{"report_id":"40bcf27c-e1f4-4d6f-ba4c-fe5418de1954","version":0,"status":"done","tags":[],"date":"2026-07-02T13:07:54Z","url":{"schema":"http","addr":"bandicam.cc","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"104.21.28.223","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bandicam.cc/","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"title":"Bandicam – Screen \u0026 Game Recorder | Features \u0026 Support | bandicam.cc","dom":{"size":79984,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (583)","md5":"533b9aecb9c17ab6a66456a80f467cae","sha1":"4cbc7eb534e19f9c239ef7e0c4fa25cfa12ab830","sha256":"5aa47c30b4db54fb5018be1eba4d6485637b7902a290ae607d7c50a3ebea88e9","sha512":"d93144b0893f32db13896aa01f97524ac95db5bcaa819051d08fecc4bc77dd655c4749ffc2987b71e5348985c962ba7eceb9dc45d6c80cf3752292f578b7dfcd","ssdeep":"1536:Jpg9hnsSOfpBJitoa8w5mCNZir2b+nMo/Usogf95Q/uHDQhDJckh:stoa8w5mCNZir2b+nMojq","tlshash":"9473c639b2f146bf382362ba679d7a5dbb54c00bd80fcd95b6dc41909fc2eb58d82214","dom_hash":"domhash07b315988fe658f8d747f2e12b79cb29","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bandicam.cc","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"104.21.28.223","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-06T13:07:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"bandicam.cc","ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":28,"request_count":7,"received_data":365653,"sent_data":3746,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"static.bandicam.com","ip":{"addr":"151.101.1.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2009-03-09","domain_rank":0,"first_seen":"2016-02-02T10:50:00Z","last_seen":"2026-06-28T10:09:32.48707Z","alert_count":0,"request_count":3,"received_data":201719,"sent_data":1645,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-06-28T22:47:06.167692Z","alert_count":0,"request_count":1,"received_data":277398,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-06-28T22:30:22.905773Z","alert_count":0,"request_count":1,"received_data":485934,"sent_data":474,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tailwindcss/browser@4","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ab42b0053e976bc3a170bb73eb47e4a","sha1":"72ffa8579bed201cb460a4d929f91e62a08ab606","sha256":"d04446c80203b7517ca833115e9bdcbd87f1ff709a9f4f7ca48804604129d782","sha512":"99037b4ad0b354997eaf089e5adf9afec0ccea6b9c15223adfab27d897fc4877c105d68bfeb093ea1c04e9aff378393131689519862e1385a478cb9157abb99e","ssdeep":"3072:O3M3h4O2WMhWAY/LBcDcQKwod0PNTsVPYoYZGJtgXoul5VWR8cWiYVSi5+0Lra2Z:D2OT7jaWsNxy0uOz","tlshash":"cf442b353603a03e5fbb43da20de6004d62e6b65a75841e8f782d51b21e5af809f7f39","size":276272,"data":"","first_seen":"2026-06-30T06:12:31.279404Z","last_seen":"2026-07-02T14:11:50.704276Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bandicam.cc/","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"dba028b6b43250259d69f50a24fdef23","sha1":"837da340cb05e95abac39330fbb6450691f04ef1","sha256":"ba90104bbb858e7cd93f2a1379efa557165cbf470cd7b9048ac126ec31c9a2f7","sha512":"d0e4fb30e2b27494ee7e3a1303b3f722697a084352737e1dc27ba8e7af27959b665708e81a1a512def86daec08e0a1164a980a6bf025966ea07b683a4512d564","ssdeep":"","tlshash":"18c02b8c324b4cf285eb2f050b3fb200b0053301b4d09930180b33044f20d03d788864","size":154,"data":"","first_seen":"2026-07-02T13:08:00.869217Z","last_seen":"2026-07-02T13:08:00.869217Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bandicam.cc/","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"aee58d315f86b7a90e75627fe00608b6","sha1":"6413311dcf9a2e87d9c97f5a0259780f4674b3b1","sha256":"011e55b961b97cdb16d6316c22db08b09bb7944d0b646ff38eff9d8a133706aa","sha512":"568eb2e291f3b0aa9a6f9582a23dc11c49c37918adaa12aa773de86fdb6193a9ba85fe5790a3133473c9ca09f0f7ef203877b93e949f0cdc08e6701110bf9177","ssdeep":"","tlshash":"5ce0721a30c2003a03b788a623f7820a21222b0bc88e8b227a9fc4d65f34ca5050664c","size":303,"data":"","first_seen":"2026-07-02T13:08:00.870052Z","last_seen":"2026-07-02T13:08:00.870052Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bandicam.cc/","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"54f74f1e57d1803a1b2df6e121cfebbe","sha1":"8728b365b65212028323fc646f11f3fda0bf6cf5","sha256":"0e654251b3d3c3e355505e0ae1284a1bdf2758f6c502527804c0788f89d72b49","sha512":"3e218493f7f71d180a148b9678c7f864fd9553ef773aec921e42dfa608077f54d9ed30752f1221ec6e5c81f50d1484036e2149de0b7d1241e6c1272e6a055126","ssdeep":"","tlshash":"8631fe3fba831475dca727aa8bdf868d38b601032802c9043decc8455fb1d5956aeddc","size":1740,"data":"","first_seen":"2026-07-02T13:08:00.876973Z","last_seen":"2026-07-02T13:08:00.876973Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-Q56MXD0SDB","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"990030cd258afdf30922d23e2c78bfa4","sha1":"770a985c7f14fae6b8554691a1d2ae03ce8b90c6","sha256":"e8f52975893cd6dd7a2941d2a3f21938282f3e2afdab004dcc6c47abf2536eb4","sha512":"58056d9cf544766822fa450a009cd5f3f723872100a3921ad5d1dc0885cfb327648ca01a19ff320d4515707eb1785de7061a97b1e5582c6c1b2d3f4b718e0674","ssdeep":"6144:TLhAtCn0dF5iqGCvJwXQd7pcxIGQznsWjfGUpEGmwvPrLi:XhAzFY0AQQUpEZEni","tlshash":"13a4f8cdb3d674625396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","size":485330,"data":"","first_seen":"2026-07-02T13:08:00.865362Z","last_seen":"2026-07-02T13:08:00.865362Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bandicam.cc/favicon-96x96.png","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:31.397Z","timestamp":1782997651397,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bandicam.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:16:20 GMT","end":"Sun, 23 Aug 2026 21:16:19 GMT"},"fingerprint":{"sha1":"5C:86:6A:67:52:5E:BA:17:1C:B1:73:7E:46:13:38:CD:8E:20:DF:7B","sha256":"3C:80:B6:B2:82:ED:2F:04:A5:D2:D0:49:77:A2:9F:52:FD:F9:68:7C:9A:EC:4D:14:9C:C4:43:5A:F1:44:2F:3A"}}},"request":{"raw":"GET /favicon-96x96.png HTTP/1.1\r\nHost: bandicam.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nCookie: _ga_Q56MXD0SDB=GS2.1.s1782997651$o1$g0$t1782997651$j60$l0$h0; _ga=GA1.1.41670328.1782997651\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:07:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff48-1e80\"\r\nexpires: Sat, 01 Aug 2026 13:07:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r%2FSB3%2F%2BEK1oMmgJPUJV%2B2VsAoY7vrJxzUG2YjmTVVhmAem6J4WF9BiX3h9OFK7RQ6tmKKvz9jUkBwt9ieT4hHJsZOHTTQDWYjgGf6Q%2FLx3DyPEv%2F%2FMu2t632Mzw%2BFQ%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: a14ddfb93921dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7808,"size_decoded":8627,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"10cc5797044e6db124fc62df501ac667","sha1":"0606779e75901ebc48d3a0307ff6b140d12b5484","sha256":"fa571a067486aeafe2dfbe6924e4e6b0c84349d258b2edb7c6116308c50ad23a","sha512":"5abed424b8c12812f050ee89b02df7930e5823ecc226d5666b15fa31927ba845248fecdac77e90b8afd077ef244524a2ce2c180e7e9913e0823a631e8d5d6ac7","ssdeep":"192:PQK0rdb+Q0EMRJOEie3/mFAgZjhtZ1DrRXG7iQDbv+:P8V+Qoibou1vPlW7bDK","tlshash":"60f1bfc3246468dee484c57cf76cb0a148c385799b8bea7bff581d2533f9b265123019","first_seen":"2026-07-02T13:08:00.857825Z","last_seen":"2026-07-02T13:08:00.857825Z","times_seen":1,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bandicam.cc/favicon.svg","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:31.398Z","timestamp":1782997651398,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bandicam.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:16:20 GMT","end":"Sun, 23 Aug 2026 21:16:19 GMT"},"fingerprint":{"sha1":"5C:86:6A:67:52:5E:BA:17:1C:B1:73:7E:46:13:38:CD:8E:20:DF:7B","sha256":"3C:80:B6:B2:82:ED:2F:04:A5:D2:D0:49:77:A2:9F:52:FD:F9:68:7C:9A:EC:4D:14:9C:C4:43:5A:F1:44:2F:3A"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: bandicam.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nCookie: _ga_Q56MXD0SDB=GS2.1.s1782997651$o1$g0$t1782997651$j60$l0$h0; _ga=GA1.1.41670328.1782997651\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:07:31 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 27 Apr 2026 06:16:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff48-9186\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6VheTDXCkaF8FegOMVq9tjBLO4Sq2%2FaGf2K4HarKjFOxAZVB4XAdreYGTnoLw86hMHsS%2BIGCA%2FosznykmogYUQk%2FlQFApkIsiEUVVKUiqH0puC9ulNcjuQf61ad5vQ%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: a14ddfb93922dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37254,"size_decoded":28737,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"71418210fa7cd2afb29866fbd923db41","sha1":"8a11371d99bafc8db81d64bac29c69979535f9b0","sha256":"ac183a2b7572e817da951b7329620525dcce366fe288f540f432b2665aabdfd9","sha512":"f381241defbd7500f481a0f69704164471dc3d438a8943a845ef10496b726a02bf7b024d5421fc7cdbc5d495910f7c46ff3f80061f6c6bd6920b3bf22f3983cc","ssdeep":"768:EACKsFwGjqA6S0VieRADeOViH60nSqjYGo3tlsRuTE1JVgBGTrhU1:EA1sCA6JMeRACO0HmG+xTE1JOCh+","tlshash":"eaf2f108c709441d554d5b00dca7deccbd4b88a66faf7bda2f185dd2a11ab03b60b0ae","first_seen":"2026-07-02T13:08:00.858865Z","last_seen":"2026-07-02T13:08:00.858865Z","times_seen":1,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bandicam.cc/","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-02T13:07:26.553Z","timestamp":1782997646553,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bandicam.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:16:20 GMT","end":"Sun, 23 Aug 2026 21:16:19 GMT"},"fingerprint":{"sha1":"5C:86:6A:67:52:5E:BA:17:1C:B1:73:7E:46:13:38:CD:8E:20:DF:7B","sha256":"3C:80:B6:B2:82:ED:2F:04:A5:D2:D0:49:77:A2:9F:52:FD:F9:68:7C:9A:EC:4D:14:9C:C4:43:5A:F1:44:2F:3A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bandicam.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:07:30 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 24 May 2026 17:09:50 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bX6JW%2FV5hIfQNcydiIso7PUTrhQuqsyR%2FIt9SSZ3Fi%2BhoK90j9XVdoGXDh3g4QJoVU5%2B%2FIMPxRnbtCDXhSpULdW4S%2FRMBCWi0l6OEnj6G49p067ugKCkDwa%2FnIcZ%2Bw%3D%3D\"}]}\r\ncontent-encoding: zstd\r\ncf-ray: a14ddfb4183bdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":46724,"size_decoded":11424,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (583)","md5":"8560253c4c9bc260a8f5de817fb0c1d5","sha1":"909898a9ababbea2d5d218fc6e1bba1f7073e6a1","sha256":"07eab784ded0d1961b2b7ac7bdace31328d7192142bd3b775a766d762374fc56","sha512":"6d2f08afdc4d3c7aca80e28ace3ef1b6299ba1e50eb683e79a735ec641b25aa1ca8e457c9220b6a5fd93fa6ea1fcfb9eacbfb218142a6b432e838907b51a5515","ssdeep":"768:Q2TqQV5W6G5Q/uH/7QhVClvFpUg2GVwtnxK6IyEQuoMprXuxdN:XXkT5Q/uHDQhwJ+ks","tlshash":"d923a53a72e516bf214392f3b7547fa9ad94c21bd80b9954f1ad81d02fc3c86ce53294","first_seen":"2026-07-02T13:08:00.859688Z","last_seen":"2026-07-02T13:08:00.859688Z","times_seen":1,"resource_available":true,"data":null}},"time_used":4151,"timings":{"blocked":-1,"dns":4007,"connect":15,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.bandicam.com/img/mainbanner_02.jpg","fqdn":"static.bandicam.com","domain":"bandicam.com","tld":"com"},"ip":{"addr":"151.101.1.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:30.941Z","timestamp":1782997650941,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bandicam.com","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Mon, 15 Jun 2026 16:53:07 GMT","end":"Wed, 15 Jul 2026 16:53:06 GMT"},"fingerprint":{"sha1":"BC:D1:44:05:C9:16:8F:81:9E:1D:C9:E7:EF:0B:04:FB:35:1E:5B:CC","sha256":"3C:74:56:4E:4C:F2:F0:91:43:13:B0:87:2A:22:32:AE:E1:FA:3B:07:A1:06:50:4B:6C:0C:C4:26:FF:B4:97:AA"}}},"request":{"raw":"GET /img/mainbanner_02.jpg HTTP/1.1\r\nHost: static.bandicam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 24 Mar 2026 03:33:30 GMT\r\netag: \"69c2060a-fd26\"\r\nexpires: Tue, 22 Jun 2027 16:14:11 GMT\r\ncache-control: max-age=31536000\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ndate: Thu, 02 Jul 2026 13:07:31 GMT\r\nvia: 1.1 varnish\r\nage: 2341\r\nx-served-by: cache-bma-essb1270076-BMA\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1782997651.233353,VS0,VE1\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 64806\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64806,"size_decoded":65320,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x800, components 3","md5":"ef588a4f497da57d5e92d2510bf310aa","sha1":"8c060c4b6a4448fdc640cd5232231e4bdcabd5f7","sha256":"c51d00de938480a1baa7d0953e5831b3458ebe393b12c5cf8215cd8ece4c5451","sha512":"0a443aaadc84fb2956180c15515a9a8b4e5f900310baaea530829769d4f24f0a4862955f8ab3345b62338cadda69c058935356ced886f0aa61e3f9775104b5f5","ssdeep":"1536:OS+KHIOrFRUCzucwGFoLsfaZiKQJemR14SBCSDzs:9dd/UAogfNKQJeu6SBCSE","tlshash":"9453012378062f8ecc2712300187579eac163dad6b99171a5f10d96193fa774edacaac","first_seen":"2025-06-30T00:12:49.049719Z","last_seen":"2026-07-02T13:08:43.228055Z","times_seen":10,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":8,"dns":12,"connect":9,"send":0,"wait":12,"receive":7,"ssl":249},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bandicam.cc/images/bandicam-game-recording.jpg","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:31.162Z","timestamp":1782997651162,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bandicam.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:16:20 GMT","end":"Sun, 23 Aug 2026 21:16:19 GMT"},"fingerprint":{"sha1":"5C:86:6A:67:52:5E:BA:17:1C:B1:73:7E:46:13:38:CD:8E:20:DF:7B","sha256":"3C:80:B6:B2:82:ED:2F:04:A5:D2:D0:49:77:A2:9F:52:FD:F9:68:7C:9A:EC:4D:14:9C:C4:43:5A:F1:44:2F:3A"}}},"request":{"raw":"GET /images/bandicam-game-recording.jpg HTTP/1.1\r\nHost: bandicam.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:07:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 27 Apr 2026 06:16:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff48-1c3dd\"\r\nexpires: Sat, 01 Aug 2026 13:07:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VSpOcA4TIap4vNTIubrZsYD%2FBwMBz7pIRzIsQgiYw2fr160k18ynYyezJQh1pZXU9MTEuPRMKILjofqVxXxqHQFgy0ZpxSQgLAxUNSC7GbO1cr1hugwWrL%2B5FauSkQ%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a14ddfb7c8b3dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":115677,"size_decoded":106952,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 840x680, components 3","md5":"b51ef921935129218aba0bc6b1e03009","sha1":"487f646d9243a885a2996bbf35dff8a25be5c987","sha256":"fa838ce4fbba37847cca297333857ba2864d29714ba71c8a3abdfa89bf74e8cd","sha512":"fc1e866eb5d3b23f120d63d35c6c8af0d3bc3bc83a5da515aa16476984056cbeb4eb31fb3c004a8f0a9383d723e5dd1ce7ee2f93b63afd9286a4873e1eb71ba6","ssdeep":"3072:28SDhn+fG1n6x2ZgHMrZ24IX0pGI7IBFCPR4D/:IDhn+fGNW2ZgHMEbuG7BFc47","tlshash":"a5b3f10908c6cbc239debb9cd8ebb75f7162ecb3961f40590a571a0d55db8bd02431b6","first_seen":"2023-11-10T05:53:27Z","last_seen":"2026-07-02T13:08:00.861899Z","times_seen":2,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bandicam.cc/images/bandicam-record-gameplay.png","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:31.163Z","timestamp":1782997651163,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bandicam.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:16:20 GMT","end":"Sun, 23 Aug 2026 21:16:19 GMT"},"fingerprint":{"sha1":"5C:86:6A:67:52:5E:BA:17:1C:B1:73:7E:46:13:38:CD:8E:20:DF:7B","sha256":"3C:80:B6:B2:82:ED:2F:04:A5:D2:D0:49:77:A2:9F:52:FD:F9:68:7C:9A:EC:4D:14:9C:C4:43:5A:F1:44:2F:3A"}}},"request":{"raw":"GET /images/bandicam-record-gameplay.png HTTP/1.1\r\nHost: bandicam.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:07:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff4a-1336e\"\r\nexpires: Sat, 01 Aug 2026 13:07:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bWzGcuc%2B2jEz19fHuCRkzv7KUd5EEngWWucC5D%2BTD0cP45I7xxuejbVQcKkN5gNGEJDrKCQp%2Fc1CoDzJcgXKitl%2BIyGxJ9KyuaPKQSaZ0K%2BxPAtJDUNE6ud020PgbQ%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a14ddfb7c8b4dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78702,"size_decoded":79528,"mime_type":"image/png","magic":"PNG image data, 700 x 603, 8-bit colormap, non-interlaced","md5":"5e271e46e68735268fa66897ced14fb1","sha1":"c4e66aeb73fd1d0722981f99dc4353641edfc433","sha256":"6801b067fdb18651dba8260a581ad76e994de65fe42b03bad4c6b46531648b65","sha512":"f62ccfbac9874af7230666cb4fd8b57897d6c292dd2e2b924e62467883c449ca025881b862694c23aaa61580f8dade2735f26ab94be42faddb5cb5f0f5cc7354","ssdeep":"1536:MbW8j8n++Q30DNv9MHbwgj87g6EzB36JV7rhQBF7HY:s9j9+bDdSxE9EzBeBrhQBh4","tlshash":"2973029183e22889ebcc276d36b74eb19ec7df9091100bd0b2751b5b0c528e46efd679","first_seen":"2026-07-02T13:08:00.86289Z","last_seen":"2026-07-02T13:08:00.86289Z","times_seen":1,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bandicam.cc/images/facecam.png","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:31.165Z","timestamp":1782997651165,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bandicam.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:16:20 GMT","end":"Sun, 23 Aug 2026 21:16:19 GMT"},"fingerprint":{"sha1":"5C:86:6A:67:52:5E:BA:17:1C:B1:73:7E:46:13:38:CD:8E:20:DF:7B","sha256":"3C:80:B6:B2:82:ED:2F:04:A5:D2:D0:49:77:A2:9F:52:FD:F9:68:7C:9A:EC:4D:14:9C:C4:43:5A:F1:44:2F:3A"}}},"request":{"raw":"GET /images/facecam.png HTTP/1.1\r\nHost: bandicam.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:07:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff4a-b5eb\"\r\nexpires: Sat, 01 Aug 2026 13:07:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ErFJ7YdQzMGWQ3ths9z7RkR1WKr7ucOxEQmtwYTh7P6%2FijGNh8o%2FshxDqKsxX78icbrwnWw45BoVXbW98JMEb3owgAyfU7X19TpnNU3vNAW8R7XDwDyVRy2%2Fj6gCHQ%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a14ddfb7c8b7dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46571,"size_decoded":47382,"mime_type":"image/png","magic":"PNG image data, 470 x 268, 8-bit colormap, non-interlaced","md5":"4abc5d90d4970736aa6b54e24cdac03a","sha1":"ae4bd50faa6ae13b69610dd392a46b3289740a09","sha256":"f8a3ee9027858a99e57dbaed5347dafd7160664228fb095deb9d848fd3c88c9a","sha512":"139ffe55ebd1bce73572bd3abb416d962e5d837bd998da511e17dc10a2daad533a1575a6830290d39831e1809fecc6de75f1575942fba02742770fceb7c2bf15","ssdeep":"768:9NSzENi4eplFg1gsjNB1GVx7LA0fD9IgnN8I5pUQECdOxGdFfDkKHHQZdBfGRUdt:0ENN6l21gsjNB1iLAM9IgNL52C/BnuGq","tlshash":"3823028085742d77bd053d8dc90b1eaa7a4133289b36ea0277cf7ee3348b9992574717","first_seen":"2026-07-02T13:08:00.863859Z","last_seen":"2026-07-02T13:08:00.863859Z","times_seen":1,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":164,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tailwindcss/browser@4","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:30.933Z","timestamp":1782997650933,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/@tailwindcss/browser@4 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 02 Jul 2026 13:07:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 68133\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 4.3.2\r\nx-jsd-version-type: version\r\netag: W/\"43730-cv+oV5vtIBy0YKTZKfkeYqCKtgY\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230233-FRA, cache-bma-essb1270054-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 35040\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YG6RBqiMkuHhkHG2t45bpMxGCvf6Qg58YXqMXwn4J6X4LiKUxnJF2ZICkcblsO6ERJtdQPXH4f6AYoIfMtbI7bBO32I9HP6m5S%2FmnlqnUOJJeFAVAqvcdxbcydK4o3B48L4%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a14ddfb66e880731-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276272,"size_decoded":69259,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65267)","md5":"4ab42b0053e976bc3a170bb73eb47e4a","sha1":"72ffa8579bed201cb460a4d929f91e62a08ab606","sha256":"d04446c80203b7517ca833115e9bdcbd87f1ff709a9f4f7ca48804604129d782","sha512":"99037b4ad0b354997eaf089e5adf9afec0ccea6b9c15223adfab27d897fc4877c105d68bfeb093ea1c04e9aff378393131689519862e1385a478cb9157abb99e","ssdeep":"3072:O3M3h4O2WMhWAY/LBcDcQKwod0PNTsVPYoYZGJtgXoul5VWR8cWiYVSi5+0Lra2Z:D2OT7jaWsNxy0uOz","tlshash":"cf442b353603a03e5fbb43da20de6004d62e6b65a75841e8f782d51b21e5af809f7f39","first_seen":"2026-06-30T06:12:31.279404Z","last_seen":"2026-07-02T14:11:50.704276Z","times_seen":31,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":2,"connect":1,"send":0,"wait":7,"receive":1,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-Q56MXD0SDB","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:30.935Z","timestamp":1782997650935,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:39:04 GMT","end":"Mon, 07 Sep 2026 08:39:03 GMT"},"fingerprint":{"sha1":"6D:E4:85:F4:01:A4:0B:02:E0:64:E2:F2:58:93:6D:3F:4C:AB:30:9D","sha256":"4A:07:79:34:AC:03:17:68:07:4A:CB:68:23:A7:E3:14:B2:DE:22:3C:E1:AE:8D:F5:2F:2E:2D:C6:28:58:47:CE"}}},"request":{"raw":"GET /gtag/js?id=G-Q56MXD0SDB HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Thu, 02 Jul 2026 13:07:31 GMT\r\nexpires: Thu, 02 Jul 2026 13:07:31 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 165029\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":485330,"size_decoded":165633,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"990030cd258afdf30922d23e2c78bfa4","sha1":"770a985c7f14fae6b8554691a1d2ae03ce8b90c6","sha256":"e8f52975893cd6dd7a2941d2a3f21938282f3e2afdab004dcc6c47abf2536eb4","sha512":"58056d9cf544766822fa450a009cd5f3f723872100a3921ad5d1dc0885cfb327648ca01a19ff320d4515707eb1785de7061a97b1e5582c6c1b2d3f4b718e0674","ssdeep":"6144:TLhAtCn0dF5iqGCvJwXQd7pcxIGQznsWjfGUpEGmwvPrLi:XhAzFY0AQQUpEZEni","tlshash":"13a4f8cdb3d674625396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","first_seen":"2026-07-02T13:08:00.865362Z","last_seen":"2026-07-02T13:08:00.865362Z","times_seen":1,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":2,"connect":15,"send":0,"wait":49,"receive":54,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bandicam.cc/images/icon.png","fqdn":"bandicam.cc","domain":"bandicam.cc","tld":"cc"},"ip":{"addr":"172.67.147.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:30.946Z","timestamp":1782997650946,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bandicam.cc","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:16:20 GMT","end":"Sun, 23 Aug 2026 21:16:19 GMT"},"fingerprint":{"sha1":"5C:86:6A:67:52:5E:BA:17:1C:B1:73:7E:46:13:38:CD:8E:20:DF:7B","sha256":"3C:80:B6:B2:82:ED:2F:04:A5:D2:D0:49:77:A2:9F:52:FD:F9:68:7C:9A:EC:4D:14:9C:C4:43:5A:F1:44:2F:3A"}}},"request":{"raw":"GET /images/icon.png HTTP/1.1\r\nHost: bandicam.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:07:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff48-6bae\"\r\nexpires: Sat, 01 Aug 2026 13:07:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FtmgraDnpE%2Bu2jmUDbiweG%2BLVBqdHIGkg0JjnQyHmDv6TJXKkQ715UMLVW31Ez%2FhmT4kfFRqPapzWQQI%2BEZbWocMd5TgzvtF1SRD782JHk6%2FYOxDiIBTb7YVsgzdTQ%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14ddfb6687edfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27566,"size_decoded":27877,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"8b775fbbed2800175741228a4a2890b4","sha1":"393a757e99b30b22dd6cc08922ee73dc3b2abb10","sha256":"9a1fd18e95f84ed8e75642e6855e52c1ecb8a269133139c5049a91c0944edc15","sha512":"943acbdfbe31c5394f053aab3d5135d4e1387ee7655a0bec83ee7d1c768a9f48d27931dd2ddd76f431afa6806b4fe264b629b38f843aa6f2a58ece79848bce37","ssdeep":"768:6K5EJpr4aufRRcc5ZQkQDz17k+ocqOJnJFTPS:xUp3+TfQkak+omfS","tlshash":"bcc2e17ae518e9bbb21d93529cc2d3846927413493e74960651c84f4c9aed3bcaec32f","first_seen":"2023-05-20T23:42:11Z","last_seen":"2026-07-02T13:08:43.222095Z","times_seen":8,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"bandicam.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.bandicam.com/img/mainbanner_01.jpg","fqdn":"static.bandicam.com","domain":"bandicam.com","tld":"com"},"ip":{"addr":"151.101.1.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:30.950Z","timestamp":1782997650950,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bandicam.com","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Mon, 15 Jun 2026 16:53:07 GMT","end":"Wed, 15 Jul 2026 16:53:06 GMT"},"fingerprint":{"sha1":"BC:D1:44:05:C9:16:8F:81:9E:1D:C9:E7:EF:0B:04:FB:35:1E:5B:CC","sha256":"3C:74:56:4E:4C:F2:F0:91:43:13:B0:87:2A:22:32:AE:E1:FA:3B:07:A1:06:50:4B:6C:0C:C4:26:FF:B4:97:AA"}}},"request":{"raw":"GET /img/mainbanner_01.jpg HTTP/1.1\r\nHost: static.bandicam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 24 Mar 2026 03:33:30 GMT\r\netag: \"69c2060a-110e9\"\r\nexpires: Thu, 10 Jun 2027 21:18:35 GMT\r\ncache-control: max-age=31536000\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nage: 131740\r\ndate: Thu, 02 Jul 2026 13:07:31 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-bma-essb1270076-BMA\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1782997651.233197,VS0,VE1\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 69865\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":69865,"size_decoded":70382,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x800, components 3","md5":"64a222e25fb53f19a2c24501330a4ab5","sha1":"b85bc3c1386b401323265110e16bcdc6a9f242e4","sha256":"1c2e6e27fa14402f7a9dab0f57be4683dc6a92af86a6855c48f2ac0a7725d5a7","sha512":"99d2313f3dcafde9bff38d17c7308bd06ca82007442ebccc84949f6d66edb25925e9a534508a82ea24ed819431481df18b1ad629cfda2ca196d148edf4e75155","ssdeep":"1536:xiZeE+vVNDsNuqIeOEQ2LxmMPpOmfmYv+4UIk:tVTYNuFehQKwMPp3f/v+4U","tlshash":"d1630217ffc0140ae84e9e3a285b67a709b9b9702dc36d16463d390cb8af195c22e774","first_seen":"2025-06-30T00:12:49.043123Z","last_seen":"2026-07-02T13:08:00.867396Z","times_seen":8,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":4,"dns":12,"connect":14,"send":0,"wait":10,"receive":2,"ssl":244},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bandicam.com/img/mainbanner_03.jpg","fqdn":"static.bandicam.com","domain":"bandicam.com","tld":"com"},"ip":{"addr":"151.101.1.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://bandicam.cc/","date":"2026-07-02T13:07:30.951Z","timestamp":1782997650951,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bandicam.com","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Mon, 15 Jun 2026 16:53:07 GMT","end":"Wed, 15 Jul 2026 16:53:06 GMT"},"fingerprint":{"sha1":"BC:D1:44:05:C9:16:8F:81:9E:1D:C9:E7:EF:0B:04:FB:35:1E:5B:CC","sha256":"3C:74:56:4E:4C:F2:F0:91:43:13:B0:87:2A:22:32:AE:E1:FA:3B:07:A1:06:50:4B:6C:0C:C4:26:FF:B4:97:AA"}}},"request":{"raw":"GET /img/mainbanner_03.jpg HTTP/1.1\r\nHost: static.bandicam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bandicam.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 24 Mar 2026 03:33:23 GMT\r\netag: \"69c20603-ffdd\"\r\nexpires: Thu, 10 Jun 2027 23:30:45 GMT\r\ncache-control: max-age=31536000\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\nage: 136406\r\ndate: Thu, 02 Jul 2026 13:07:31 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-bma-essb1270076-BMA\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1782997651.000775,VS0,VE3\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 65501\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65501,"size_decoded":66017,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x800, components 3","md5":"be078fac74104ff13475244b7a1f2632","sha1":"cb0619db5f57a9c3948d45f502bdb999e0908f4d","sha256":"ac3ac2cf035d47e3f03448285cc1811ab1ebb6d2f90cc130d9a8c191e4c1a9ba","sha512":"ccea524c863c9c244c2a9a783c7bff2b6dc10b7e8b29ffca4831efeb359fc9baab14fc377d0ddef5b6c7e76587a13f2d8eaecc2a2be4e837e9b20461792ee407","ssdeep":"1536:ksiBcJzkyxCLq9uBQLj4CCOJtrRv4nKdm0mfXayzD3JB:kQ8ou2j4CjJJZINDfXRJB","tlshash":"6553f2b3eb97565cf8e9a33875638a08d73d5c23bbc19711ac2c1694cd902cf6e16316","first_seen":"2025-06-30T00:12:49.05574Z","last_seen":"2026-07-02T13:08:00.868643Z","times_seen":8,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":4,"dns":12,"connect":8,"send":0,"wait":12,"receive":10,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
