-c7\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":199,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2e1985a6afb2935a7e4ce54b6991ace4","sha1":"50c08585d83b88201463260185331dfe3ee586b6","sha256":"40204e6cf5d2165eb198dbc66fc23e8064c1c91e3a48493a156b98f829a08ebd","sha512":"5dca6c317bbb124616f3d554f9ea2836f4fcf944bca567a2361acc05a4bc5088365122da3e23a583691e90d51ec89162270fb77bbe884a6008ccd357ec9595bc","ssdeep":"","tlshash":"dcd022a89056012ab5c65a902578710b28af6497b0c40d7de2d8015113e0d8a30cc7d9","first_seen":"2024-12-21T08:46:00.055881Z","last_seen":"2026-04-03T21:01:43.562181Z","times_seen":279,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/a68de0ec1a-BzrDiKps.svg","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/a68de0ec1a-BzrDiKps.svg HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 275\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: \"6925d0ac-113\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":275,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"dd0d0e9ce7ee969fce2896033dc72b60","sha1":"6ea5b2669c71d0cf6d27b487117c91dd881b1362","sha256":"f5e4e2577d35145fc1cb889af35fdee74cff77241693041acef4773306c1a057","sha512":"11e7d5ef03b0b873c8e6a158b40e288eecb56c68b182ed93e44aafe755c43db5f446b165c0d89af26f4702ec31a0265b7d5df67b644a5b8d6faac0f4b706ec26","ssdeep":"","tlshash":"0fd02bbad36e48344ba481b4ce7ce6915042b4d5848c43add0a8d615b316dcb944853d","first_seen":"2025-06-07T11:48:49.418274Z","last_seen":"2026-04-03T21:01:43.578187Z","times_seen":256,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/i5eadc0e-CSMdQ9f6.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/i5eadc0e-CSMdQ9f6.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-89e\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2206,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2204)","md5":"3d73f095b991d57568a6fa38a7a27a16","sha1":"1d2481fda925a832d34d9b5d16898ba9f1dbcc21","sha256":"603f6eb16c53176d064e2bc1f805ad2dc720e607975102ac01d5313387d494d2","sha512":"d993f934f8bc7047a0746eb54e8945b2071840ad10a15982500c372269f0ce35f071357bab730de218a336d43d52c93cc1d4e0cd074ebb1d9782fb76d20a2e56","ssdeep":"","tlshash":"db41865ab1252b7cf00f448ef66c8287f0277746db4eca50f1bc8d1a27498956b46f80","first_seen":"2025-11-25T19:25:30.652957Z","last_seen":"2025-11-26T08:35:06.34529Z","times_seen":9,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/f287fe3-C9-JbQ8Q.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/f287fe3-C9-JbQ8Q.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-f820\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63520,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (38452)","md5":"9731f6c1d31c817275f1e264fc65ee45","sha1":"548e102ebc6ccbaded91f38ee9bbd3f931fcb1f4","sha256":"e97864dbede36a658a92afbc906b272dbfc2ba8b48ccffe22a41b171ff52fc7c","sha512":"69a1087ec5d1bbac7296a4c62acfb4fc5bb76a034b813cf565431ac5a580c23ca0055220902d8100dd920269b7ebb3303c1adad58daf6d2ae2ccf823fb6e31d9","ssdeep":"768:Y5FCDDOqykJ7QNp4N70H1KcvXCyLHWxA9k/eWj8kcj6tKwtZHNMSgz6lDNwnfZRn:eeqs7QX4qz4PNcj6ftZHNMSZE","tlshash":"bf534aa87056203a03ef51e6e0bf6a4bf2356812e48dc644e316cef06fb469d4257f2d","first_seen":"2025-11-25T17:05:28.673789Z","last_seen":"2025-11-26T09:09:26.588237Z","times_seen":23,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js?userId=3u0dpa0rislj4tpdusu0f92733pzn1md","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 26 Oct 2025 15:37:01 GMT","end":"Sat, 24 Jan 2026 16:36:49 GMT"},"fingerprint":{"sha1":"84:49:FF:DC:BD:D8:BA:3D:2F:25:0B:EF:CA:E4:6D:73:79:8C:F9:7D","sha256":"AF:21:94:4D:14:07:CF:FC:E5:3C:3C:F4:AC:47:9E:83:98:6A:62:87:FB:8C:27:43:25:FB:97:CC:47:15:99:4A"}}},"request":{"raw":"GET /gid.js?userId=3u0dpa0rislj4tpdusu0f92733pzn1md HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cdn.gfpxw.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://cdn.gfpxw.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=3u0dpa0rislj4tpdusu0f92733pzn1md; expires=Wed, 25 Nov 2026 23:53:24 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9a4510b76b2ca0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"bcd240296c22f66d88444a7ffd668d37","sha1":"e0c1ec562babb85c2d9b292f0d57d775555322da","sha256":"20b31ce09636d7a7c65e4d97b4392b286430197a14171d5bcf0a89f8c7bb8a49","sha512":"6c8f0f75a9b5fe4c90052eae1bb680bd4ca8b7a9e381902de96418a76de5ac0da1ba3a3eef2938bdebf42e024102b9ec74ac1d3b9c308042e49cec2988340268","ssdeep":"","tlshash":"48a00280c51847d881d4beaf6a57cb0d801014515457664cc1e58aa551c725c84a5660","first_seen":"2025-11-25T23:53:50.023882Z","last_seen":"2025-11-25T23:53:50.023882Z","times_seen":1,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":39,"dns":3,"connect":6,"send":0,"wait":35,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/o5e0059-DVtxabQt.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/o5e0059-DVtxabQt.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-228\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":552,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (552), with no line terminators","md5":"5f0f97b405fefe9de489ba8e41456f7c","sha1":"76a483e83019da56859683b5b07daa78184b1ec0","sha256":"cfebf3948820e48ed4fac47f2a5b823745fc8ed6546b3ecd467b5d421743c61b","sha512":"7a151f914787b65276ad2f9c1e70e9922b833ac0577671f7336d8641420cf1f338428f1a022ee0fe54eb9ff6a3b584048a9381b0b93b17f989b21f2e051cf79c","ssdeep":"","tlshash":"bbf0c04a5af455c5c70722aec25b514130be10b30bccaf76b1bc07340715d9d9904b47","first_seen":"2025-11-25T17:05:28.643782Z","last_seen":"2025-11-26T09:09:26.576404Z","times_seen":23,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/c4e14fb-D4KTBcoN.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/c4e14fb-D4KTBcoN.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-14e1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5345,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5345), with no line terminators","md5":"210689db28e13344278d1bdcbf8113c9","sha1":"3fb472f759c571a4caff85cfab1a6fca830cd157","sha256":"9db7cb22ead2c622cb918eb0f655a8065ceb766da0dea3ab03356ffa680ed19d","sha512":"30b86bd094e404ffa04bdfa81097d8d906b25fb355b7e542998f54872c26b615264e81bfe3dd5b1334df7e53a81983b242b5f9b838f68397b35377b2738d9729","ssdeep":"96:FM67RatOb/QIlnnUjOfez9YTGDQjgHQjski8Qj5IVzxJY6M9ysxmgUV+sszEQT9F:FRXDPntfez9Yan/8sIVzM6M9vxmgUV+/","tlshash":"e5b1a3c5d0a9dabd0eefaade2550d16273504f033c8ad934b2a14c2927f9c0661ab74b","first_seen":"2025-11-25T17:05:28.669899Z","last_seen":"2025-11-26T09:09:26.564515Z","times_seen":23,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/z8807a8fd1-UUZ2M3uO.svg","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/z8807a8fd1-UUZ2M3uO.svg HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 776\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: \"6925d0ac-308\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":776,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"318d8e7547c343aad0770a90089964ee","sha1":"e2557b8959363aef3217518f5b8472be70c3aaf9","sha256":"f5490916579ee14a609e5ffcd5a26f243432a5e869e8c1d4a45769874a672e40","sha512":"ded6123e1dd26edf7c815d99642ce0156fe607883ed0ec8969a7ee5a00b5eaf621bf63015ba75f1d91a9c360eff6203c77801fb7022f9316039cbc9b5737bd65","ssdeep":"","tlshash":"99014c398350d73cadd2867def33249095cea07d50e4c28a92f9da3476d60d1f55f849","first_seen":"2025-04-09T05:05:24.74292Z","last_seen":"2026-04-03T21:01:43.560955Z","times_seen":258,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/o522eee3-DVbo2GS4.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/o522eee3-DVbo2GS4.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-c5f\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3167,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3026)","md5":"a22255e85ce16ae40888e13a7bd283eb","sha1":"4a75f08bc0b0ff176fec576474c886debf4ff103","sha256":"0c7dba46b9e9f5ca76fa1e4aa90e5e9a5251567e70b977088133ad461cae9543","sha512":"d8d505c8e600fb9e404435aa885970b260bbd1342050de20ec95560b500f86addb91ea20ff1d93372f3c43cc06bafadbc1cf62b9182d7e29ca72575e183bfb7e","ssdeep":"","tlshash":"6a51c80e816d24b550cc8aeb9d330d0dbfba6006698c3899fc2b4cdc074ed9dc21a97d","first_seen":"2025-11-25T17:05:28.71004Z","last_seen":"2025-11-26T09:09:26.556411Z","times_seen":21,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/y7009caac-DfKyVrot.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/y7009caac-DfKyVrot.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: W/\"6925d0ab-abc\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2748,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2747)","md5":"3e2edf98d11d8f4ca67490affb1cdc48","sha1":"6f6837a0884bb5724f4ab8dd5aa993c2be00aed4","sha256":"a0283354bdb3a1f46c2dc163a038e39cad2f33348e71b08302222fde0a878194","sha512":"66e4ee18490f2223a9b6650f118ec5ee520bf2adef672687fcd583a01738f280e575c55f1bf839544acaf38a699d3b25f2c6f4a8e798019de97ba3c59e0ee902","ssdeep":"","tlshash":"a55196bf8488a479064d71dfc63781663d1828537c59c9e1a4bc8e2d27da095e13df2b","first_seen":"2025-11-25T17:05:28.655598Z","last_seen":"2025-11-26T09:09:26.558913Z","times_seen":23,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/h27907b07a-BiFN1XjN.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/h27907b07a-BiFN1XjN.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-6d6\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1750,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1749)","md5":"0e0742e856048d34d4659a994aeecc5f","sha1":"27e2652d940e40792118cac428f18c8f1e0e6413","sha256":"8f1b36f16de5d67f99db8575ed0f0f70b556b851e58830f9ff63b15a353effe7","sha512":"f4d082d7994ff0dafee0ffe0ed03d00652b5fa9f46522f203e674704c52f81f67c5eabcd70cbd329e1065dc5c53582d4c98c0a5d3895c066a3d452e84d96dfa0","ssdeep":"","tlshash":"dc3154cf886046fc8456c6e5d22de63037690697e24c5711e4fe5e301722c8bd22aa8b","first_seen":"2025-11-25T17:05:28.688805Z","last_seen":"2025-11-26T09:09:26.586432Z","times_seen":18,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/m11ceab482-aDYWzb5t.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/m11ceab482-aDYWzb5t.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-892\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2194,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2193)","md5":"6c54a9a3002e7ff8a89ef0c1f6f925b5","sha1":"4b9e58fffe537a7aab4aa2a7391a67d62a85ec63","sha256":"3deca59b92a0209315a11102f7648a62fd51e16cada6147375e0806e47e0a0df","sha512":"8a2cc01c0d160b2b4cdf056243ff3a39eca8d9886d9348b18e5ba42788c455b48865726f0a8f665b4873143e74f1012267bd4a077483dc0e86fe974d2c0ce2df","ssdeep":"","tlshash":"a84161ad81f9c1b482c52bdd8232e932349a443334accf95e27e8a3517bde9550b4632","first_seen":"2025-11-25T17:05:28.668273Z","last_seen":"2025-11-26T09:09:26.577712Z","times_seen":23,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/favicon-96x96.png","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /favicon-96x96.png HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\ncontent-encoding: br\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"370e16c3b7dba286cff055f93b9a94d8","sha1":"65f3537c3c798f7da146c55aef536f7b5d0cb943","sha256":"d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090","sha512":"75cd6a0ac7d6081d35140abbea018d1a2608dd936e2e21f61bf69e063f6fa16dd31c62392f5703d7a7c828ee3d4ecc838e73bff029a98ced8986acb5c8364966","ssdeep":"","tlshash":"02f0909f5f12287f2e238571f4c35169cf680a57fb9925e28748011f7aca04549f1fad","first_seen":"2023-03-08T16:42:13Z","last_seen":"2026-04-03T19:38:11.148062Z","times_seen":16113,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/u7dfab0-DMEnjxUz.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/u7dfab0-DMEnjxUz.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-1041\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4161,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4160)","md5":"7cbd4ecef89f831af43e8a39ce724474","sha1":"4c72bdff9b46f3a8caf0aa0905ac010f337a840c","sha256":"0f5c316aec225b8466212a128c5668f14a73d890c004285e0e0a0e038a44e3f4","sha512":"a90b3a7339416da484ac8b97e65a09b1d57a21c34d71a94c1fb38cc1a47e6dfde4b3898ef166b30eb9381468be78d63ae0a5e9d816ef5da29c0d0f6827d52941","ssdeep":"96:IYPs4BP3fwisK7V5AWEjMgiYEtWvB0DDeam/UoBtBB8bmM:BxBtsK7VeWE5iYE0p0XeagUwHB8bmM","tlshash":"e781c5caa06112bd68da89cdc132e731373616d67148d2d0f05e0f3543a9c8ba59df4b","first_seen":"2025-11-25T17:05:28.707362Z","last_seen":"2025-11-26T09:09:26.579077Z","times_seen":19,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/d4d99461-BdDa48kX.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/d4d99461-BdDa48kX.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: W/\"6925d0ab-3a7\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":935,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (934)","md5":"7a62928e6b59897238e3839401f9b811","sha1":"e1801f9ad7a11765da590e79d65901883a669989","sha256":"a6e9637158d637d19098a03d828e6fb1c950a36fc9248de2818dc52c22c53219","sha512":"f90f791bde5292d117a0436418659a6894e4a5f0e46d1f7ffac110f4108a3445a01fe593539a17aeddef0b3c6e428c5d188c5838c94c7f364f0bced0e25c76db","ssdeep":"","tlshash":"d111d09216f105348266059cf170d385bb840122658dcbd0f16d4e6ab796dddc945b57","first_seen":"2025-11-25T19:25:30.635344Z","last_seen":"2025-11-26T08:32:59.111114Z","times_seen":6,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/dae404048-vFIAVwgC.svg","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/dae404048-vFIAVwgC.svg HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 660\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: \"6925d0ac-294\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":660,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c6eb7b4e8c5fdfb54124fbfa4e28c036","sha1":"1c3c4fc1b3202459929f110a2d027d5aea9ee4a8","sha256":"d01053dec8b224cd0cab6d1d4e73fdbbcd0af7ced751f4566e855135fb37be83","sha512":"2329ff17fb9a3b3a073442ab32a2aec2dc03b337dbb6ef77b7f8cb3f6d364ece2356d580fb68927f05e0ac3d445a7d6be0c8db4e9d6fb6dd322d5dbc299fa89d","ssdeep":"","tlshash":"d101f2f502340139e4d76bc800a8b6bb3cf71697e2851d3963ad22c113b4e227dc42e1","first_seen":"2025-04-09T05:05:24.745104Z","last_seen":"2026-04-03T21:01:43.558863Z","times_seen":263,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/sync-metrics","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"POST /sync-metrics HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 495\r\nOrigin: https://cdn.gfpxw.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.gfpxw.com/single-page/1124/fr.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":495,"data":"[{\"app\":\"landings\",\"event\":\"start\",\"usid\":\"19abd6facd321d935894fbd\",\"teenage\":0,\"project_id\":1,\"landing_name\":\"single-page\",\"event_source\":1,\"landing_domain\":\"cdn.gfpxw.com\",\"landing_url\":\"https://cdn.gfpxw.com/single-page/1124/fr.html\",\"source_zone_id\":0,\"config_id\":1124,\"build_version\":\"v0.0.553-verticals\",\"landing_load_date_time\":\"2025-11-25 23:53:23.000924 +00:00\",\"design_id\":6,\"vertical\":\"utility-app-mixer\",\"events_history\":[{\"timeStamp\":1764114803921,\"event\":\"start\",\"timeOrigin\":0}]}]"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 16\r\nserver: nginx\r\nx-trace-id: 91d52f198fca4227831184c34a3af851\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\npragma: no-cache\r\ncache-control: max-age=172800\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-03T20:30:31.134247Z","times_seen":114926,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/e9771078-DQxsnHIz.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/e9771078-DQxsnHIz.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-284\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":644,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (644), with no line terminators","md5":"b2009a854cf1ce5a9171432cf8e79263","sha1":"c133070d3e314d31fc0e59549be2ff457f770728","sha256":"ffaac725a2a58468b69513380ccfb56948d746bd9be896cd2d7941cb71ade025","sha512":"20d9ffcf0dea8a238f4cf739dc6b51f266d02bcecadf3f08b0fc1ca8300c8465945caff014f45a4ba24b294bad0e2d47b9525eb7a2c2a56decccefd0eb6352cb","ssdeep":"","tlshash":"f9f0a24f87f00a5a831e65bfd7a7d320207a007347cc476591fe9b340f596aee404d56","first_seen":"2025-11-25T19:25:30.614525Z","last_seen":"2025-11-26T05:01:46.286489Z","times_seen":4,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/i8759748b-Cl-rREfY.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/i8759748b-Cl-rREfY.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-1d1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":465,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (465), with no line terminators","md5":"1898c2c190edab61c5ae2ec43e53de90","sha1":"3560fb5a0fa1f380f9d1e8561f124f02dee2e20e","sha256":"4cecf199244c2734115f7547cb8a6deb3c2bfdc73bdd6302de053f315067921c","sha512":"cfd1de81e2a24c400fd815f8e959e3428c19c9203e35535cc9529f0aa6cc9c63563e18b819c5eb0b5d83ceea8edbf4b40a42ce526fc4b34543e9d824eecbd844","ssdeep":"","tlshash":"28f05cca0ef08254824e27dcd122aa0232c40077168c8f55f27d5b3c379aacbf820307","first_seen":"2025-11-25T17:05:28.649956Z","last_seen":"2025-11-26T09:09:26.568076Z","times_seen":23,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/p50affb659-Dk84axeQ.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/p50affb659-Dk84axeQ.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: W/\"6925d0ab-2d1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":721,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (720)","md5":"f9982efb1bd9ade5781f536af58fbed8","sha1":"7276da9a7623768af5eaa5fc2ef74c2cae229787","sha256":"c5d1435e4c98b755518029ae96ca48dd5b9e8a6fa682c50c890b8731aa1093ac","sha512":"a3b73b884613cc9472bb079cc3cfd3bcfe9e31595853add835fc1e0ffc2af14d73a63927d7ea78c55837ff624f28dbbf4c1be0a84a42dc06d684ae3cea56650c","ssdeep":"","tlshash":"9401108ba5f09758804973cdc6676003734001234fcd8f80f0bd463a4be51caa90d70b","first_seen":"2025-11-25T17:05:28.677338Z","last_seen":"2025-11-26T09:09:26.571163Z","times_seen":23,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/e9113cb0-CpCkXZOP.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/e9113cb0-CpCkXZOP.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-752\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1874,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1874), with no line terminators","md5":"5a4fe39016f676c96c6a793cbdd28a54","sha1":"90a5686110e342ab968069368c2dce79252dc5af","sha256":"8afad5108fe997ee04b009b97e11f3e6830c5d0c507ee0bc950439f342d2a642","sha512":"708f85178656961423e783a711aa3bce247eef388a856d8fd8a95407bbd9b1f8dd1f9170485620d62a0e6ebcfc4d04e08b52852c4bb332e6b593df2d4283fa06","ssdeep":"","tlshash":"b83179e908e48d34718d55d8763f4f5123f9160734d94f52e16e4ab4169cc8f8236b3a","first_seen":"2025-11-25T17:05:28.702375Z","last_seen":"2025-11-26T09:09:26.572438Z","times_seen":23,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdntechone.com/stattag.js","fqdn":"cdntechone.com","domain":"cdntechone.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdntechone.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Oct 2025 10:37:11 GMT","end":"Sat, 03 Jan 2026 11:35:39 GMT"},"fingerprint":{"sha1":"1C:EA:64:D2:D2:27:D8:F8:14:68:7A:01:A6:9B:4E:C4:C7:D5:B8:DE","sha256":"4B:C9:99:7C:8C:A3:85:BD:17:9A:F8:0F:83:73:65:9E:67:73:5E:2C:89:B3:5F:84:D3:E2:5D:D8:FA:8F:FD:BA"}}},"request":{"raw":"GET /stattag.js HTTP/1.1\r\nHost: cdntechone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 11 Jul 2024 10:23:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nlink: \u003chttps://datatechone.com/\u003e; rel=preconnect; crossorigin, \u003chttps://datatechonert.com/\u003e; rel=preconnect; crossorigin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bsD3sbb4rAVBfDtcWDDs4jU6Grnz1O%2BhRxFfpfCaNSTPlbzu9NURXRbQugBtmDUXQY%2Bb%2FN4doT7B9zAxolrhdKDG3iDBerO9wcW%2FGA%3D%3D\"}]}\r\nage: 3525\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"668fb2b6-406a\"\r\ncontent-encoding: br\r\ncf-ray: 9a4510b76f3556c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16490,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15840)","md5":"80d7433dbc2b7708f2fa4e6a9943a116","sha1":"350c6e2bb1cbd07de260856f918f4ececcd96894","sha256":"54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251","sha512":"6c065d9d4d04b7c4a11ae28751a711a064410055e1db34daed1c74d98f0257a304481bbf2af96b0845075f43d43bafeab34a49241a2a63f967fc0867748f6052","ssdeep":"384:WDC77FbFjbRN8h+eYFCatOJ39BEisNWP7gDhlPQ5EKQIkT8:d771Ff8h+eYFC/JNYa71","tlshash":"ac72e8c631a474afc6c292f04a7f092ef768509060be2986c1d5b4ec5ab51cee7c3f95","first_seen":"2024-07-11T14:08:01Z","last_seen":"2026-04-03T10:34:56.693266Z","times_seen":9003,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":39,"dns":3,"connect":1,"send":0,"wait":6,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdntechone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/h4f47ad1bd-D3nUCPkV.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/h4f47ad1bd-D3nUCPkV.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-ca2\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3234,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3233)","md5":"75ba34654a066141257a7de3fa1f137b","sha1":"94fd4ab0bca4aad20f2885540795f5e849e6ec9d","sha256":"43ce09fe38bfcd819a8edd6febac987501d7d4dd6dc713745c73d027588e281f","sha512":"d5009138cbb8b274ec80bded95fa7d10ae8342783710c5a4dade631f00251890f08e69fc77ccbed6e1fa6bf23b5d7ddbe5d180c7fc25434b6b030cc7f0c9a4ff","ssdeep":"","tlshash":"4861236967fa3b6f4ca92b7a524dc14f062e1d0b6489c6346cd7cb2cfd5058c38b0b52","first_seen":"2025-11-25T17:05:28.662626Z","last_seen":"2025-11-26T09:09:26.559703Z","times_seen":23,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/d5b9f8c6-DZ7sNlO9.svg","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/d5b9f8c6-DZ7sNlO9.svg HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 807\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: \"6925d0ab-327\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":807,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1747972185818f895de94fa87c904207","sha1":"fc66d3666d5ebf130c163bfc61a61fad669af916","sha256":"4933e4cf782e166f3805161e22aefd3f30edc6d9336da50484dfb6d76b6ef477","sha512":"942580d5f9c645a372904dfdf74772f055147d540d15a30ac755fa095029bb238ceb564b54e1e97026ef200877a28dff0884977271efc70c13b7e65f543dda69","ssdeep":"","tlshash":"60016fd5b150dd6d9947c55dc6dba3f0210e4489a06ea0dc2ce68b3ef03ddc5f254321","first_seen":"2025-04-09T05:05:24.739304Z","last_seen":"2026-04-03T21:01:43.552165Z","times_seen":263,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/u68675b88d-DTfpTLHV.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:23.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/u68675b88d-DTfpTLHV.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-2b4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":692,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (691)","md5":"0ebebba507c8fa3a9c8747e0d59c0a85","sha1":"d37d9f192eeaa0fb5fe514341f667d46a24cd4c7","sha256":"5ad2c36879de6652c7ee90c3c46dfe950380c5e08c6a56b002a0400981d9945b","sha512":"84370436798ab8114b7f5ab9c8afbd97baa48e84551a892d239bba2d93180d513a5d7d388c7001b874c610cacea449aefbb49b016cd15f68f1c93708b609e38d","ssdeep":"","tlshash":"4801f44a64b93644800755bfc355e1523415402ba7cccf97a1bc0b390791eaab905f53","first_seen":"2025-11-25T17:05:28.657214Z","last_seen":"2025-11-26T09:09:26.565506Z","times_seen":23,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/z6b2c41b7-CBrfQvaJ.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/z6b2c41b7-CBrfQvaJ.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-673\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1651,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1651), with no line terminators","md5":"414d1600f831893e31cf21e8960be501","sha1":"be21761ef555bf6a09b45da4c8e9c8301091bc65","sha256":"649a6f3c23c58420dc6f46b713c582047ffb5f1638319e98527d9743911572ba","sha512":"e2b73ca2aae7b6049978f4a89fd3683b2c93398361ce7ebd4b17baeb5e6e5fa8f7e5066c77d2c77e5636d78f0e68de0f4ce70e3717a644d09a6b13f908f787e8","ssdeep":"","tlshash":"da31748df950926c843a29adc66d06613b06272f13db8b41a2fd343a23596c8b526f53","first_seen":"2025-11-25T17:05:28.717087Z","last_seen":"2025-11-26T09:09:26.561081Z","times_seen":22,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/e2786bd9a-DRPJUHrJ.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/e2786bd9a-DRPJUHrJ.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-425\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1061,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (1061), with no line terminators","md5":"4267b9f31a20230e2316e8e1a9f9a04d","sha1":"f47f540d71cebbcea692c3d00a895ea0b167d2e4","sha256":"69e632aa14d3e9e97d54edd30d86809d612cab05d41bb02e0d56c98c31c4b144","sha512":"1055765fe1a96f01daaf16ff7373f45b846adbfd31dcb392d830079fac60893051bf894d8b7009a4ec5ee500327081e8d3d3928b5447684a8feaef559a6db046","ssdeep":"","tlshash":"f911390eb6a41c69001914ddd014b9114145516b6bd64fd1d0be517d37baecf7d13f07","first_seen":"2025-11-25T17:05:28.671561Z","last_seen":"2025-11-26T09:09:26.578384Z","times_seen":23,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/favicon.svg","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: nginx\r\ncontent-encoding: br\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":548,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"370e16c3b7dba286cff055f93b9a94d8","sha1":"65f3537c3c798f7da146c55aef536f7b5d0cb943","sha256":"d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090","sha512":"75cd6a0ac7d6081d35140abbea018d1a2608dd936e2e21f61bf69e063f6fa16dd31c62392f5703d7a7c828ee3d4ecc838e73bff029a98ced8986acb5c8364966","ssdeep":"","tlshash":"02f0909f5f12287f2e238571f4c35169cf680a57fb9925e28748011f7aca04549f1fad","first_seen":"2023-03-08T16:42:13Z","last_seen":"2026-04-03T19:38:11.148062Z","times_seen":16113,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/aa718dee-DnIV56VO.svg","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/aa718dee-DnIV56VO.svg HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 511\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: \"6925d0ab-1ff\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":511,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a9033239400303be8adae899ab239eb7","sha1":"f857692c3a529084122d5fc26412c86edc29cbcd","sha256":"9079ed1d74aafbc531efab0db01727cd2e49a5a1288191ab88c29b6b630aa8e8","sha512":"4cb42056502dc14a45440265832eb3bf3b2fd9440790f2e3cbd2148ec4329ffaab16204387600b818dc41527c51c220db12b553b1801a8ea84e862e8d4548e43","ssdeep":"","tlshash":"87f082acc184ec3894bea72c9a681781b42312ad27c8c87d80eb2a1400ef5ed510de8d","first_seen":"2025-04-09T05:05:24.729863Z","last_seen":"2026-04-03T21:01:43.555819Z","times_seen":258,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/i67a12af6-CC3IibOF.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/i67a12af6-CC3IibOF.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-6d0\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1744,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1743)","md5":"d94ca8df6a7b01af10f76d4710e2f478","sha1":"ebd9e335adc671ff7a6019912c4689983701fd70","sha256":"e18dbf8ed060f3b19bfb838b487e7309f72dfb91d097683e5578ff8fbb9c91d7","sha512":"4985c35b4b6764eca4b37adcbec389b6f0eeac7c126e433e193785e8bcaee729a8c16d67cf041c890b06d31e088d9f3ea925e535cf8db4fd3190a80729b30917","ssdeep":"","tlshash":"db311fcd36e12971819824ede63b7181f07e1162714e99c0c17d4e3a3e999cbc771aab","first_seen":"2025-11-25T17:05:28.714456Z","last_seen":"2025-11-26T09:09:26.582691Z","times_seen":23,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/q2cd6345a-DooyreT2.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/q2cd6345a-DooyreT2.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: W/\"6925d0ab-e97\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3735,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3735), with no line terminators","md5":"fbd0d3f30199e5847b754c3779a260c3","sha1":"829317fbf05289f6327b3d50eac51d1837e627cd","sha256":"13b5c4e06008839a901bc4fcc4ad692277661b0fd69b587a2758a9806e391235","sha512":"f997ebf2735e6c3376b9dcf540a275820fc72a496dfb5bd8f2049f18a28dae4c1faf4ec7b024e3e642c703d27adb5cf37dd2d9dff28bf7e89ef764c6b7da6f17","ssdeep":"","tlshash":"0371d8cdc8e5c534428e36ef5029121076ba4f1b752d83c4a1bd0f294b5da4ae085b6b","first_seen":"2025-11-25T17:05:28.646843Z","last_seen":"2025-11-26T09:09:26.580296Z","times_seen":23,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/o0dd635-DIJXmrG4.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/o0dd635-DIJXmrG4.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:11 GMT\r\netag: W/\"6925d0ab-21b4\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8628,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8063)","md5":"949951a7a33270b4637a086fe0a755af","sha1":"0efb58052efa08862710e475ee2c84bd41ede9d2","sha256":"e8f96a06d018d5324d92f0bb255da4dc6c2ce137bd06fa17e5e0802b34d1d1c6","sha512":"2c71cc3e67646c3d3ecb436d3478b9aa71cd6f6872ee60571eadc62eed9fdeebee10ccd22eed0cb352225dc7a478c5865c24525688acdd28dc8e6efdd75f787b","ssdeep":"192:Kcbl6G7U9dvOyzqcb8WjPIjUawYJcDjXJkTlFEq4Db0jPQhbqs38gG/2:Kcbl6G7U9dvOy+cbajUsJcDjXJiERX0a","tlshash":"65021988a0db197cd1da8cfaa561c055b53f0a59a54bd2d0d3ee9dac0190c4422faf8f","first_seen":"2025-11-25T17:05:28.711651Z","last_seen":"2025-11-26T09:09:26.569939Z","times_seen":23,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/h7810a2-B2Yx9ukG.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/h7810a2-B2Yx9ukG.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-e816\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59414,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (59414), with no line terminators","md5":"9d8e49467618b45e44c4ac91692aa963","sha1":"6cd0f8f7d04e4294cfad39f484c17ef7d4939e90","sha256":"d7796036a0aba6e0df462fcb64e5837ce8b2dfd5b8a103068e570028c47068c1","sha512":"ac2e089e1216d8ccf7884e4e3590a804ee2d46cdf57744cf3b8c96ec11a6f902e644bb932e576821ae7075332c6ee690a67587f52f28738f00e8987bebbfafd2","ssdeep":"768:XkVirOw/oDfftYxaIIjv0hM6CBInlCYDeYsMiBATx+E1lzXf27dorO6DdK1alje0:UVvw/9BhOATx+EznxRuxKgfPwGi","tlshash":"74435f9ed2529fe988b31788b95d2a11b22d0d0ded4991a0ecdf0f16176ec87213b79c","first_seen":"2025-11-25T17:05:28.712802Z","last_seen":"2025-11-26T09:09:26.570503Z","times_seen":23,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/l8f15219-BdcZg3gV.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/l8f15219-BdcZg3gV.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-10d1\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4305,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4304)","md5":"18d081cb52d4a2917ff28c9e222656a0","sha1":"e96448082d9f29cb3495d899ef2ab70f9bb471fb","sha256":"deaf7efd02ee9e5900393d848bfe5de83096cae2d0b2a94097f482ea2fecb094","sha512":"1e70c041660485bb19d5853d42b6203a87fb37e461476eb2f2efcdc2524776e46c99308474f03cdfa7b3c3484f087538224cf1f0387149db76af6f42ff7caf01","ssdeep":"96:fi/OuYz6zuxzvPdBb9QQNaAwNS7SH/GSxaA2:fAOuYGSzv1B1g+7SGY12","tlshash":"1591438fb47920fc7697c79da133e1d31a3b25162989c1f4a4d74f2807a0285a33bb47","first_seen":"2025-11-25T17:05:28.680553Z","last_seen":"2025-11-26T09:09:26.567466Z","times_seen":23,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gfpxw.com/_astro/x77a8620-CsWAWzWn.js","fqdn":"cdn.gfpxw.com","domain":"gfpxw.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cdn.gfpxw.com/single-page/1124/fr.html","date":"2025-11-25T23:53:24.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gfpxw.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 13 Nov 2025 02:33:27 GMT","end":"Wed, 11 Feb 2026 02:33:26 GMT"},"fingerprint":{"sha1":"FB:8F:D5:5F:6A:8F:35:4D:E3:67:D2:87:93:E8:F4:66:41:07:91:BF","sha256":"E7:CA:AE:55:39:AE:25:1D:9E:3E:51:DA:B5:B5:C8:9C:21:4C:6B:1A:E1:A7:23:66:39:2C:3A:5F:AD:17:42:5D"}}},"request":{"raw":"GET /_astro/x77a8620-CsWAWzWn.js HTTP/1.1\r\nHost: cdn.gfpxw.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 25 Nov 2025 23:53:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: nginx\r\nlast-modified: Tue, 25 Nov 2025 15:52:12 GMT\r\netag: W/\"6925d0ac-278\"\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nexpires: Thu, 27 Nov 2025 23:53:24 GMT\r\ncache-control: max-age=172800\r\nvary: Accept-Encoding\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":632,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (631)","md5":"6345d4ca05a50433c75eb0c5c6d6ed29","sha1":"8d98c309f0b9c3748c725c7bda519b3babfa8d2d","sha256":"0e87b09adaaecf86becae4655f9f66b2d70bd4ddfe1d2f9a947e9d3d10ed724c","sha512":"4b6d40c7a31b99e271bcdc6b5f0188c0671522bab3c8654b35c2706ab5449e306f932643d04e3fe28b15b6f3c8cbfa918fd9e8f102177829f9c616d0d5e7a5cf","ssdeep":"","tlshash":"08f0dde55bf019744045229de175b382396900b691cc0b90723c8f692384ec69610fc6","first_seen":"2025-11-25T17:05:28.69423Z","last_seen":"2025-11-26T09:09:26.592964Z","times_seen":19,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-25","alert":"Sinkholed","trigger":"cdn.gfpxw.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}