{"report_id":"24e9edc6-a3c7-4ef7-ab70-215c7d359680","version":6,"status":"done","tags":[],"date":"2023-10-31T04:55:53Z","url":{"schema":"http","addr":"gougou669.top/","fqdn":"gougou669.top","domain":"gougou669.top","tld":"top"},"ip":{"addr":"172.67.146.184","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"gougou672.top/?ref=gougou669.top","fqdn":"gougou672.top","domain":"gougou672.top","tld":"top"},"title":"导航"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T16:46:01Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ocsp.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":175,"first_seen":"2018-07-01 08:43:07","last_seen":"2023-10-30 05:09:55","alert_count":0,"request_count":1,"received_data":699,"sent_data":333,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gougou669.top","ip":{"addr":"172.67.146.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-08-29","domain_rank":0,"first_seen":"2023-08-29 11:12:10","last_seen":"2023-10-14 03:53:11","alert_count":0,"request_count":1,"received_data":6231,"sent_data":472,"comment":"","tags":null,"fingerprints":null},{"fqdn":"soapi.study2026.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-02-09","domain_rank":0,"first_seen":"2023-06-08 18:31:11","last_seen":"2023-06-08 18:31:11","alert_count":0,"request_count":1,"received_data":721,"sent_data":431,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gougou672.top","ip":{"addr":"172.67.211.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-08-29","domain_rank":0,"first_seen":"2023-10-27 12:35:53","last_seen":"2023-10-28 18:15:53","alert_count":0,"request_count":4,"received_data":248829,"sent_data":1820,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2013-05-22 04:07:37","last_seen":"2023-10-30 13:37:24","alert_count":0,"request_count":1,"received_data":85476,"sent_data":422,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-10-31T04:55:36Z","timestamp":1698728136,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59221,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query to a *.top domain - Likely Hostile","source":"{\"timestamp\":\"2023-10-31T04:55:36.314903+0000\",\"flow_id\":1726480363605527,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.13\",\"src_port\":59221,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023883,\"rev\":4,\"signature\":\"ET DNS Query to a *.top domain - Likely Hostile\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2020_09_15\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":7710,\"rrname\":\"gougou669.top\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":84,\"bytes_toclient\":0,\"start\":\"2023-10-31T04:55:36.314903+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gougou672.top/?ref=gougou669.top","fqdn":"gougou672.top","domain":"gougou672.top","tld":"top"},"ip":{"addr":"172.67.211.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-02T21:08:09.184247Z","times_seen":16052047,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-K0GM16CJEG","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd2e3a076ed9711e0ff7752e283a21ee","sha1":"2d3e3f9fa7c6f8a3c05facf02da106dbf9038164","sha256":"6b67846575d6cd473e46f945f4d4cf6e1def70f7528d8ec02a2f2069939e492d","sha512":"2e87fa3d9b03333682a08bdde6435f3bbaa1d70f9639b0bb303c0ab7e3f18acb6f679beb718ca08e62c845ffe61dbeace9d966bf33fa71b67bdb181b152fef87","ssdeep":"3072:tOl+iaU0lduI6+PUyu2eflNbRtMQ9/8aW78oX51eDRzZkUyRCdRnW3aLy+:krYu/+PUyWLXWaW78oXPQRzSUSCdRl","tlshash":"ec3418d9b383b06682a7b479503f014be57b6de6b44ccc98e189c9d02e74a89513bf7c","size":244734,"data":"","first_seen":"2023-10-31T05:55:56Z","last_seen":"2023-10-31T05:55:56Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gougou672.top/js/jquery.js","fqdn":"gougou672.top","domain":"gougou672.top","tld":"top"},"ip":{"addr":"172.67.211.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a509c54b5330e1e3386a99004732dd64","sha1":"0c858ce6baba14a44f983abc9dfa00198e24eea3","sha256":"c43e0e050891f2c148041a5d4fa51f628c5eae5c67eb6bbbad6525bb83892686","sha512":"7f091c733b51fedf75aaeef06aa32b74b1da80dabbaf37240be841f076663515ef24d4379d7a6b797d58d5f867f463f097a759bea04400105832f4e2d224c1ac","ssdeep":"1536:TNjxXU9rnxD9o5EZxkMVC6YLtg7HtDuU3zh8cmnPMEgWzJvBQUmkm4M5gPtcNRQA:TcqmCU3zhINzfmR4lb3e34UQ47GKb","tlshash":"f79318ddb2c6b06247a770ba407f610ff236199d684d4400f169d8e9bc78a4a827bf7d","size":89947,"data":"","first_seen":"2023-03-12T18:12:58Z","last_seen":"2026-06-02T18:43:58.217368Z","times_seen":1017,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gougou672.top/?ref=gougou669.top","fqdn":"gougou672.top","domain":"gougou672.top","tld":"top"},"ip":{"addr":"172.67.211.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8c114f51e30999513b35fc5d627f80ca","sha1":"c2e3b94ad47343ee0fd3d1530b55a2aa1084e012","sha256":"03114f58aabaca39a6e84177c2572ff8a894d1124e0a5838f9b36a7024899e94","sha512":"f6741a2a6dd8c4edd22f2e4d7c6c919dc95e831174ca5a8dd9e449f2ad3c754658ff55f53ae3d4cad60dd09251c5258b420bfccda9525d4bcfb816ef11efa352","ssdeep":"","tlshash":"b4c08c88210b5c7151e72a004b7fa244b202225094a02920091b23489322d1be708814","size":153,"data":"","first_seen":"2023-03-10T10:15:11Z","last_seen":"2026-02-16T17:33:09.8597Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gougou672.top/js/jquery.js","fqdn":"gougou672.top","domain":"gougou672.top","tld":"top"},"ip":{"addr":"172.67.211.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gougou672.top/?ref=gougou669.top","date":"2023-10-31T04:55:37.479Z","timestamp":1698728137479,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gougou672.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 27 Oct 2023 09:34:26 GMT","end":"Thu, 25 Jan 2024 09:34:25 GMT"},"fingerprint":{"sha1":"50:EF:1D:B8:F3:16:B2:08:BB:15:47:5E:C5:19:CC:29:15:21:D3:89","sha256":"B8:88:38:5A:BA:E3:18:73:9F:A7:21:BB:C4:B1:7A:8E:C7:E7:3A:56:F0:72:CA:C7:E0:D5:53:2C:8C:E0:F9:3A"}}},"request":{"raw":"GET /js/jquery.js HTTP/1.1\r\nHost: gougou672.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gougou672.top/?ref=gougou669.top\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 31 Oct 2023 04:55:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 27 Jan 2023 03:47:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63d34959-15f5b\"\r\nexpires: Tue, 31 Oct 2023 16:54:39 GMT\r\ncache-control: public, max-age=86400, immutable\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=tvQnBxpNBcjpQlptQVSq%2Fqn0%2FTCnKv11G%2F9VtwHnMgs8qOD%2B9Un1sTFFP52qMA7UIztap4I2Og9qYTbomGVZnGVuA%2FSO5jD2mA6fBQX%2BX%2FfJ0EEOToc02CH%2FiOy%2B%2FjRXuhLb7LjA6kZCp%2FFTfRaQSnJ4V398\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nvhserver: HIT\r\nvhtime: Friday, 27-Oct-2023 08:20:19 GMT, /js/jquery.js\r\ncf-cache-status: HIT\r\nage: 72057\r\nserver: cloudflare\r\ncf-ray: 81e94e855f0556c6-OSL\r\ncontent-encoding: br\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32549,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65446), with CRLF line terminators","md5":"a509c54b5330e1e3386a99004732dd64","sha1":"0c858ce6baba14a44f983abc9dfa00198e24eea3","sha256":"c43e0e050891f2c148041a5d4fa51f628c5eae5c67eb6bbbad6525bb83892686","sha512":"7f091c733b51fedf75aaeef06aa32b74b1da80dabbaf37240be841f076663515ef24d4379d7a6b797d58d5f867f463f097a759bea04400105832f4e2d224c1ac","ssdeep":"1536:TNjxXU9rnxD9o5EZxkMVC6YLtg7HtDuU3zh8cmnPMEgWzJvBQUmkm4M5gPtcNRQA:TcqmCU3zhINzfmR4lb3e34UQ47GKb","tlshash":"f79318ddb2c6b06247a770ba407f610ff236199d684d4400f169d8e9bc78a4a827bf7d","first_seen":"2023-03-12T18:12:58Z","last_seen":"2026-06-02T18:43:58.217368Z","times_seen":1017,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-K0GM16CJEG","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gougou672.top/?ref=gougou669.top","date":"2023-10-31T04:55:37.482Z","timestamp":1698728137482,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 09 Oct 2023 08:03:58 GMT","end":"Mon, 01 Jan 2024 08:03:57 GMT"},"fingerprint":{"sha1":"97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE","sha256":"7A:81:47:10:EC:11:67:0B:6D:2D:06:30:52:5F:B1:EE:AA:A4:64:C4:91:F7:35:79:44:8F:FA:F0:22:68:25:9B"}}},"request":{"raw":"GET /gtag/js?id=G-K0GM16CJEG HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gougou672.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 31 Oct 2023 04:55:36 GMT\r\nexpires: Tue, 31 Oct 2023 04:55:36 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 84875\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84875,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (3034)","md5":"cd2e3a076ed9711e0ff7752e283a21ee","sha1":"2d3e3f9fa7c6f8a3c05facf02da106dbf9038164","sha256":"6b67846575d6cd473e46f945f4d4cf6e1def70f7528d8ec02a2f2069939e492d","sha512":"2e87fa3d9b03333682a08bdde6435f3bbaa1d70f9639b0bb303c0ab7e3f18acb6f679beb718ca08e62c845ffe61dbeace9d966bf33fa71b67bdb181b152fef87","ssdeep":"3072:tOl+iaU0lduI6+PUyu2eflNbRtMQ9/8aW78oX51eDRzZkUyRCdRnW3aLy+:krYu/+PUyWLXWaW78oXPQRzSUSCdRl","tlshash":"ec3418d9b383b06682a7b479503f014be57b6de6b44ccc98e189c9d02e74a89513bf7c","first_seen":"2023-10-31T05:55:56Z","last_seen":"2023-10-31T05:55:56Z","times_seen":1,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":41,"dns":0,"connect":8,"send":0,"wait":34,"receive":27,"ssl":80},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-31T04:55:37.632523523Z","timestamp":1698728137632,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Tue, 31 Oct 2023 04:55:36 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"8fd6e03e80d2f8f27911007bd04c44d2","sha1":"d82be1778e3ceb356ee937a9237e976ece5bb722","sha256":"c7d5f5870f19478d50592f9c9c09acd332513dc03d5305b235fe65400713296c","sha512":"bfd22bb3212e68ab8814dc7a2f9729fecb99a06e285b09c7e5d4523fdec1175f50aa00dc64c8c56dad872c16777238cf6d7b9aa6d98f515491565b96c1619179","ssdeep":"","tlshash":"05f0dc994df88723dd878d292ed6493f3210786a03bd4a4da13c8acacd351ed9dcd548","first_seen":"2023-10-30T17:01:00Z","last_seen":"2023-10-31T22:06:35Z","times_seen":1594,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gougou672.top/favicon.ico","fqdn":"gougou672.top","domain":"gougou672.top","tld":"top"},"ip":{"addr":"172.67.211.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gougou672.top/?ref=gougou669.top","date":"2023-10-31T04:55:37.735Z","timestamp":1698728137735,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gougou672.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 27 Oct 2023 09:34:26 GMT","end":"Thu, 25 Jan 2024 09:34:25 GMT"},"fingerprint":{"sha1":"50:EF:1D:B8:F3:16:B2:08:BB:15:47:5E:C5:19:CC:29:15:21:D3:89","sha256":"B8:88:38:5A:BA:E3:18:73:9F:A7:21:BB:C4:B1:7A:8E:C7:E7:3A:56:F0:72:CA:C7:E0:D5:53:2C:8C:E0:F9:3A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gougou672.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gougou672.top/?ref=gougou669.top\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 31 Oct 2023 04:55:37 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4\r\nlast-modified: Thu, 25 Mar 2021 03:27:39 GMT\r\netag: \"605c032b-4\"\r\nexpires: Wed, 01 Nov 2023 12:55:37 GMT\r\ncache-control: public, max-age=86400, immutable\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=n48%2Fl7zbcY3AAjFbxFcQr4DaeTh1eSJcKpfW%2BUuYgLPWc4gvK9T6GOoGG24YFx7FS%2B6T515OzOx1xU%2BnjERru4yUUBl8cFNpWtj%2Bu6ZWWNG5%2BxCdQgvLtanrYYxQY1fK5iLJiJX2f4K%2B\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nvhserver: HIT\r\nvhtime: Friday, 27-Oct-2023 08:20:22 GMT, /favicon.ico\r\ncf-cache-status: REVALIDATED\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-ray: 81e94e874fb856c6-OSL\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4,"size_decoded":0,"mime_type":"image/x-icon","magic":"ASCII text, with no line terminators","md5":"49c0b9d84c2a16fcaf9d25694fda75e1","sha1":"14e890c7e8cbf06a1c0fd5168a1bb2d87276a6a5","sha256":"21945e7f31fb51b4fccc6947a26b2573b9bc4763ae10b6bd1b59afda8959aab3","sha512":"1c27d101f7acfa7cd64f127ad8278bfecde6aa6b59ed13723726c8be64759846b2785e67a2b924b4d483f103e8c1759e60551087569e9de6b99c68dbe5cf7eb9","ssdeep":"","tlshash":"","first_seen":"2023-05-09T12:48:04Z","last_seen":"2026-03-19T12:21:33.261088Z","times_seen":63,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gougou669.top/","fqdn":"gougou669.top","domain":"gougou669.top","tld":"top"},"ip":{"addr":"172.67.146.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-10-31T04:55:36.409Z","timestamp":1698728136409,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gougou669.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 27 Oct 2023 09:49:30 GMT","end":"Thu, 25 Jan 2024 09:49:29 GMT"},"fingerprint":{"sha1":"C2:2B:B5:D8:53:EC:55:77:4B:C6:BB:C2:A4:BE:64:3D:C3:47:A7:82","sha256":"0F:0F:53:A0:35:04:6D:9C:52:6C:0E:A8:1C:A5:CC:80:B5:F5:5D:FF:30:16:CC:DC:22:35:08:6B:6A:13:15:E1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gougou669.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Tue, 31 Oct 2023 04:55:35 GMT\r\ncontent-type: text/html\r\nlocation: https://gougou672.top/?ref=gougou669.top\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=iOImjiitO7R790hrW4qf6iCmG40PkuPH3YsOW2lvtelLq1rUzSi6n5l63y3f16lHsz6zKb1FyK806sxsOUc1%2FG5L3IhYhg18q1pM25%2BkDn5BdUQ7tPA6ZdBeGOoSuvZR\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 81e94e7f0dc956c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":5642,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-02T21:08:09.184247Z","times_seen":16052047,"resource_available":true,"data":null}},"time_used":308,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":281,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gougou672.top/?ref=gougou669.top","fqdn":"gougou672.top","domain":"gougou672.top","tld":"top"},"ip":{"addr":"172.67.211.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-10-31T04:55:36.717Z","timestamp":1698728136717,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gougou672.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 27 Oct 2023 09:34:26 GMT","end":"Thu, 25 Jan 2024 09:34:25 GMT"},"fingerprint":{"sha1":"50:EF:1D:B8:F3:16:B2:08:BB:15:47:5E:C5:19:CC:29:15:21:D3:89","sha256":"B8:88:38:5A:BA:E3:18:73:9F:A7:21:BB:C4:B1:7A:8E:C7:E7:3A:56:F0:72:CA:C7:E0:D5:53:2C:8C:E0:F9:3A"}}},"request":{"raw":"GET /?ref=gougou669.top HTTP/1.1\r\nHost: gougou672.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 31 Oct 2023 04:55:36 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 03 Jul 2023 05:12:50 GMT\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=fcSDTmW4E1fbPVCCfO4EVuN2F%2BP39Ho2MSYyb592ww6Y1R8bj%2B%2FBElKy0cJDZKh%2Fsm0b3E1dkSXE3RkzTroVuQy2wL22DQQ%2Fqnlo2Mjl9nVzKl9fGrw%2F6DfTV3hnYi6SZ4NqjP3tS9%2Fh\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Wed, 01 Nov 2023 12:55:36 GMT\r\ncache-control: max-age=115200, public,max-age=86400,immutable\r\nvhserver: HIT\r\nvhtime: Tuesday, 31-Oct-2023 04:55:36 GMT, /?ref=gougou669.top\r\nserver: cloudflare\r\ncf-ray: 81e94e81ec4f568b-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5642,"size_decoded":0,"mime_type":"text/html","magic":"PHP script text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5598), with no line terminators","md5":"6bb42a9943f1199ad8e3519adcdc9b1c","sha1":"a4b1824e37feb73cedc50566576b5852dc0a7645","sha256":"6e6f58d523a21b5888a2e9b74387ccd2ae336bb5eba690f583902eb910a761cf","sha512":"882206d3495319b71c274331eaa16ee70dbd2cabfa4a3ee46307a0bfe6e1b3ee642a68e76c5fc1dbdd523a9e8ed4288a1c28b6a078b6792531e1d255b36bdcf4","ssdeep":"96:eQgDZtzMizPGb3jfO2BFd1g12n1GF90fM1PYOBcC0a1Jkh:eQgttztzOzjV7APYOBc3a1JK","tlshash":"19c166e9903a8e7808574d4a23fb113da45eb648f836845179acce9fc3cf964d8b5560","first_seen":"2023-10-14T19:01:34Z","last_seen":"2023-11-23T19:33:58Z","times_seen":4,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":157,"dns":143,"connect":1,"send":0,"wait":273,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"soapi.study2026.com/?chhost=m\u0026arg=","fqdn":"soapi.study2026.com","domain":"study2026.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gougou672.top/?ref=gougou669.top","date":"2023-10-31T04:55:37.611Z","timestamp":1698728137611,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Thu, 09 Feb 2023 00:00:00 GMT","end":"Fri, 09 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"85:28:44:CC:EE:A4:BF:A2:17:E5:FE:FC:54:3F:DD:5C:C4:D1:2B:D1","sha256":"53:8F:94:C9:67:95:6E:E4:34:61:7C:72:00:D8:10:86:C0:78:E2:44:F4:42:DA:0E:4E:F8:15:99:92:22:E1:B1"}}},"request":{"raw":"GET /?chhost=m\u0026arg= HTTP/1.1\r\nHost: soapi.study2026.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gougou672.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 31 Oct 2023 04:55:36 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15768000\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 19146\r\nlast-modified: Mon, 30 Oct 2023 23:36:30 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=CMy7rJAw3kji8TJ0EECuZQzHMnXmazkc8%2FS6hxNlVWOzh7PnTf2xHBlBZKxjpkx4akfJeiIsqIavlZubBzOiVxs24K%2FwgyRio8mkmToaOleMWZxsfknKuWro3pspmNS%2FhRqDCYDt\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 81e94e87aa9f4183-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-02T21:08:09.184247Z","times_seen":16052047,"resource_available":true,"data":null}},"time_used":374,"timings":{"blocked":168,"dns":46,"connect":30,"send":0,"wait":38,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gougou672.top/css/bootstrap.min.css","fqdn":"gougou672.top","domain":"gougou672.top","tld":"top"},"ip":{"addr":"172.67.211.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gougou672.top/?ref=gougou669.top","date":"2023-10-31T04:55:37.478Z","timestamp":1698728137478,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gougou672.top","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 27 Oct 2023 09:34:26 GMT","end":"Thu, 25 Jan 2024 09:34:25 GMT"},"fingerprint":{"sha1":"50:EF:1D:B8:F3:16:B2:08:BB:15:47:5E:C5:19:CC:29:15:21:D3:89","sha256":"B8:88:38:5A:BA:E3:18:73:9F:A7:21:BB:C4:B1:7A:8E:C7:E7:3A:56:F0:72:CA:C7:E0:D5:53:2C:8C:E0:F9:3A"}}},"request":{"raw":"GET /css/bootstrap.min.css HTTP/1.1\r\nHost: gougou672.top\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gougou672.top/?ref=gougou669.top\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 31 Oct 2023 04:55:36 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 27 Jan 2023 02:47:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63d33b29-329e5\"\r\nexpires: Tue, 31 Oct 2023 16:54:39 GMT\r\ncache-control: public, max-age=86400, immutable\r\nage: 72057\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=VIsoxFpZiv%2BWYY2QVV3MrXmGah3%2ForIlVpulgH%2F9lco%2B%2FgPtNJAEATKVT2R7hj80ptSChp5qC6IJDPey%2FtBm6LTPdODgXyU0QaxxHKSzDb5ayL3TQRgVRv53p%2FOMwTtI14DGAF0iDnx%2F\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nalt-svc: h3=\":443\"; ma=86400\r\nvhserver: HIT\r\nvhtime: Monday, 30-Oct-2023 08:54:39 GMT, /css/bootstrap.min.css\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\ncf-ray: 81e94e855f0356c6-OSL\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":207333,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-02T21:08:09.184247Z","times_seen":16052047,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}