{"report_id":"1fc504f5-f69b-4471-90ae-4e6abe94fbc2","version":6,"status":"done","tags":[],"date":"2026-01-06T21:07:14Z","url":{"schema":"https","addr":"sanlorde.com","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"104.21.60.242","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"sanlorde.com/w/","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"title":"SANLORDE | Play at the best online casino based on Blockchain","dom":{"size":27028,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (27028), with no line terminators","md5":"c461e8353cb74cf7aa48addbdba2b2f4","sha1":"ef3f96c84f5c553b722a143680167826e0e70b1c","sha256":"94d6e79ffe685ef23c4ca52e4236403ec0dc8162335a5df1df41b2a4ed278c70","sha512":"0910c191c3b7e2430c783ce69bb32ad56861986e46a962490235ca98953c5831acd1fae8827e8c021ea96a002a9e638295882d12a20764feb0cab44141660372","ssdeep":"384:PXeAEvY8TfDbzmvhuWhynvvCOCNPBvCOC4PMexyFPs3IOtjCrtW2titM7tH:POAEnCvhuWhpahFP2IkGWMgMZ","tlshash":"81c2d87a61a4cdd5a91b9fa5d0bd3d3e608b857e8b124ddcc19ccea0c2829fd1e55cc0","dom_hash":"domhash7f6c308bc750340482ce528f827672dc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"sanlorde.com","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"104.21.60.242","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-10T21:07:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"sanlorde.com","ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-15","domain_rank":0,"first_seen":"2025-08-16T18:11:24.881673Z","last_seen":"2026-01-05T15:28:25.395686Z","alert_count":104,"request_count":52,"received_data":1525738,"sent_data":23799,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"sanlorde.com/w/","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b40cdc025a72d0b516bd11d9ef0a1776","sha1":"9cd34b30af473b8071638d82dcacef0373194aaf","sha256":"43ef2d3ec8d5b620ec8c5fc2bfc14c3a9836620f75a0a14a0c025ab753cf6f68","sha512":"ffad498a0fda3194476aee567df0b821e3c4886662a0dc72a53e8289c98fc3187b991df3da95f0bc2fe1b238d3478ccfac9d39a23fa2e7928ff3be8461110af9","ssdeep":"","tlshash":"3aa001f190d29c69e43741ab687511161bac490d0109014123a198e91162a098f48e8e","size":72,"data":"","first_seen":"2023-10-09T10:35:22Z","last_seen":"2026-06-13T22:23:57.007186Z","times_seen":94476,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"53c62f567df8a88881c1d8eea64a8756","sha1":"eccc7a5ae448c86795a3b8786318dac7a2148016","sha256":"f811bc6907e4ebb75de78be9891213a23a20b13898a07693cade6576596497b0","sha512":"c0696986ca77329f53a1d6bd8cfa738f36804de6af132afd500153e2d3607eb08ef4b76d1d7da7ba537137ec66f6b79ea38d76841c7d7f5b62d5a0aab2264b50","ssdeep":"","tlshash":"4ff09e5cfc06fcaa5528692f142b5f58e09cda6d53d488ec6798cc97c245c7e038c9c5","size":460,"data":"","first_seen":"2025-12-07T15:18:05.837941Z","last_seen":"2026-06-13T03:04:24.457653Z","times_seen":1127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"98f1c854ce400c87c5fd39ae21f653f7","sha1":"03244e83d424768f462c69315d3445b001ea199f","sha256":"1b7824acbdad14c24e0c1b90daf76263e5985b225515f088cbd37d38c091852c","sha512":"1fa7520f86490b5ac84e54f761786e7d024c12dd0b2cd83d9870974752b5028f0fc8693d574a0186ace2a9ae06348806917e0bfc08dec21c11519b51f3a17c71","ssdeep":"","tlshash":"a1f02d9ff190d4427453df1b61371e375999cc37523cf448546cc93b1311e7a9764845","size":641,"data":"","first_seen":"2026-01-06T13:54:33.235528Z","last_seen":"2026-01-13T00:20:50.984506Z","times_seen":205,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/fbq.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","size":408,"data":"","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-06-13T15:35:15.296067Z","times_seen":16838,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3982a2a2b64a7ebd23c61b28a27f00b5","sha1":"d247ad67d8503eebf053c818a83e71f043929780","sha256":"993260492b148f9168b8ce2d5a754c64dc5bfd47a0ff50b20760b0072b5a3531","sha512":"aa12c4dc968f53446b403a5236bf41b3a2abff00b408e9a5ca5a4745dd302c2d4c26ddb7d0838ecb8e7597b91a45f7741d082868a19b690cb2218b16aef16817","ssdeep":"48:LZJWt+ZyyAx6zA4iA8pRqKsnbn5ncnbnWnXnnnFnDnsVezGBnqPFmGejBnqk5yLi:LPWIUB2tnkurV+rc3nBzQnviktkfEaW","tlshash":"6a81482e5406ce4aec6cbd66423f6c3164dd4a7b4b91def8c18cce5581074ba3aeacc1","size":4097,"data":"","first_seen":"2026-01-06T13:54:33.236293Z","last_seen":"2026-01-13T00:20:50.985125Z","times_seen":205,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/app/(landing)/layout-ca81564ca7ab2f8a.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a5367f9275c124ff441c9f2dda2be9a","sha1":"56f8efc747406730e680b5583b239301797b3f64","sha256":"0d653de16d82ad5663b217d4f67165a5b6d771a51a38c219689792e8566c0eb8","sha512":"c2a82168a520244bbb60a03ab8b4fbf64319ec5f6d01fbe5adc9965af8db74b0f0e0d6418e212934a9f667317e916f879cf9f096bb684d404258653708db6172","ssdeep":"","tlshash":"c1d0a78939817d1d2a136564d977086136f704a8789bbcc166209d911c333ac83a1c8c","size":226,"data":"","first_seen":"2025-03-19T10:41:28.874854Z","last_seen":"2026-06-13T03:04:24.397685Z","times_seen":1901,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/8003-35d6c4e938d60f65.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8014900ea0b06de9aba6c034a95c2e68","sha1":"f5f9791bc97c1a2973734e6999868eb15e2096e1","sha256":"bb2ba96a789f1f0c6144a6d6ddba4a09c139b4060a1c9e97af56538d29415c2d","sha512":"cfa275c652a59e72983c88b3a934681c6f29ffc87c4c99ce4a55137b1f5b0cd6f011d8ea93cecdca39f82ef3f2049fdebb3465a52d80ac6887dbf2ea295ede80","ssdeep":"192:cQkUmrphg1A1ZfGVYOw/39aS2wBgrn0z9bjcjF64KGUZbczUdj:tm+EBGVo3kSicbyp9a","tlshash":"ede1e9b2b7d4fd35135a44d484378247b6542e37601e7080d3fa8cea62b8dca85e2f8d","size":7119,"data":"","first_seen":"2025-03-19T10:41:28.915816Z","last_seen":"2026-06-13T03:04:24.369594Z","times_seen":1926,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/2117-b38e24804a1b864c.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"48df86ea12bec687f8a3cd079f2c9c3a","sha1":"7de6f373283be073bd719abc99c92a960db91870","sha256":"bad4b000769881e73f1c1bdc2168e58e4fe82ec22f531e9bbc75dc68fc5239ca","sha512":"18dcfbc3a499bb31e5d961f5b6a7f7df62c228f871572e467b443da33b1d72f0255cbea13e421147a56a30af874e72442f71ef662b46c6afe8350b0ccf394d28","ssdeep":"1536:CgwbGQZcJmYDjidl/1ss4mmN1zq5EoCv7:w7AsZ41G5+z","tlshash":"f0c3d8ba71d0f8e2079744e5843b400af3791c3b146f70a0a7a5cdd9b5a44eea1a3f5e","size":123631,"data":"","first_seen":"2025-08-11T12:35:45.41839Z","last_seen":"2026-02-23T00:35:57.756354Z","times_seen":1415,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/3573-3533fbf9993988c0.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a957e4f3c19713a0a98e269705e23922","sha1":"846e377da72bc9d830f06135f8643dd29b90998e","sha256":"66388002c5c208e5840bb023430d9952764c361de4771f16958f061374bfb2f2","sha512":"41744bce0b9506d93c061a1346cdae144b4349f34f74b3742d7b1d3c9d7073723e7501dd7d9a3bbd6c54ea4b16d4079e65880e00c0e75c762e335eec4d6be8ec","ssdeep":"768:6rBewJM1ghuPLywyUZva9kAhczB0rjrEez8KN40nLgfNEbk5a29aoLpsgYXzFMEX:adwDfB0rjrgKN4cIrz9USE4ta+fMscz","tlshash":"b743199db3b9b9d4b5069b94aaaf5418713f22bd9f04c470abbcac1071244cc7b46fc9","size":55424,"data":"","first_seen":"2026-01-06T13:54:33.185984Z","last_seen":"2026-01-13T00:20:50.93669Z","times_seen":206,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4c036f560d3ef958bd82caadf5911403","sha1":"b93a0b1f508e4c33e7311431525528c8d32cfb5b","sha256":"6fae471f07326a090eda26233736a5d703e9dea02937adda6806cb95b025a9e1","sha512":"3583da275521c9b7f9fc9698628e12b7702bcf3b282983230cb62dded214bad25f781a1d1540699840144703d4d14384ba0cd6b7ceb6614217248ba8957df6e2","ssdeep":"","tlshash":"f9019eb2dc01ed1dc742cf790c3e2c6820cd867513455847a8c4ca5915669349af1ec5","size":659,"data":"","first_seen":"2026-01-05T22:03:08.695069Z","last_seen":"2026-01-06T21:07:17.683318Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/twq.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","size":308,"data":"","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-06-13T15:35:15.328536Z","times_seen":16832,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/app/not-found-fdba94afb6e61d6b.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"669057438158e9cf084e395dc89efe56","sha1":"1f0086606f09bd2b11ff56e83d3d519d2bc16b46","sha256":"5507fd9352e89802f440ba96545f0388e7bde1ac188f10c5f5b60d1dd62b865a","sha512":"a14cb12812f663622ae408f7a4e954a2d0b48cc6e661ff2a880b00ecacd9e5b16bea0dce20cbf14cde0fb1c13eb2c6bdf0391c6ef243f9d002c2e81b84f89340","ssdeep":"","tlshash":"bd01520531c176d8b5176cfc11bf940d306b269c109e44b2d8b6ac912d2228cba43fcc","size":822,"data":"","first_seen":"2025-10-11T08:19:51.958408Z","last_seen":"2026-06-13T03:04:24.453211Z","times_seen":1456,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/app/layout-2dc18ff666d0a82c.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"093989dfa75a69d497f14d6ed5f8656b","sha1":"0ca77bf93c5bf5018b1df737b9fb353353c842cd","sha256":"6cc1c5def3096bbd11c5b34bf7c71047e0e8d5f98845a827b551e6532f04e136","sha512":"f6360dfc9b456a7d80d498f48b9b8009a5d36aad82606490b978ffdc9a5254dee8d9934ea4ccebadcaa6de7dbef2b35783ca3301a8eb3f6017a2a721cd8c165a","ssdeep":"96:DNHzEAF7EMFkTT2TcT9h90Rf9FqI7QsqQTmLIdl9F5bMhqn9d1CLeD7tDApz3Rhh:REMFkecuJQs7CkdvxzjDoa4Bel5H6","tlshash":"a512a555b659f8ae0f93d06c58bf9049c22d0b2ddccc407e9f2a96512072d6cb361f9d","size":9090,"data":"","first_seen":"2025-12-28T00:38:37.607817Z","last_seen":"2026-01-17T18:30:15.494993Z","times_seen":633,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/9157-1ba04d5623695b43.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d07df211aa09f7a327fd8f7536b1f0f1","sha1":"5e3565273ec641ac5cfd756f5a472cab88fb2fbf","sha256":"c9a61872f0519908e071b9a59fef73f722cfd24c6b3b2800b82a5d8edef6705a","sha512":"b80ff42d0aa35f0e369978332f8517e7e0b2562857f29ea136f000a5d64b77e978245dcff3bd007fe982155e6dc27fd13c7fcc3c65ee7a7faa1d76ab32d8462a","ssdeep":"3072:fexL57gsIi4o2r5pCJfqeaaUxWUQwA+SPg:fsLisv4dQJfN+WpTdg","tlshash":"45f307ad7115b02d4ab31abb40bf5807a87817361c0dc8b0e354f99e91fdad9616bfe0","size":159124,"data":"","first_seen":"2025-04-05T22:58:02.07516Z","last_seen":"2026-06-13T03:04:24.372101Z","times_seen":1899,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71eeecd160a595c33616d27f488a2eb7","sha1":"6217b732eca38e914c948080dfae3055e9adb770","sha256":"38e8d365506696f8f59c8f0637cf5c18d677a8dd00cb22d03db80324ebee9de8","sha512":"adebd8ec46c5dfdf3e729d393e0d57438fca8ebe5c3042b7b633a26522bab94a9e8f71d2a0a24dcac5dee806fe8e9acea3c8dec33905a45d2be7bc5f299f2ab9","ssdeep":"","tlshash":"01e0929eb080d8013cf2ee1a543f1e2381589872163ca6ac958dda3f460683daf18c87","size":399,"data":"","first_seen":"2026-01-06T20:55:36.709573Z","last_seen":"2026-01-12T23:41:57.312156Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/main-app-df523c8931f70c0a.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"780f1f062143f470ccc751e8e9d0ba05","sha1":"c9deba27d87d3e1b411b741a1d7249479fe500b5","sha256":"82b916c2ff6e9ac8cdc115f596700aff44c67c4cb3fcae2c6dad80a6baab40fa","sha512":"77205548712b78834d6277e82f573ab652162e8daee458234ee877477cb98410450a7465d681c859ae71bddc4a2d40249260d3a9c8f7f34a7e9eb5010279aaf4","ssdeep":"","tlshash":"a8f0129a2a4c742f2913ad24fdd36c2e256e916028a759501a14ddb12c736ac93f1c7d","size":464,"data":"","first_seen":"2025-01-31T10:41:20.167782Z","last_seen":"2026-06-13T03:04:24.452547Z","times_seen":1917,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/app/global-error-8b742238adb6a5a3.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c0093b22be6609d18ff430e7880188de","sha1":"18d4a05eea23af4ae3e18662ee7728912fe7b1d1","sha256":"07604cc56cea07e226aec7b1cd3bfdb6df907ca4288a50f18ac864db849ecdec","sha512":"785673a17a523c7eac0ae9edd5b401d61c4b11ddf109a4d6b9249dce7e2f5b3dff0da38852c2365245c3e2f4260ab01936f589cff05b243bed92c92d49a1c1a9","ssdeep":"","tlshash":"7d21118db0807994665ba8de916f940d729b259d100d2ca2d9725cb11c663dc7903fcd","size":1390,"data":"","first_seen":"2025-10-11T08:19:51.900596Z","last_seen":"2026-06-13T03:04:24.410833Z","times_seen":1455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/5353-3e48912cfa3bbe8b.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"197f606b15def078c98943e8fe95f245","sha1":"4be8b59109ea1ecdfb7e9d6bb9eaceca5d495bf6","sha256":"b7acf790b02272e430393b364888a1e921f2749caaecdcedc89bbd31fe9d6d24","sha512":"767a122cd0adb1d5fa5f9e8a6511673e148316933b0e6a135318ea19ef3bb3363e9aebe005baa3245eb44b337830fe9c63986252a818c1dc436a8e2d4bb5a536","ssdeep":"384:tpWv91E0kbfrT42FPpXAhjyXmP7TivCOqX3rXWXvX4r9gYxRxPzr0Ag:HWvHjkbfVPpXEyXgTpRXbXWXvX4r9g+Q","tlshash":"5562e8fca3f458e83a479f74c46f600e713b547daa5285d9b6b8acb056141e87b02fc4","size":15602,"data":"","first_seen":"2025-10-11T08:19:51.902329Z","last_seen":"2026-03-11T01:36:43.6311Z","times_seen":678,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/fd9d1056-da5caefe92cdbb5c.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2e6693b6b8e2ae5167ce7ceb21dd431","sha1":"625b83e4cdbc0bc71ca90f7de6633000d5908f96","sha256":"a87677f28d0d640a628d81e90ec37a86c6674c1c656277318f17b14c9542d045","sha512":"4a219d7524f60f77557dd49d61838d092f7517e9b0984cf2860a9638608cf848c381d9988dad5129a63b4eadf274941a786cbc08d3052715407962a6e131aead","ssdeep":"1536:tVjExazug79h2U4kcNxakmBjt4oGZlibTR5ikxYhlUuRNka2wblHiN+wL8z9Ggum:lzug758kkEiXjOAprX2wd5WjguGOK","tlshash":"b4f3f8e83995f6666eb30277009f1803737c262b280d4d60a211fd9eb5b845eb17bfd9","size":172835,"data":"","first_seen":"2025-01-19T23:51:52.179106Z","last_seen":"2026-06-13T16:38:55.787678Z","times_seen":3490,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/webpack-e300e920ed1acbf1.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d2ac8f4c4a7bf4ba20e60ae6eae0041","sha1":"4e3fdef62badf75ccacb52b655ed76763d633c29","sha256":"20b57e983a776a9663c57b6410147546738733c8e844a8bc8b0009021f12b8ec","sha512":"45225a5ec435d53f4df511fc50a145aaf1251efd569b9a0f002d5350b16da309d452a5d0778f4d96ecde6f8f2cf0eaed70da9455aa1fdcb3ff90e9fe465f9d94","ssdeep":"96:kMyYE1q9WlR3lMka20VGL6VLW56l2WRr9ErLDYyM:kz1mWlNfajUmYyR0hM","tlshash":"ad81a8de71a1f4b91782a4a1443f9146f13f28f2281ed4a0da25e4f5fc7554d8323fa9","size":4156,"data":"","first_seen":"2026-01-06T13:54:33.18297Z","last_seen":"2026-02-07T14:56:27.191794Z","times_seen":208,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/app/(landing)/page-308c23aa618f754a.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"75421032c9f8bb473d414aa147d261f6","sha1":"141eaccd335657f61a300d3dd70391342b045132","sha256":"b86b04128e9daf5565203960c1a538614614f6e56d955b546376aeee2e230813","sha512":"7e08cc039365fe8c00260488a1e92c0f618e00a70b3c3b6b5f78931570f0d7704fc518eca66005cfc4ad77aaa4c5e5a1dd3d28ae72d1c282e43c2867e2e6cad8","ssdeep":"384:k05D8yjHisHBOham1LobXv5LD5nP1vqLzxtJbZO1:8yjHi+CFoXv5LDp1vq5tZZO1","tlshash":"80928319e05de6e8ba720c60962fc449712e365ccb09ccf4f9bca8011a5e4d87b27bd9","size":19554,"data":"","first_seen":"2026-01-03T14:23:16.857555Z","last_seen":"2026-06-13T03:04:24.365589Z","times_seen":1085,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/1651-204c2fb1eb33144d.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5fefea81204bc21f51f299ef3ffe73bd","sha1":"7a722ea1c5204b269aa1b0a1728afaa2f7654dd0","sha256":"5218b4191f1ac86ba12c267f42373dba2d9385052e4b6ffa623da00999a2e08e","sha512":"38a9fbdd23b0c4abf2a3bc8934dc4325b7a89a426187b84e2e80aae3e693cc6f90d1e265e23808985f52a3339c97150be87ee085809562df3fe16dd2f01563f0","ssdeep":"192:hDPl6akEGSHMNEPZ9fDdYuMl7xn2c33/BLuOVFd8CHLjCPv2eLyME8F9rMWm6eA4:VdXkEGSHMNEB9fDdpMl73vBLuOVFdVHX","tlshash":"7d4293a5e3e8e7d0963d4ba151eaa01fb27f3b98ab138c54f5786c14d4648cd3b40ec9","size":12148,"data":"","first_seen":"2026-01-06T13:54:33.216069Z","last_seen":"2026-01-15T06:53:55.992631Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"sanlorde.com/w/fbq.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/fbq.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:55:59 GMT\r\netag: W/\"198-1989632abe8\"\r\nvary: Accept-Encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Rj1SSARc7WWDg10q%2F%2Fbj5MBCxO0wqvkZOLQfa3bVPq%2Bb3Fncl3mIB8ilmajFKnBEbvf24a7tEr5qmStUSV%2FsoWaf7X8H9b2ces%3D\"}]}\r\ncf-ray: 9b9e2e8e181356c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":408,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text","md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-06-13T15:35:15.296067Z","times_seen":16838,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/landing/triangles.webp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/landing/triangles.webp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"2e10-1989632ac38\"\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A%2FQn8hkS3iNbF5vqpV9%2BN0XzTXZuvtDKbSoxbWDkYZXzDanQtYIGDrRnm5Gsd%2BHwyBrh2CNspw%2B5QRcGdqPx49KTJ1k4Al2IFWc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8e181256c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11792,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f05371865ecf62cab6e1001717f97449","sha1":"00d6417678f2f685bfc86621c08404ce4253bd5e","sha256":"002a8352268a2601a960a8e9b0d195162969c477e0588d706db73ff7311b8ced","sha512":"9e28d757cc992746bda182ea76cafa4709ad4ab239206d68c1468d9a2fc00cf977927054ed2ea7447d69d53a876315aa767240e079e7ecedc66bff05a8556714","ssdeep":"192:6FsZYa0wgkcKoiKgstmh7AHiik445mhlOQHJqFOe2NoE0hp8W7Z5PAVMC6LA0gUW:6oYaZgkcwQ45glzRe2GE0hOW7nPAVgX8","tlshash":"2d32bf7f338274f57d2b214219359e571b71c7404be7d720c813b0b7cabb88769948a9","first_seen":"2025-01-31T10:41:20.120763Z","last_seen":"2026-06-13T03:04:24.408003Z","times_seen":1909,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/api/extra/pixel","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:54.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /api/extra/pixel HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sanlorde.com/w/\r\ncontent-type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xqsvtNm9ChlDWFeawQby%2BSiIbsxf85ofZAsrPA1M3Hqqg7A687hfRzzhlgykBcme6hxOQgH6z%2FsUdPKAcAk3yumXsBS%2BZPCSoWA%3D\"}]}\r\ncf-ray: 9b9e2e91083456c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"428647be4acae0d85bd0799a59237001","sha1":"25b1dbe5aaaf5fe53a11fdb05fd14bcad3e92ebb","sha256":"edad519cb99926a099d84224b6b7427bbfbaa60c6ecc1673c039a0723be93006","sha512":"8ed0b8ab8b00e7883301e4dc47e6ae3c38abe1686e6de48d43983fa8105203f86c36b86cff1a09c9bdf9406ac7c4ac2f8b6a8654a42e1b5d03d843b5085428dc","ssdeep":"","tlshash":"f4a022c30a200bc2cc00000008203b22eec823238300022bc00c0200caae0fc30c333e","first_seen":"2025-06-04T11:30:16.150294Z","last_seen":"2026-06-13T15:35:15.323999Z","times_seen":13483,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/custom/default_2.svg","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/custom/default_2.svg HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 28 Aug 2025 14:35:31 GMT\r\netag: W/\"485-198f11aefc9\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FJ2IGSOYBFebmVJQSbrZ4LBrQG76cTFZOHX3n769%2FGa%2BT4pd3GiRcbCuFYZkOmPdRaqqFmSlVtqViX2vJ13Nk69bIeR5pIlVPh4%3D\"}]}\r\ncf-ray: 9b9e2e8deff956c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1157,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"62b62a277b44ec14107b27d12b27a440","sha1":"0db3b7f58eba15b3ee1b892785d1d400bb9797ee","sha256":"83161700330e7dc1656ebfa4039d90c1558d2caf178f67d3df8c1d6ad3e117cc","sha512":"14b19c0777dd92a816cef736820104357e057aa3ff129e62aadb25d82e0ac38d74206bd8cf308f5e617c397040db3e8c2b9a19d66a60a93e080a6e9715501b66","ssdeep":"","tlshash":"0f21661ce25c4125c51453e82f05d4359f97a1db87488238e4d9ffaa90140a76b7ecc2","first_seen":"2025-08-23T08:17:51.606868Z","last_seen":"2026-06-08T01:54:51.712988Z","times_seen":350,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/2117-b38e24804a1b864c.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/2117-b38e24804a1b864c.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"1e2ef-19b83b7f605\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U4RI2GsslOexhL3F%2FVATm3zw1LLiVwX30CfZ2Lc65luWxWnWm1MQR3%2FrA0CnGXucv7JozCSXlSavRpQ4gLW52SRpllFtzrk2294%3D\"}]}\r\ncf-ray: 9b9e2e8e080356c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":123631,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"48df86ea12bec687f8a3cd079f2c9c3a","sha1":"7de6f373283be073bd719abc99c92a960db91870","sha256":"bad4b000769881e73f1c1bdc2168e58e4fe82ec22f531e9bbc75dc68fc5239ca","sha512":"18dcfbc3a499bb31e5d961f5b6a7f7df62c228f871572e467b443da33b1d72f0255cbea13e421147a56a30af874e72442f71ef662b46c6afe8350b0ccf394d28","ssdeep":"1536:CgwbGQZcJmYDjidl/1ss4mmN1zq5EoCv7:w7AsZ41G5+z","tlshash":"f0c3d8ba71d0f8e2079744e5843b400af3791c3b146f70a0a7a5cdd9b5a44eea1a3f5e","first_seen":"2025-08-11T12:35:45.41839Z","last_seen":"2026-02-23T00:35:57.756354Z","times_seen":1415,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/9157-1ba04d5623695b43.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/9157-1ba04d5623695b43.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"26d94-19b83b7f605\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OZBkjXUqCvjlPvE0WlsdAs4XR4Ip7xVvaSFip20xajZTQQmGDSLF6CHZaO%2BQtyF0dQsIulY0tAYCP3Lce8TeHqqYoC2K7vXaCR8%3D\"}]}\r\ncf-ray: 9b9e2e8e080756c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":159124,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d07df211aa09f7a327fd8f7536b1f0f1","sha1":"5e3565273ec641ac5cfd756f5a472cab88fb2fbf","sha256":"c9a61872f0519908e071b9a59fef73f722cfd24c6b3b2800b82a5d8edef6705a","sha512":"b80ff42d0aa35f0e369978332f8517e7e0b2562857f29ea136f000a5d64b77e978245dcff3bd007fe982155e6dc27fd13c7fcc3c65ee7a7faa1d76ab32d8462a","ssdeep":"3072:fexL57gsIi4o2r5pCJfqeaaUxWUQwA+SPg:fsLisv4dQJfN+WpTdg","tlshash":"45f307ad7115b02d4ab31abb40bf5807a87817361c0dc8b0e354f99e91fdad9616bfe0","first_seen":"2025-04-05T22:58:02.07516Z","last_seen":"2026-06-13T03:04:24.372101Z","times_seen":1899,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/1651-204c2fb1eb33144d.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/1651-204c2fb1eb33144d.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Mon, 05 Jan 2026 22:53:41 GMT\r\netag: W/\"2f74-19b905dbf66\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: MISS\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K%2FsoKf9aSwobN6suBxq31T%2FrTZ2I4aNW4Hr0mf%2FLXKIITGY4cHLQyjxOE6A7C6zA8D0DxUZHMq3%2BakWzGVhJc0UFrjlAhYEIV8w%3D\"}]}\r\ncf-ray: 9b9e2e8e180d56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12148,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12148), with no line terminators","md5":"5fefea81204bc21f51f299ef3ffe73bd","sha1":"7a722ea1c5204b269aa1b0a1728afaa2f7654dd0","sha256":"5218b4191f1ac86ba12c267f42373dba2d9385052e4b6ffa623da00999a2e08e","sha512":"38a9fbdd23b0c4abf2a3bc8934dc4325b7a89a426187b84e2e80aae3e693cc6f90d1e265e23808985f52a3339c97150be87ee085809562df3fe16dd2f01563f0","ssdeep":"192:hDPl6akEGSHMNEPZ9fDdYuMl7xn2c33/BLuOVFd8CHLjCPv2eLyME8F9rMWm6eA4:VdXkEGSHMNEB9fDdpMl73vBLuOVFdVHX","tlshash":"7d4293a5e3e8e7d0963d4ba151eaa01fb27f3b98ab138c54f5786c14d4648cd3b40ec9","first_seen":"2026-01-06T13:54:33.216069Z","last_seen":"2026-01-15T06:53:55.992631Z","times_seen":210,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/landing/block2_1.webp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/landing/block2_1.webp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"8a08-1989632ac38\"\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dMcyGNWtf2Y%2BBQiSFv5ILmj615x7HZto73gATUHWs%2BSTS%2FSCTMrU2dnMgaeYXxe8mDGUmkpjwmWtPfj3ixVnHhd7nrs%2Bs%2F7NCVU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8e181556c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35336,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"27af9080beb8306cddacd1a9037925bc","sha1":"be2a7157460eb6ecec53392c3a0a4b403e86ff48","sha256":"64f67f85d1e3bbdf632351a794605b742e8293f29c762897dcf855ecbcda6d4b","sha512":"6451167d859df5e5eb343f48239026bb35a46a2e6f25cc47bee910ddbc949a37772d5322a27dcc73e8ffd8e534d868653b83d9e0355f9fdb2e703d2b1f651db4","ssdeep":"768:Y5AgxlJUP/BLpP+9ejuyf89L6LrzRH2N/O3jeCZ+EPvxrT6x5w3UBIXl:SAgxlJUXB9mCuyf89QH2N/QeCZnHxrTj","tlshash":"6bf2f1985019152ae3524e25d298752267c7dfec17f0b221de90dfe852f11ee30aface","first_seen":"2025-01-31T10:41:20.160976Z","last_seen":"2026-06-13T03:04:24.455411Z","times_seen":1907,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/landing/block5BgMobile.webp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/landing/block5BgMobile.webp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"bfb2-1989632ac38\"\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=634BUij2mndxhn4p24xso7arDAzX5KC0F7GyPiArUGeMFu4%2B6JwBsU75zElw22Im0S%2BHsWpUKu8Ti69X2Pa51e%2B2zDTpjmfxjl8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8e281a56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49074,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3ce596f2875175161c32cc277e495175","sha1":"de336df23f662cb35e35030d7ac43105fd6f75af","sha256":"3f6626eb2f59ea9fc3a1297d7fb2aa365f5270f0ae3a84586a3eca83dd243ec1","sha512":"25e128edd7574d76ca34e04f30b86cede5efb8b27d4a257898577a96295100dbefd4f3de5ce2d6afb9913c3532ca24bac90e60e90bf926b2d50b9ba7b0f8b02f","ssdeep":"768:hsWhVWv4Ru5NV5dm4vdWHe7GtiCzAoQegljsVNRiKIds4bTyNnu5UBLJEzxTX3:J44ANVP/10GKbQeaj2NRFIKBLJkFX3","tlshash":"752301a0ce99f00b89649520f529ebe62e7147cd8f9cd71a188cd07465faa1fd0b4f83","first_seen":"2025-01-31T10:41:20.132022Z","last_seen":"2026-06-13T03:04:24.446327Z","times_seen":1906,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/green_fav.ico","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:54.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/green_fav.ico HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sanlorde.com/w/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:55 GMT\r\ncontent-type: image/x-icon\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Wed, 20 Aug 2025 22:56:31 GMT\r\netag: W/\"272a-198c9b2bf86\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KrHPWTJgXyl8FuE57PN8DnJYI1OrUF5HSoqurseciPayfEESodp4M6bO2lPTykTZfVJDyM5mL0xqKA2W05iRoUIO1fXDzAwORXM%3D\"}]}\r\ncf-ray: 9b9e2e94f85a56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10026,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"8a1a85ff395e10ec6c13d9cfbf7ff6cb","sha1":"57475dcf21961cfc0b2d2e8ceb9cc0884cb3136e","sha256":"1211c73a178974f0c8183ad2a113ad4a52afdfe175f038fa623f95da1b96e046","sha512":"45fc667be005851269291feddae5a17ac2f40ffe3d661e4ff09dea674c35c1f288594538f17a47ad11a0221a4b1d81d90f8d00f9ace667ddf61bf702a14529bd","ssdeep":"192:D0bLsXbHP1zpXaVXdD1lFbjslfYmkFbMyDyJDj6zo7:D0bL6bH9z0n1LnslfYmkFwyGF2s7","tlshash":"1022ae894a8662d6cd8119b17e34035f32680eafa4694d0fd7fb5df929d2d89cd434cc","first_seen":"2025-08-23T08:17:51.631386Z","last_seen":"2026-06-08T01:54:51.699682Z","times_seen":786,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T21:06:52.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: text/html\r\nlocation: http://sanlorde.com/w/\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: default\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cx2mBXyLbZZJuFxF3imDry4OgQib1VrOP0RYOAy186hrR8gtV8ng7vfUHtmfKa6r7CZbvRdU76I%2BUgykRMu7QItBCb%2FZ5pUeOgPKeA%3D%3D\"}]}\r\ncf-ray: 9b9e2e893dac2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26714,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T22:33:33.544268Z","times_seen":16396986,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T21:06:53.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/ HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2SFIDpsGaaIFQCAT0%2F1ZQMOJPJgMt1fPzXUCoHrKG%2FU5EX1m%2F%2BMdTE5NSD0ckq%2FdK61STyg6Oh%2F5iKDW9Ig2ADTeVon4lEgGmAY%3D\"}]}\r\npriority: u=1,i=?0\r\ncast-mode: default\r\nvary: Accept-Encoding, RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding\r\nx-powered-by: Next.js\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8acfa656c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]}],"data":{"size":26714,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (26714), with no line terminators","md5":"ec159cffc5a072ceaa5c32649f15f3d5","sha1":"ba8c3c4d707a20f4c44fbb3cb705a56c0c9b0b92","sha256":"2e0241f67858fbb3b04041562b53937c69017d5f0a1dd3b3b6d7f6c09556134a","sha512":"cd4854f4a546b61e6ee96d121c575f5fd1f584e24aa20b20b1d2ccfd80184edd5c8614969127bc56bc9036408bf9237c7b2ff36ebe1841d31b2db80d15ee3e03","ssdeep":"384:qklP0OGfDbzmvhuWhynivCOCGPBvCOC5PMexnFPs3IOtjCrtW2titM7tY:qAPyCvhuWh8tlFP2IkGWMgMO","tlshash":"53c2d87aa1a4cdd6a91b9fb5d0bd3d3f608b857e8b164ddc809ccea0c2819bd1e55cc0","first_seen":"2026-01-06T21:07:17.637951Z","last_seen":"2026-01-06T21:07:17.637951Z","times_seen":1,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":209,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/app/not-found-fdba94afb6e61d6b.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/app/not-found-fdba94afb6e61d6b.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"336-19b83b7f601\"\r\nvary: Accept-Encoding\r\nx-cast-cache: HIT\r\ncontent-encoding: gzip\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GrDRR6NZ97zwu9tSOZfbXuIK7eZfVePsHiiN8cQfRqaV0UmZ9Key5Jgkao1nDC5jbZz8JQKm9anRhwlVygs%2FsVRLjkhTt49FX3I%3D\"}]}\r\ncf-ray: 9b9e2e8e080a56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":822,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (822), with no line terminators","md5":"669057438158e9cf084e395dc89efe56","sha1":"1f0086606f09bd2b11ff56e83d3d519d2bc16b46","sha256":"5507fd9352e89802f440ba96545f0388e7bde1ac188f10c5f5b60d1dd62b865a","sha512":"a14cb12812f663622ae408f7a4e954a2d0b48cc6e661ff2a880b00ecacd9e5b16bea0dce20cbf14cde0fb1c13eb2c6bdf0391c6ef243f9d002c2e81b84f89340","ssdeep":"","tlshash":"bd01520531c176d8b5176cfc11bf940d306b269c109e44b2d8b6ac912d2228cba43fcc","first_seen":"2025-10-11T08:19:51.958408Z","last_seen":"2026-06-13T03:04:24.453211Z","times_seen":1456,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/app/global-error-8b742238adb6a5a3.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/app/global-error-8b742238adb6a5a3.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"56e-19b83b7f601\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106731\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3VeDJAP4wv4zeGCsInZV1KI33xpstLI3eIVVQQXO9%2BdGdufNkW75bt%2B3d4NxRReJs3oYdbgjZQro%2BACtwAVCwdLlphZw2eoAT54%3D\"}]}\r\ncf-ray: 9b9e2e8e080b56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1390,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1390), with no line terminators","md5":"c0093b22be6609d18ff430e7880188de","sha1":"18d4a05eea23af4ae3e18662ee7728912fe7b1d1","sha256":"07604cc56cea07e226aec7b1cd3bfdb6df907ca4288a50f18ac864db849ecdec","sha512":"785673a17a523c7eac0ae9edd5b401d61c4b11ddf109a4d6b9249dce7e2f5b3dff0da38852c2365245c3e2f4260ab01936f589cff05b243bed92c92d49a1c1a9","ssdeep":"","tlshash":"7d21118db0807994665ba8de916f940d729b259d100d2ca2d9725cb11c663dc7903fcd","first_seen":"2025-10-11T08:19:51.900596Z","last_seen":"2026-06-13T03:04:24.410833Z","times_seen":1455,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/landing/block5Bg.webp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/landing/block5Bg.webp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"d128-1989632ac38\"\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hO5e%2BEPPOfs5DTam%2BLQNZp7d7bdbPS%2FRn%2FEQhhJGjbzro4BKgpoh0gB69htGyhwuB%2BZmckQsLQho%2BmaPHOXixT1q1fUhxQc2ycY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8e281956c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53544,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c6d0567946b20d3f91228186c8425ade","sha1":"90e84b04c251dbbe1cfd12cd2220f07beed207f2","sha256":"5782471d28353cb1ae76e0d8463801d81bef491501aa62f3146004df0fc8ede4","sha512":"9f1b0f50c8990665ddc8d8489742eb34e13220e47977a22227dec4189fcd725fd9452c90114fab8f1a129bda2754a925c5b4a60bbe31fbf02dcc82b30b78b4f9","ssdeep":"1536:wQBneNzFJFsR1NTJ69EVl+DVj6VwVo/aA2G4Z1KL7/bY:8NNc11Vl+50wOCA2G4Z1K3jY","tlshash":"c03302c8121dac27bda99a512204cfd742b198ce5ad860b1edc0fe1af12c46ec4d5cfa","first_seen":"2025-01-31T10:41:20.129062Z","last_seen":"2026-06-13T03:04:24.413562Z","times_seen":1910,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/fonts/inter/stylesheet.css","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/fonts/inter/stylesheet.css HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/_next/static/css/0c973de4e2fc1e14.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:55:59 GMT\r\netag: W/\"18cb-1989632abf4\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8f20hfa0XDP1duBbPDmfjWsHX6IG5bqUCeKsYXdEBJpXFKinQPuvhhcm87kkUn7RvV7Bsf2TckvLcJRNKN824yuyU3GKWWiwNB4%3D\"}]}\r\ncf-ray: 9b9e2e8ef82456c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6347,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"0a511d5ef880ee90b13a3114a3580d9e","sha1":"afe980d039932ebdb029eda7b828ea5044f9da25","sha256":"a277e69d8b8344546b1869f001873192c454164940ef1bebca997a648217e470","sha512":"392bef4e910c4c7df5a3730b019e6585db50285d5dd722bed2ce812bc446be78c5b79bb43adfc3889d341de78cec99fce49240872f0500ed4f973b5783b65603","ssdeep":"192:HXKVXsXYwPXfXPXFwwX4XOXGwFXdXhX7wKXmXgXkwrX7XTXxwsXUXCXCwtXJXlXQ:HXKVXsXYaXfXPXFhX4XOXGMXdXhX7fXQ","tlshash":"0cd15403067f2e21364148693f9e9a77fd7c188a71b611a6b979a1500df3c9383cef4a","first_seen":"2025-08-11T12:35:45.430867Z","last_seen":"2026-06-13T03:04:24.447252Z","times_seen":1494,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/fonts/ttnorms/TTNorms-Bold.woff","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:54.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/fonts/ttnorms/TTNorms-Bold.woff HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/fonts/ttnorms/stylesheet.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: font/woff\r\ncontent-length: 31356\r\npriority: u=4,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:55:59 GMT\r\netag: W/\"7a7c-1989632abf8\"\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BdmPE0yYzPTrMxg3hyz1OnhzzBeyCCMtifvVRsNsBVG7sh46uh%2F3OGttSHRMrSOZoFO0JnuAcudRXEpbb9F5fKl0kz%2FnRVF%2FkzQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9e2e90b83056c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31356,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 31356, version 0.0","md5":"1009f03324315eb8bb66d610775afe82","sha1":"0f23bd1f8f9cefd55d70e8adc0630cef4c17ca52","sha256":"9e710930d6b03e68bdc6ba959f0d2c887130bfb798396be23a681052a65dac08","sha512":"aa49efbd3abbf9f1725d374df9cf78c265404df78b7559403ee63e87d753156cb5c29b7c12a464db02984c2c487a680556ce95d3e4f549faf2aaa8963c6513bd","ssdeep":"384:yDE5sruZZalQZm8rBdPelcvyApojd2CijOognqC1paaHxOpS8q3YuqvHd3nbTTzY:bZoSZm4zm6j3ZfD+B9M93TY+oc/s","tlshash":"7be2e0eced1fe7a38314c5ef11354e2b137429c7701bc78986289555eca61b2bd31513","first_seen":"2023-05-07T16:06:45Z","last_seen":"2026-06-13T03:04:24.451922Z","times_seen":1951,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T21:06:52.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 06 Jan 2026 21:06:52 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: default\r\nvary: Origin\r\nlocation: /w\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MQh9klVmsUPR%2BR1qEBHh5PuDywLWdy55eZBGUbD9AMZBnOQTDrdjaP3GkloecaCCVr%2Bdn3hvk%2BCAJcxNEKkG7aIW%2FY8c4UlZlcmbag%3D%3D\"}]}\r\ncf-ray: 9b9e2e87988e2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26714,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T22:33:33.544268Z","times_seen":16396986,"resource_available":true,"data":null}},"time_used":312,"timings":{"blocked":27,"dns":13,"connect":1,"send":0,"wait":251,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/css/8fa659781ff3396a.css","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/css/8fa659781ff3396a.css HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"21c4-19b83b7f609\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CaSRcdWY2VLiSYYrRm5Gle27V%2BIeQCIVFHt94j19aLE25sYQ%2FX01TKV3%2BB0k8rJn%2BOcWT58yW%2BOGvuFONP7IY5L77ynZtZpJjUg%3D\"}]}\r\ncf-ray: 9b9e2e8deffb56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8644,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (8644), with no line terminators","md5":"25e6558b12d5016924b8400768c25abe","sha1":"a6f75d5383b421a8a72c012161bf117ba1a9722a","sha256":"a20d3c3236a63854ec92f8a795f3c386ca7776126d9419916485826cd153b445","sha512":"8b7892d0d27462c8d025c2d109b3c874acf68b7e02c8996113c98757a43641ded8b4f25900c6082bcc35377c66f21ffbc8d2ff4e60e34ed3c9bd7bead3e9917f","ssdeep":"192:ynKRjQoRX2SKRFg4kik8Ux08RY3/RwGuR+phRvN1uhmYwRzMERP+AYRYcURiNLj/:AwMIPhBFiodUWUcra2Es","tlshash":"0502fb7fd03d50b82ad57cb5914c51093423ca02d7b763cfb788f93ad1ca1a925a3758","first_seen":"2025-08-30T00:34:17.02688Z","last_seen":"2026-06-13T03:04:24.408763Z","times_seen":1484,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/landing/block3Bg.webp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/landing/block3Bg.webp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"7ce0-1989632ac38\"\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZB42D%2FNpIitigeg1KbdVumznbFKXQEOiuxBoP0xQbG7F7xWkVaBJOu8qE2O0V0FVLBlzTa1NVt297V0eT1wPvX3dg8Od1kYEam4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8e181656c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31968,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9e48516d30fc0185a62d4d44782d7114","sha1":"8c8de6204cf95cb371c8181dfa68609b82874802","sha256":"9f65b5f84da360952bf621b40cb8c01719e3d66f386154fe73122a06eed3e5f9","sha512":"ac57b94a1412db4893f4cc5bbb7208be9d486d6cd3acf70ea19630ba10b129f53abaf058878b5eb7b4a1e64ea87bc0d845fc268decd470e1fd789a206ea1b08c","ssdeep":"768:Yq/RYKrxOSBsYeXstjo3Tac9jHQna6yFw4OoxkEg1nTRo0msG0:Yq/RYYwmeXsO3BjODy+4OmkEuTRFFv","tlshash":"bce2e1453b945006d1eba9ac050fcced827a5ceb8a6f5427fd161a94cb3b220e7028db","first_seen":"2025-01-31T10:41:20.127884Z","last_seen":"2026-06-13T03:04:24.373949Z","times_seen":1910,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/css/3f1fd21e079483d9.css","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/css/3f1fd21e079483d9.css HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"1fd5-19b83b7f60d\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PmO%2FiRyz9P1BTQhjVGiUd00QsG2T8yU7zXk5FqBfGbAVtmks%2BaQpyjvSr%2BZSy1aOVWkGVyNfyyIIGYZdJtcZ0DMj9IcTVTJOaYg%3D\"}]}\r\ncf-ray: 9b9e2e8df80056c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8149,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (8149), with no line terminators","md5":"d2992b3fc8846472b32f4eafca8c141a","sha1":"b1ba8f25dc911871f7455fa2593ae6aa0510a461","sha256":"0d2d7b228b3d0e0becb161a8836e846fb9c9400e842f9bfbb954c3491a4ac062","sha512":"b612fc58e50ef52cd93baecf264bbcb5d88cbeb7452f5ef3ea8a166ee339f03b1ce813d59a59cd5b2da1ad2faada5b915cb4c033c00f9881fc3cff898dd1130b","ssdeep":"192:ZlFRa0g88VW0QbxPCjMxL3uy9o/zvoPodLy/tlt:K0g86+PCAxj/94zvx18t","tlshash":"0af12332267a602cbeeaf476efe0b96931c0c527933b15e1fd49f926c08916b3711359","first_seen":"2025-12-07T15:18:05.819577Z","last_seen":"2026-06-13T03:04:24.36412Z","times_seen":1124,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/webpack-e300e920ed1acbf1.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/webpack-e300e920ed1acbf1.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Mon, 05 Jan 2026 22:53:41 GMT\r\netag: W/\"103c-19b905dbf66\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: MISS\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QcKeEFAIvICYUkxR%2FAHtcsSdg%2FMiJL22MZGuXXBCn7vkmVM9PMSGp4rlGTWQeZ%2FhH%2FAEX1slNM5W7Ns5p%2Fr2TGkwIDGAPZ5uHB4%3D\"}]}\r\ncf-ray: 9b9e2e8dffff56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4156,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4156), with no line terminators","md5":"9d2ac8f4c4a7bf4ba20e60ae6eae0041","sha1":"4e3fdef62badf75ccacb52b655ed76763d633c29","sha256":"20b57e983a776a9663c57b6410147546738733c8e844a8bc8b0009021f12b8ec","sha512":"45225a5ec435d53f4df511fc50a145aaf1251efd569b9a0f002d5350b16da309d452a5d0778f4d96ecde6f8f2cf0eaed70da9455aa1fdcb3ff90e9fe465f9d94","ssdeep":"96:kMyYE1q9WlR3lMka20VGL6VLW56l2WRr9ErLDYyM:kz1mWlNfajUmYyR0hM","tlshash":"ad81a8de71a1f4b91782a4a1443f9146f13f28f2281ed4a0da25e4f5fc7554d8323fa9","first_seen":"2026-01-06T13:54:33.18297Z","last_seen":"2026-02-07T14:56:27.191794Z","times_seen":208,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/app/(landing)/layout-ca81564ca7ab2f8a.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/app/(landing)/layout-ca81564ca7ab2f8a.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"e2-19b83b7f601\"\r\nvary: Accept-Encoding\r\nx-cast-cache: HIT\r\ncontent-encoding: gzip\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zpVo6O2JqH9i1q%2BFqeTbincwaHm%2ByqxdZy4wU%2BDZrgOn7eXbolpfLg%2FDdqDgR9cMq%2FY1Oy7DKAQgpQDQRyqM8s3925m0j6cJciw%3D\"}]}\r\ncf-ray: 9b9e2e8e080656c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":226,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"7a5367f9275c124ff441c9f2dda2be9a","sha1":"56f8efc747406730e680b5583b239301797b3f64","sha256":"0d653de16d82ad5663b217d4f67165a5b6d771a51a38c219689792e8566c0eb8","sha512":"c2a82168a520244bbb60a03ab8b4fbf64319ec5f6d01fbe5adc9965af8db74b0f0e0d6418e212934a9f667317e916f879cf9f096bb684d404258653708db6172","ssdeep":"","tlshash":"c1d0a78939817d1d2a136564d977086136f704a8789bbcc166209d911c333ac83a1c8c","first_seen":"2025-03-19T10:41:28.874854Z","last_seen":"2026-06-13T03:04:24.397685Z","times_seen":1901,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/twq.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/twq.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"134-1989632ac50\"\r\nvary: Accept-Encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uEBzM1Yr9u%2FrFYZWIKBVt7lzNBcr9cSdyPaB2D8bvmHK%2BxmpiCEiBgGkl0NrL7AyE7lACXix5M9yAk1st%2Ba5c0u7IlRNV3Vauic%3D\"}]}\r\ncf-ray: 9b9e2e8e181056c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"CSV ASCII text","md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-06-13T15:35:15.328536Z","times_seen":16832,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/landing/block3Bg2.webp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/landing/block3Bg2.webp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"a50e-1989632ac38\"\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PH6EVhcE%2FvjPYQJxCCss%2BWL%2Fjqtj%2F37d8%2FLRk4Q0ba5sdJhKHKrxAiLzgPACWYvIddU4RdFBN4LmfRpIMwc0ZgqyVjDo64S5FpA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8e281856c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42254,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d478c3f4a716990ed217e6ace31734d3","sha1":"c773fb06a91834dfa0874a7ac02e1ed063709706","sha256":"5111eb0ea2e9c86e8f4c57da58821b50781c345eeb65a397dfe10799f34c21f2","sha512":"d1844b16ad017ca258c943cef26e6c2125b94dcc9bfc3a62a13e83a8ebe510230d9531a156df6da080597b6697bcca10ee75912ba7378e17c4266f5b9f5aa047","ssdeep":"768:W62xl5LOCUFdXVdS1z0zfs8ulIjL82K7usf6571t0lfk3dRGtrOOdTONmk5T4LHP:Wtnqvdmubs8u6jL8Tusf6Z0l+wJwNmBz","tlshash":"0d13f1b13d4b9594bc7c444cef80074f9acc66ed9182dc67c1ae68f1a789ca84a309f4","first_seen":"2025-01-31T10:41:20.124542Z","last_seen":"2026-06-13T03:04:24.371291Z","times_seen":1908,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/api/extra/promoIp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:54.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /api/extra/promoIp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sanlorde.com/w/\r\ncontent-type: application/json\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vhwvmM5mvFr4ZtIGVAQw5dJfPuCdlz%2Fw4QlJWThAyI3GcMRApZFdbzdifqowuFgGNM3JWB3d0r2hrSUGJ7MZX5cfYedaB9lsstQ%3D\"}]}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e91183556c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-06-13T22:31:17.747739Z","times_seen":157800,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/new/green_fav.ico","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:54.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /new/green_fav.ico HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-length: 0\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\nlocation: /w/new/green_fav.ico\r\nx-cast-cache: MISS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a10MxD%2FMaprkSoVx4aRi%2F1ife2%2Fva%2Bo75ateqFGvkl%2BTJ2nBuhOAkYMyhdqvOyn1SJMHoERrRgm5UZSFZ%2Faya%2F94Nw5ta01PMCs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e92d84a56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10026,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T22:33:33.544268Z","times_seen":16396986,"resource_available":true,"data":null}},"time_used":337,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/css/c6c7cbe7c5388caf.css","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/css/c6c7cbe7c5388caf.css HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"122e4-19b83b7f609\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MgDjWW%2Bu%2FNZFeecbrlgRZH2kQM0t1VGANsRpO3zbjDMOpHpDtriR55wwp7LNfy4JRJMl8XQ4wpW%2F5L%2Ff5LAnl3Jl3zHq956elgg%3D\"}]}\r\ncf-ray: 9b9e2e8deffc56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74468,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c92db200a490f7551018633bc7ac7f97","sha1":"696270977bb31456c840b5633850c446bfc61e47","sha256":"3d430b4769e9763b6cd52286adb424663081d110c70f29773c416b07843453f3","sha512":"b712401c407e1c361f91d070f21f69fd311d4ceb7b066f8e24e2aa67827ba7667aebb08b0c86f288b43068651281a7d678f0f78c101f7002b43b47a983a4f1b8","ssdeep":"1536:2+ysg6WNlUEe+wdPIzf39OM/hxTWg+96f43tRBwhJJGppDzBCYr2uhsTs:UNlU3","tlshash":"10739572a21aa41cf463801370d1a59d7174c297b73356aeea957b1bc2d32a32b737cc","first_seen":"2025-12-07T15:18:05.81794Z","last_seen":"2026-06-13T03:04:24.392798Z","times_seen":1130,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/css/317691348e35dd2f.css","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/css/317691348e35dd2f.css HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"853-19b83b7f609\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hpaX4YwmnknGkGgG8afH9pGxoijTr2lXmZI3DDe%2BA6TZyyM9mnINaTnRTZN26RBg4RcmIAUrA9YuDxtqIAgF8hkV6GA3QG0IGzA%3D\"}]}\r\ncf-ray: 9b9e2e8deffd56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2131,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (2131), with no line terminators","md5":"c66423fb88d7272cc42515b5c255800c","sha1":"622df8403db965331f0108ad5e532c6a1831fd1c","sha256":"28de71941d77d94d371ac216119d39292e7a92b5baf7c36feede5a4db9cc4437","sha512":"35068b1c594a31b430d7ba1f1b1cfb1d081980251514b42b7c6ec69b3f395bcf56e25bc231beb0997853026572ee853aae533b02b49ce8e0274143d10373b3da","ssdeep":"","tlshash":"6941223a303ea2ff7966baf254dc049ba127c9815633af5da6446d39c3c91d10b61b8c","first_seen":"2025-03-19T10:41:28.890253Z","last_seen":"2026-06-13T03:04:24.406852Z","times_seen":1905,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/landing/block1Bg.webp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/landing/block1Bg.webp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"5f7e-1989632ac38\"\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i1ERuTtyE2laXUuPlK5axW2MVrH%2FbhCgwUeY%2BZmFxzaf1E7SWmOsfVOV0gYCvpWMX4VLGNfpuBNirCU%2F9TSXRKzKQX6EGQ8QABQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8e181156c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24446,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1450x480, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"43ecadeebe099275233f25da3d5d7b25","sha1":"939a8734db86195892ca05078d12bcc5ab0cbedc","sha256":"64cc10e9de9290364654d6f2387eb1333e22f59931d05f9d3626102670f1eea3","sha512":"5fce11cf8cbe35686f74fdd583e82e36c0b4b77ba93dfae8aa271c53b5053de2835ef590303a8f2cbee110605c629d5bae3e1aafe41f86df5422f9c462f41ff8","ssdeep":"384:quk8HyH7AkmJKGiqN6ABdtGFAvUNnReYGzdFocLkHVkKNBJuLi:i8SH7Wz66nGganReBZicw1kcBUe","tlshash":"bab2e115ddcd8d28a650a474095bf1063a9788e21fe5ffe898893010a7cdef4f6a4bd3","first_seen":"2025-01-31T10:41:20.113549Z","last_seen":"2026-06-13T03:04:24.398805Z","times_seen":1905,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/landing/block1BgM.webp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/landing/block1BgM.webp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"772e-1989632ac38\"\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BevGqWYet6G1bPM0ynAvE6W9%2FfpwLY6Gzm1bx%2FHOCM1jf5wLHCT9VGkcIbTTr1AoLjY7qqbaKOtbGH9LfHw%2BJUGMwGo1aokkKJk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8e181456c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30510,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f1d26004f83735bd2521a49722ea6c06","sha1":"6eae79b2d1c8a1539bee33abae3ee09825468b54","sha256":"7a5783cd7895fd743a8efa30ee7de9402deedc294d8eeb71ea22f676b787ea10","sha512":"8cc7a3b942340c94f55232e222fc27cbde7815ca763c483ae770397d3f46b5fe49d2db9f2daa80736f32caa1eb9996b0c4ea08d05fb691b29083b7d2a6032601","ssdeep":"768:SYZ9DOJNKHAYuYgmHR9NjvFwyaDtATAFSUt:XIKHAYuYvHR9Nj9Ba5A/U","tlshash":"3fd2f18c066ff44c505ae723823d4f4917df885e963c355a8aa78335a4e9e136c8f53d","first_seen":"2025-01-31T10:41:20.119302Z","last_seen":"2026-06-13T03:04:24.444864Z","times_seen":1910,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/fonts/ttnorms/TTNorms-Regular.woff","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:54.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/fonts/ttnorms/TTNorms-Regular.woff HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/fonts/ttnorms/stylesheet.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: font/woff\r\ncontent-length: 31112\r\npriority: u=4,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"7988-1989632ac00\"\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v4mJCppWW2xviA5pqPazXBLIkzbbVofn51%2Bdh6O2o29eikrmXNVDex%2BdiO5Q0kw4dNgkW%2FhFzdJjUlVtuLeWjzdUTRWcrgx9sLc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9e2e90a82e56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31112,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 31112, version 0.0","md5":"33f150c6ac81219f18b55864e087dd12","sha1":"7e3f9fee0b08c64fd733aaf64029c2947130b9a3","sha256":"0d9f772dcc9cd484c98410488a12c0865b31531a79e8e9c1926945e7b5e66a95","sha512":"d014e3e7ea7dbe8f123c1cc9fed70c6b8ab5cb65703fa2d04814c640c07521b94175c5830eafe01b67c73881a9a1f374231279a75285ac9a4e62b32ab0158139","ssdeep":"768:MA2xVa+8iyIHNUTmc5XZ5x39iaKiR6TMYB+qOk:MA2vz8N5TmwZ79ZptY+k","tlshash":"aed2f18f626c12dcf970e4fea2e217cd8745347de13a4665c646d0cfca61e70ed88219","first_seen":"2023-05-07T16:06:45Z","last_seen":"2026-06-13T03:04:24.43298Z","times_seen":1953,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/css/33d281c8208aa46a.css","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/css/33d281c8208aa46a.css HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"a54-19b83b7f60d\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K6QLsNe8YikvVgUU3UKVC7x0nZuMiqm2PL7FEAqeW6%2F7FSAiLGtFRJxlbs57gcVtZo4UeKo4b3NfqDa7CfCMHzHmY6h7MlaVxBo%3D\"}]}\r\ncf-ray: 9b9e2e8deffe56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2644,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (2644), with no line terminators","md5":"9d935283d4552afa39b54bab1beea66b","sha1":"144c949c211c4280cba0fd88949206f468e1357a","sha256":"5f91900db8f97cf0c851424457aaed6b05a56fa946ef6845cdad4403375ee67c","sha512":"cd243dbbc68d1bf223f0e4121e0fe8df61b20f8fab7734eb8d5d578c8fc1967cb0a7f8db82401323b81b9a2e433371b176adf0d19d5bc734cc8cc81a999ecf31","ssdeep":"","tlshash":"50519fe3a67134b461154e536f50b76a30f487b663375a23b619ef2cb18f6d3091c24c","first_seen":"2025-01-31T10:41:20.146825Z","last_seen":"2026-06-13T03:04:24.401131Z","times_seen":1919,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/8003-35d6c4e938d60f65.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/8003-35d6c4e938d60f65.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"1bcf-19b83b7f605\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=021WgJ6E3046qI9NYFAGcIFgqlD%2FJnxVy03kXBPmV33xlgCpep6uuxAmBwGdMUBiXGa3j5xtdUjWp4dsabAvlIw0LVUcEHGIeJM%3D\"}]}\r\ncf-ray: 9b9e2e8e080556c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7119,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7119), with no line terminators","md5":"8014900ea0b06de9aba6c034a95c2e68","sha1":"f5f9791bc97c1a2973734e6999868eb15e2096e1","sha256":"bb2ba96a789f1f0c6144a6d6ddba4a09c139b4060a1c9e97af56538d29415c2d","sha512":"cfa275c652a59e72983c88b3a934681c6f29ffc87c4c99ce4a55137b1f5b0cd6f011d8ea93cecdca39f82ef3f2049fdebb3465a52d80ac6887dbf2ea295ede80","ssdeep":"192:cQkUmrphg1A1ZfGVYOw/39aS2wBgrn0z9bjcjF64KGUZbczUdj:tm+EBGVo3kSicbyp9a","tlshash":"ede1e9b2b7d4fd35135a44d484378247b6542e37601e7080d3fa8cea62b8dca85e2f8d","first_seen":"2025-03-19T10:41:28.915816Z","last_seen":"2026-06-13T03:04:24.369594Z","times_seen":1926,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/3573-3533fbf9993988c0.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/3573-3533fbf9993988c0.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Mon, 05 Jan 2026 22:53:41 GMT\r\netag: W/\"d880-19b905dbf66\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: MISS\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3maWb%2BlxisyqXUlxc18Wrv84Be7cAqgTntz62mdryqgXeWkGsQQ8jN0QywpQ6B171CP2N%2FqqSNJI4peINMcJRSVTg8A74MWeKyE%3D\"}]}\r\ncf-ray: 9b9e2e8e080956c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55424,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (55424), with no line terminators","md5":"a957e4f3c19713a0a98e269705e23922","sha1":"846e377da72bc9d830f06135f8643dd29b90998e","sha256":"66388002c5c208e5840bb023430d9952764c361de4771f16958f061374bfb2f2","sha512":"41744bce0b9506d93c061a1346cdae144b4349f34f74b3742d7b1d3c9d7073723e7501dd7d9a3bbd6c54ea4b16d4079e65880e00c0e75c762e335eec4d6be8ec","ssdeep":"768:6rBewJM1ghuPLywyUZva9kAhczB0rjrEez8KN40nLgfNEbk5a29aoLpsgYXzFMEX:adwDfB0rjrgKN4cIrz9USE4ta+fMscz","tlshash":"b743199db3b9b9d4b5069b94aaaf5418713f22bd9f04c470abbcac1071244cc7b46fc9","first_seen":"2026-01-06T13:54:33.185984Z","last_seen":"2026-01-13T00:20:50.93669Z","times_seen":206,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/custom/default_2.jpg","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/custom/default_2.jpg HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 92711\r\npriority: u=4,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 28 Aug 2025 14:35:31 GMT\r\netag: W/\"16a27-198f11aefc9\"\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dEkLxNIBSJ1vLvn%2BJGjix9ACv3pIolHnBkPIlxDdjZpKj%2FvEpjzDx7hTbIkl%2BDfCwmH0e4Fob8N7XLd%2Boq3MnPhew3EW%2FY4TfZ8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9e2e8e281d56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92711,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3","md5":"d8c1440b10961a6c02852518da21ab0f","sha1":"ba1590f0c03ba1a6dc3a32c6ba46f4db0f2ba5b6","sha256":"f9d67f6baf83965f3b363254dc7ae0de5bd80ca87b0af896ee8250b1e4358cd6","sha512":"c9238fb3f3d7668fe2cf86d2f2af4c66c4af8082b27f78d4433d3779b38c6585ccf1c119379b91872758916e3bc780fc34397b8e4c6585e780e8343f2de25a82","ssdeep":"1536:+nMcmQ5zU95UQarUx38ueOigin6h0eGMng3Gpc80pUuzEAk5YYt0sIW32fEqPTrm:KMiwGr8zMgin6GNdWMFI/YYttkE0rELR","tlshash":"3093027387e04e8ce95c9c7b805b85dc17686dae2bef5569a1251854ff3e3813a20f43","first_seen":"2025-08-23T08:17:51.602264Z","last_seen":"2026-06-08T01:54:51.697152Z","times_seen":349,"resource_available":false,"data":null}},"time_used":412,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/land/gifts.png","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/land/gifts.png HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 39210\r\npriority: u=4,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"992a-1989632ac04\"\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WPYFZCUTDGcTbsmAe6VYckLJpICPCuqg0Nn31BGmcTNfBCxekW7x3VSAnW%2BNd5UMlmNfNX15cmvPOjDSlpuT8ZAocFg264%2BTjCA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9e2e8e281c56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39210,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 146 x 186, 8-bit/color RGBA, non-interlaced","md5":"a28357f6c9f39f6ec64467e56d3a088f","sha1":"cb234100a21aaacf188eee7b9b42de088714cc49","sha256":"8ff0124600e50a161b28e2ca5bfe0af59aea0df8925436fe9930041b26b1082a","sha512":"de04eab9e4ef717730c25dd226941c92a7510df30eaa56454113dd543a18c70dcb4c2f7becba3ff7a6b825b754a4ba1109016fe3365b3b321a7566660fc54d93","ssdeep":"768:91k0eN4ZSFsy+dSc4Hd6WlWv2zVdYg87W+iN8Y+zsb6KFxAJwXQ9k:9W0eoy+Uc4HQQNzVdYFYAI1nt+k","tlshash":"5403f185412d4623ef2d5f86094530e0cee926bf9d49de5c427f772b0c1b6394c86a6f","first_seen":"2024-12-12T16:53:28.001894Z","last_seen":"2026-06-13T03:04:24.445654Z","times_seen":1902,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":331,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/fonts/ttnorms/stylesheet.css","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/fonts/ttnorms/stylesheet.css HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/_next/static/css/0c973de4e2fc1e14.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"1b47-1989632ac00\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cdi9fFnSMFKL162trDLBZ7BHG6FDQiBgWNPekdstPW6R4u24T62ImayDj78ZWdoge2jUUMoq5Yl26hIGghWdKMJG9n8qbZSzwrM%3D\"}]}\r\ncf-ray: 9b9e2e8f082656c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6983,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"13a30e1d1d98980f8d05fd08ec50bb35","sha1":"6ea5a517edd970ae8f3ac4d194c27d6bf5ff5433","sha256":"474eb22e42e75ae5cd195e8b724c0c35ac1f40bb1b6cedb21e7e7f290aa9792c","sha512":"37b23920f002d430045ab3b7686e53d56a8358ac999a9e69a7b8b25236d7a43719dfa78e8f1696bcf12a2baa947bfe660f0544aa5369c72bf70f9e65ebffe912","ssdeep":"96:hv/VbGB9pVwhoEVfaSmVtLJdV/lByoVNBhBVECGVDdqOV7BYKVzeoVhDIkV4A1xa:jyvifsv/l3N7ugC77ZhJ48DP4hBwTTq","tlshash":"bae1a7508acfb4d9e46e188d37cf5a64c60e301b2009b95bbbfde9445f6bb9e425072c","first_seen":"2025-04-11T21:37:07.818928Z","last_seen":"2026-06-13T03:04:24.438094Z","times_seen":1887,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/fonts/ttnorms/TTNorms-Black.woff","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:54.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/fonts/ttnorms/TTNorms-Black.woff HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/fonts/ttnorms/stylesheet.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: font/woff\r\ncontent-length: 31216\r\npriority: u=4,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:55:59 GMT\r\netag: W/\"79f0-1989632abf4\"\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nAFVl1XdwPjqm9Vi2xrW073aQ7jTgNRuJnjX9%2BVofjvwH%2F%2F0b9VfmN1k4z34yPGpwSgoHL9b2E1umgtn%2BJEV1yjVGCLJ8m3xGgQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9e2e90b82f56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31216,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 31216, version 0.0","md5":"5a246f88fc7f4539fa8d90711016d1c0","sha1":"9eb704fe64bf328ada5b4fc909fc03b135e96813","sha256":"5f48c991bdc64557d6496e3e290d351881e3f10ae469fdfc332b03aca7a2ca02","sha512":"d6ac3ad66d794dd4152ff9fa3569dfd0bb7144fecaaf8d5e61eb77af07dd0d91cbc90226c9feb35a9a2d99bd1fc0af08f3d0e682357494c4267542b8f237212a","ssdeep":"384:odPYEr8Zw2sKLcrdCssSNlrHGZyeGeAyIZdF2UzFcLe0TQO97Bnihbtb3x+HoXS3:gKZp/ApeS+gebXIsLeEtBnihhbQc/a","tlshash":"71e2e1292f8e39519b99e37984ba8f357450381760358c7a4c36ad4ab03c54a3b3b96f","first_seen":"2025-01-03T03:56:47.436444Z","last_seen":"2026-06-08T01:54:51.709831Z","times_seen":1012,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/fonts/ttnorms/TTNorms-ExtraBoldItalic.woff","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:54.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/fonts/ttnorms/TTNorms-ExtraBoldItalic.woff HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/fonts/ttnorms/stylesheet.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: font/woff\r\ncontent-length: 34680\r\npriority: u=4,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:55:59 GMT\r\netag: W/\"8778-1989632abf8\"\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ouCxWpzYuDTDLzPi%2BUTneu48ZX3VqYquMhy%2FlGH2IHVH2pfM6JmBIOt2g6ZrUGunMM984IqBFFo%2BJAEdZMLKAu1OqfsYBfcgPDM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9e2e90b83156c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34680,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 34680, version 0.0","md5":"9a30e8f0dd95fceaa89cf08605ea7236","sha1":"1d44d7d9c95c173576f844b081ce9300873099cd","sha256":"8adb6b1b4270089cb85b970e5f1a9dafa6187d864534bb55a3f9775b4b957528","sha512":"86994026ded042339e8157d7420f31e3757dbe6681b3a49464e0b5a4c09c77e6be757aba86c2045d66b72cd9f03580cedc452f178ba794ff2637eb4e0f5d2f26","ssdeep":"768:nllcp5nxgKPVOT79IHkwzRYyQSL0tSBf5BFkqY1Fzd9:nll+yW0m1Qs0q57YR9","tlshash":"eff2f1729d657d209249a579f0fa0e9c1ac8732a7133c34a973eba39714bd70b03761e","first_seen":"2023-11-04T05:15:18Z","last_seen":"2026-06-13T03:04:24.437538Z","times_seen":1899,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/fd9d1056-da5caefe92cdbb5c.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/fd9d1056-da5caefe92cdbb5c.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"2a323-19b83b7f605\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JKO8VGCyln%2FQCoS0lySa9uZC5PfskCz%2FJ7q3tMvdc8gVVqfp0uACHCDgejzOayqJbM4oQyfU3g033XS12wOolTZV28mGy6g4rbU%3D\"}]}\r\ncf-ray: 9b9e2e8e080256c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":172835,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a2e6693b6b8e2ae5167ce7ceb21dd431","sha1":"625b83e4cdbc0bc71ca90f7de6633000d5908f96","sha256":"a87677f28d0d640a628d81e90ec37a86c6674c1c656277318f17b14c9542d045","sha512":"4a219d7524f60f77557dd49d61838d092f7517e9b0984cf2860a9638608cf848c381d9988dad5129a63b4eadf274941a786cbc08d3052715407962a6e131aead","ssdeep":"1536:tVjExazug79h2U4kcNxakmBjt4oGZlibTR5ikxYhlUuRNka2wblHiN+wL8z9Ggum:lzug758kkEiXjOAprX2wd5WjguGOK","tlshash":"b4f3f8e83995f6666eb30277009f1803737c262b280d4d60a211fd9eb5b845eb17bfd9","first_seen":"2025-01-19T23:51:52.179106Z","last_seen":"2026-06-13T16:38:55.787678Z","times_seen":3490,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/main-app-df523c8931f70c0a.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/main-app-df523c8931f70c0a.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"1d0-19b83b7f601\"\r\nvary: Accept-Encoding\r\nx-cast-cache: HIT\r\ncontent-encoding: gzip\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m702SOyxJhcyjCV6AKDKLnP1iET043uDLSTr%2Fzpu2hWSbPjxN4iuPLMlpOTheMEw0oKF6n%2FVpzOJmwOZowwDeenPWMxFDVfW1M4%3D\"}]}\r\ncf-ray: 9b9e2e8e080456c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":464,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (464), with no line terminators","md5":"780f1f062143f470ccc751e8e9d0ba05","sha1":"c9deba27d87d3e1b411b741a1d7249479fe500b5","sha256":"82b916c2ff6e9ac8cdc115f596700aff44c67c4cb3fcae2c6dad80a6baab40fa","sha512":"77205548712b78834d6277e82f573ab652162e8daee458234ee877477cb98410450a7465d681c859ae71bddc4a2d40249260d3a9c8f7f34a7e9eb5010279aaf4","ssdeep":"","tlshash":"a8f0129a2a4c742f2913ad24fdd36c2e256e916028a759501a14ddb12c736ac93f1c7d","first_seen":"2025-01-31T10:41:20.167782Z","last_seen":"2026-06-13T03:04:24.452547Z","times_seen":1917,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/app/layout-2dc18ff666d0a82c.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/app/layout-2dc18ff666d0a82c.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"2382-19b83b7f601\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B8%2BVQ%2F7MD8a2Nlz6Gyw4mfqYdzTouCpOC%2FyjGUvhYwoKged3v3kLbB4m%2BsCWmXxtZ78Txt%2Bjv3%2FccdmipPwzkj6Cgu2r6tjKYyg%3D\"}]}\r\ncf-ray: 9b9e2e8e080856c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9090,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9090), with no line terminators","md5":"093989dfa75a69d497f14d6ed5f8656b","sha1":"0ca77bf93c5bf5018b1df737b9fb353353c842cd","sha256":"6cc1c5def3096bbd11c5b34bf7c71047e0e8d5f98845a827b551e6532f04e136","sha512":"f6360dfc9b456a7d80d498f48b9b8009a5d36aad82606490b978ffdc9a5254dee8d9934ea4ccebadcaa6de7dbef2b35783ca3301a8eb3f6017a2a721cd8c165a","ssdeep":"96:DNHzEAF7EMFkTT2TcT9h90Rf9FqI7QsqQTmLIdl9F5bMhqn9d1CLeD7tDApz3Rhh:REMFkecuJQs7CkdvxzjDoa4Bel5H6","tlshash":"a512a555b659f8ae0f93d06c58bf9049c22d0b2ddccc407e9f2a96512072d6cb361f9d","first_seen":"2025-12-28T00:38:37.607817Z","last_seen":"2026-01-17T18:30:15.494993Z","times_seen":633,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/app/(landing)/page-308c23aa618f754a.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/app/(landing)/page-308c23aa618f754a.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"4c62-19b83b7f601\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zsdHTJr8PulTVdEVSGIBFPrcQ4y8Why%2BDBOP%2FQmRHH%2FILojbcvs7agY9vp6NgAeVHrhuFFjlFTZs%2BmN5oATLZ3Rav5uI%2B3JTVkI%3D\"}]}\r\ncf-ray: 9b9e2e8e180e56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19554,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19554), with no line terminators","md5":"75421032c9f8bb473d414aa147d261f6","sha1":"141eaccd335657f61a300d3dd70391342b045132","sha256":"b86b04128e9daf5565203960c1a538614614f6e56d955b546376aeee2e230813","sha512":"7e08cc039365fe8c00260488a1e92c0f618e00a70b3c3b6b5f78931570f0d7704fc518eca66005cfc4ad77aaa4c5e5a1dd3d28ae72d1c282e43c2867e2e6cad8","ssdeep":"384:k05D8yjHisHBOham1LobXv5LD5nP1vqLzxtJbZO1:8yjHi+CFoXv5LDp1vq5tZZO1","tlshash":"80928319e05de6e8ba720c60962fc449712e365ccb09ccf4f9bca8011a5e4d87b27bd9","first_seen":"2026-01-03T14:23:16.857555Z","last_seen":"2026-06-13T03:04:24.365589Z","times_seen":1085,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/landing/block2_2.webp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/landing/block2_2.webp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"e896-1989632ac38\"\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F9YctPwNSb5WTsn1RCqKllD9gmbPyFOS5ig7e2yG3LM9c7JOwIkktYNVp0YJnnFCyMdbC8lcN%2Fz4ss0E%2BikjRBZPE3npe2HF8NA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8e181756c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59542,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e84373a6466299fa094ba5363b7b5611","sha1":"b664588840cddc484127d918b9e723a7150ae1fd","sha256":"e40b65c3cb0a0765e299a82e05a7b5e093eea9997af4d8f09338efb2e84a2ede","sha512":"1d376cef3ea264b8e514e7e14b2dab5abc77d9ee59c92a9825df43f0ac98eadc7112c0ce2a37b5bb393947dc31bdcad4a96dcf284314939a07301ac9578791bf","ssdeep":"1536:g6eq9+r8Cal3xQkiJSGZWJ2KsFMMoL4FT+5n:g659I03xQkwUJ2K6Mn4B+5n","tlshash":"db4301a2dbd65305efbf4f8e2163161d586f842a37c3676d4829a84a33185f11bf4b0e","first_seen":"2025-01-31T10:41:20.12249Z","last_seen":"2026-06-13T03:04:24.454719Z","times_seen":1911,"resource_available":false,"data":null}},"time_used":389,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":103,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/landing/block5Mobile.webp","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/landing/block5Mobile.webp HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: image/webp\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:56:00 GMT\r\netag: W/\"52e4-1989632ac38\"\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gJ%2B222%2BfOjUvp4EtjkCq5XpLrXVY%2BwDbnBHtSmBVdS8hzGpwxndnsx3upe5OqLHTlzIiaK4Li7yhtDMHqe6GX%2Br8y29P0vRfglc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e2e8e281b56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21220,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1c7fe573ca47cd563c79920b4f9c262e","sha1":"d33337fe8dd023420e98e164d3744679898c5e1a","sha256":"597c551769acbbb8aac81167c78718c2fac6dde65952a7a7b2925d38ba0f87dc","sha512":"c778e0c020face244b2c2c246513ae0565aa5d9773607ff4e8c8eef27cf966a215ba4682c1fb68e08fedc45dc19e846c6bef2ae37d5bba254f9dcc7b5016d310","ssdeep":"384:kkI81KBET/Me6fMz1KPRqcjLWxDOPeaj5CQnHqErz5CVKYG5njHibBynqnk0U+fL:LI813/MVfMBKP8cPWxAn1HPIVBG9HKyM","tlshash":"6c92d0bd4889c9f4a0ebdc27e80d7ba2484cc7ad270b6a44d2db60ccb77218ba55d515","first_seen":"2025-01-31T10:41:20.133561Z","last_seen":"2026-06-13T03:04:24.450589Z","times_seen":1908,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/fonts/source-sans-3/stylesheet.css","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/fonts/source-sans-3/stylesheet.css HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/_next/static/css/0c973de4e2fc1e14.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 10 Aug 2025 22:55:59 GMT\r\netag: W/\"294-1989632abf4\"\r\nvary: Accept-Encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=95oLNlaiM%2FMdinbdsxB0%2BDHfX0Hv9IQP%2BTwK77erT%2BBixl30GoUMNTkcUiSn01bRPz1WwpHbjak5833qrpyS5D7uw70JWafPlik%3D\"}]}\r\ncf-ray: 9b9e2e8ef82556c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":660,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"dbe63d040f877b29c93289369d94d3c7","sha1":"983aa9dc8ae17a825d82138b21167124c6c2128a","sha256":"0ab7066382f22c741f2b85472fefd6988bfae08a8e615106e9268dc7c924a3c4","sha512":"051224a8f79de3417756412dd45055e43aa56209367b7c976fb3987f9088161d8967d73bfad67ba92766968d113baae4a289dbbe723f05fe6a92d1ef3429e59a","ssdeep":"","tlshash":"15019923426a1a7072204958bf5ee663be7c080bb3a241baf93451000db2d1903cef8e","first_seen":"2025-08-11T12:35:45.427412Z","last_seen":"2026-06-13T03:04:24.415709Z","times_seen":1496,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/api/extra/holiday","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:54.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /api/extra/holiday HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sanlorde.com/w/\r\ncontent-type: application/json\r\nauthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:54 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u1LuekpYYt%2F0TPO6vAhO9lYbZlLPEnYMWlanFkXrdNmsFT2rG1QXXuV1CTxguDQlIPRf8GKNWJFQT3%2BKKfO3FkgFL2Opb7tiRH0%3D\"}]}\r\ncf-ray: 9b9e2e91183656c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1f35aedefad7a69617067b132d4d24d8","sha1":"56dffa4efbeb3bd484e589862b33ff1133892f3c","sha256":"a258c14fa71fa5ffe21eadcc67917d7d10f7eb4e2df8ae97b7af15dd3bed5732","sha512":"f964581e2a41f62108275c49fc63583fe6b9954ec56c1ef49ac524ccc796e975a31079b3a2168c02d885c504f57c8bef8d3722c4cfbcf82e1ac2e4301ffe975a","ssdeep":"","tlshash":"838000032a0000b2c800228002383f2028a8233380000008a08cb00aca30022308382f","first_seen":"2023-12-05T07:26:52Z","last_seen":"2026-06-08T11:11:44.353553Z","times_seen":2912,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/new/custom/default_2_mob.jpg","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/new/custom/default_2_mob.jpg HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 70253\r\npriority: u=4,i=?0\r\ncast-mode: default\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 28 Aug 2025 14:35:31 GMT\r\netag: W/\"1126d-198f11aefc9\"\r\nx-cast-cache: MISS\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NyhfwDncVYv0yd7J2zZu2N7evnTFlizG35nTQSx8C1Qj9144maYCaHiaaXThbyyxlEi8wxfkltL9fFfhVCAy3%2F%2FMvLZxLgJUe54%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b9e2e8deff856c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70253,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 688x618, components 3","md5":"582747a90c0413acca33cc01cbe30fd8","sha1":"5f71db13a34c1384eb97f0e4526742d90b586672","sha256":"22f4c558a818fa3d30d9a0872d9c4ed29312428cb3d3e18d87d762b1855c8d1a","sha512":"7bb1d6856ac4f376a804e5c8ff5dbbccf08cb81103e4d133c745f2b1ad835a2326cc6e4a341e3bff2cdfffa055e5e7e78bb2c2e025d22ae129a4b7114029bc0f","ssdeep":"1536:cD3kpB5d8LnjVNP/fBaLVny3IkvwRraIoLqI8Yic4NcBs:cDEB5d8Lnj3nQLU3INRra1LpdV4Nr","tlshash":"be63022d07c0d61beda6a27dc172dabbf21e548c9019296f384c9039ad371d8c5517bc","first_seen":"2025-08-23T08:17:51.555454Z","last_seen":"2026-02-01T03:10:13.065398Z","times_seen":334,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/css/0c973de4e2fc1e14.css","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/css/0c973de4e2fc1e14.css HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"707-19b83b7f609\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KLhwohY0JP0u0Ws5iqB2lPKb860qXWWpkRZwthgG7N9lGJP%2BrM3%2BX%2FLH5Yb%2BpUfLgFU4eFFWaDKa8ct%2BqKCf%2FlrPNaq0AspE7pY%3D\"}]}\r\ncf-ray: 9b9e2e8deffa56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1799,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1799), with no line terminators","md5":"296fba201c130b6b93416c13f0f0cc8a","sha1":"4d40444f295f7258d33950d34ee0e5974da61a24","sha256":"dd8109222fc020762b769c0d87d0642086837dd54e885a1bef4e18b316299b2c","sha512":"34ad6c14c0754241feab02b05a75f6b18e5a5fb4af966cb4a0ae0108e542d38985a7a497c8512a2d629c5e1f2021fd1c1c88eddf54d7c19d3ce4a72e8053862b","ssdeep":"","tlshash":"3c312c4d54462e68e1878b1a7c61633d14b9b0ceebaa2a0d86ec773043d96e220e97c4","first_seen":"2025-12-07T15:18:05.796833Z","last_seen":"2026-06-13T03:04:24.449909Z","times_seen":1128,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/css/2b3198649a078c56.css","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/css/2b3198649a078c56.css HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"7a4-19b83b7f60d\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fcFE8u7OZK4Jt5GMd14fZX4TfHhEuJQZkUy8a4J8f5ISJRDGiHYwKkIKBJBHjLGT7CAwbG8e1vltTIcl3pUX8PlIdYqmo4WuyHQ%3D\"}]}\r\ncf-ray: 9b9e2e8df80156c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1956,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1956), with no line terminators","md5":"a40a0db04beb37ff985968da200beeb9","sha1":"43599a6376c0e01d48e68a6a16325b01def3191a","sha256":"c6ce83ab109eb73ee51d309e1b8996660a62a5a0b9b724b54bcbd31dba3bb9de","sha512":"1047d3271e96383f0a382f426e4d3de0d6e1e62adb2ee6db4edc9078fe95d616642a4f6bbe969c27151abc35c09f53ebb8b8a1476bf8856ce7be043d758bb925","ssdeep":"","tlshash":"ba41dd712044226cf4d9a09af406644f75c1892ae21328b0b28de4acd1e3ef7fdf13a1","first_seen":"2025-01-31T10:41:20.175967Z","last_seen":"2026-06-13T03:04:24.376198Z","times_seen":1891,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sanlorde.com/w/_next/static/chunks/5353-3e48912cfa3bbe8b.js","fqdn":"sanlorde.com","domain":"sanlorde.com","tld":"com"},"ip":{"addr":"172.67.202.199","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sanlorde.com/w/","date":"2026-01-06T21:06:53.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sanlorde.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 10:06:53 GMT","end":"Wed, 11 Mar 2026 11:04:18 GMT"},"fingerprint":{"sha1":"FA:1A:6D:47:54:43:F9:C5:58:6B:78:BF:6E:13:E6:93:C8:30:38:DA","sha256":"B0:41:CA:A1:31:3A:73:08:37:E7:DA:5E:39:0C:C9:F8:F9:E9:7F:6B:BF:10:4C:82:2D:BE:75:F2:B2:1D:3B:20"}}},"request":{"raw":"GET /w/_next/static/chunks/5353-3e48912cfa3bbe8b.js HTTP/1.1\r\nHost: sanlorde.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sanlorde.com/w/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 06 Jan 2026 21:06:53 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncast-mode: default\r\ncache-control: public, max-age=31536000, immutable\r\nlast-modified: Sat, 03 Jan 2026 11:57:10 GMT\r\netag: W/\"3cf2-19b83b7f605\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-cast-cache: HIT\r\nage: 106732\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MMcVaZ2IHhCXmkMxNQ0QO5Y0beRn%2B5VlYEVM9xPv%2Brh2mMirkZH7I0wJn5i1NSvfkmO0PRXk3H9jAKnlFRd2RHhekiBGa44XkD4%3D\"}]}\r\ncf-ray: 9b9e2e8e180c56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15602,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (15602), with no line terminators","md5":"197f606b15def078c98943e8fe95f245","sha1":"4be8b59109ea1ecdfb7e9d6bb9eaceca5d495bf6","sha256":"b7acf790b02272e430393b364888a1e921f2749caaecdcedc89bbd31fe9d6d24","sha512":"767a122cd0adb1d5fa5f9e8a6511673e148316933b0e6a135318ea19ef3bb3363e9aebe005baa3245eb44b337830fe9c63986252a818c1dc436a8e2d4bb5a536","ssdeep":"384:tpWv91E0kbfrT42FPpXAhjyXmP7TivCOqX3rXWXvX4r9gYxRxPzr0Ag:HWvHjkbfVPpXEyXgTpRXbXWXvX4r9g+Q","tlshash":"5562e8fca3f458e83a479f74c46f600e713b547daa5285d9b6b8acb056141e87b02fc4","first_seen":"2025-10-11T08:19:51.902329Z","last_seen":"2026-03-11T01:36:43.6311Z","times_seen":678,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sanlorde.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}