{"report_id":"4348d174-c7e2-488a-bed2-ae76b1e4ce87","version":6,"status":"done","tags":[],"date":"2026-02-01T15:58:57Z","url":{"schema":"https","addr":"gemini555.vip/","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gemini555.vip/","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"title":"GEMINI555 เว็บตรงสล็อตออนไลน์ อันดับ 1 ในเอเชีย | gemini555.vip","dom":{"size":62580,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (26809)","md5":"cdf4c8e03e797aec08d94608039d012a","sha1":"3976cbbd476ecf2e9d0bf092f7459605c1be0647","sha256":"51c38615d3050d88dd58e1d1b8ef8e58993489e21956bc8cce2d7800272a0f10","sha512":"19b6ebd1ac6aea9fef7c7f1c17342bfd11f6bdef107b8e09b174d8e601da036702216df88ea3be2c73a97c51a8dcef6ed959105cee6f3d65706a67b6e69dd610","ssdeep":"768:omvhlZaXwNR9at+WbQA5nHy6xczHJtcmlC8eXbAdF+CiN4Ji:dvhiImmlJi","tlshash":"7353c7746351047b1e2784f5f1a0bb6eb169d2cbde27d5e8b6dc0204a7c6fe99e03608","dom_hash":"domhash400fa1f1748f1ce0ac32d9474988c2d4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"gemini555.vip/","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-08T15:58:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.akamai.steamstatic.com","ip":{"addr":"23.36.77.82","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2013-11-07","domain_rank":129555,"first_seen":"2014-04-02T16:39:27Z","last_seen":"2026-01-26T08:33:25.18484Z","alert_count":0,"request_count":1,"received_data":148,"sent_data":509,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-25T22:17:37.642954Z","alert_count":0,"request_count":2,"received_data":14619,"sent_data":898,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-01-26T03:26:27.114953Z","alert_count":0,"request_count":2,"received_data":815956,"sent_data":752,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"gemini555.vip","ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-01","domain_rank":0,"first_seen":"2026-02-01T01:32:12.35929Z","last_seen":"2026-02-01T01:32:12.35929Z","alert_count":78,"request_count":26,"received_data":2598892,"sent_data":13261,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Google PageSpeed:1","description":"Google PageSpeed is a family of tools designed to help websites performance optimisations.","website":"https://developers.google.com/speed/pagespeed/mod","common_platform_enumeration":"","icon":"Google PageSpeed.svg","categories":["Caching","Web server extensions","Performance"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-25T22:14:35.458366Z","alert_count":0,"request_count":4,"received_data":304210,"sent_data":2225,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gemini555.vip/","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3b7b19f24ef360e3c6fc77a09335948c","sha1":"70ae65f41260730df47c766dee8e0426ed69bdd3","sha256":"2a275c0deda8a556234de7c79f0f959a8f0ac7b1f281c373e6e352f02d626b76","sha512":"62336c5d1f8eae5206b0d9448d07ff966c4b74a0134c68145f67c2f2b99cfdf530740a6d6ef51788ea0b738eac34c1e3758aed9558032e6d685afa7c445739eb","ssdeep":"","tlshash":"52d02bb18dfc06754aee8c4d96815e1436f6a58ab4d3b090d465d46a7088088752732f","size":281,"data":"","first_seen":"2026-02-01T01:32:16.06302Z","last_seen":"2026-02-01T15:59:00.368298Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-08T19:30:16.835599Z","times_seen":39843,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/assets/index-AChaslI0.js","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ffbb740c9a72567d01088f32af16546","sha1":"eccb235fa192532c3ab0a7d4fa92bc05cd23c92f","sha256":"5d1f7392d5c7057e48497725633f604a062953b0e69a9d5d251b2c6a91899495","sha512":"028ccde7fd59fcf017421cb974eb27c95f4020440c359374299ccb8568f75f59bc41e7e91e78f20e62f0819ee69660ca62d06474d6efdb07bc50258ac7f0cac5","ssdeep":"3072:iKkchNOLoZlqKGVhyJgMd5YNHpHDZaRn57TmExRgaL0A5xzy+g92NmFkSwZ0KoGI:mNNHpHYJTmCSaNBR1mFjGEl9","tlshash":"f4243ce831bdbb666e7305e1109f5107b12d3923980d8c70b174ed5a27b408a66bbfed","size":228291,"data":"","first_seen":"2026-02-01T01:32:16.0512Z","last_seen":"2026-02-01T15:59:00.35117Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/2073850/7cb28d822b86affe0f10eef8fe62caa7d5edd178/header.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/2073850/7cb28d822b86affe0f10eef8fe62caa7d5edd178/header.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 32246\r\netag: W/\"PSA-aj-BkQHdyj9RX\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:36 GMT\r\ncache-control: max-age=312727304\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8bQJwuIE%2FPvEJ8%2BfUqh%2B0JZsy7QE25ImWtOWBpzQRr0R1bm145Ho%2B3ZSAGmwiR7GgwPoOP%2B%2BFdtz8yQL454aCziyQRXi2RYZbak0ddI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6baccc40daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20720,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 460x215, components 3","md5":"0644077728fd4571b1618d275f1a1734","sha1":"c1bad78513b6d5c7e9599574775f61680c659cc8","sha256":"65375994c411e7309705ba1d19df8a11e01c4b7f95eee9937ffc8c3f73c20a93","sha512":"ccdeba43cf00b5c1f65dd21c6021325b9bec953a66b9eda53446f6f66b19195562678fbfa5dd7ffc87c80e1fac23dcfb7ce5f41f11c4fe800dbbc68912b8f5ff","ssdeep":"384:JtHhXjsP5XuROBZBJF5QVFiKPi2XySxl+6rJs5DSJ0hcD4blPECXy8Y8Su3xXp:zHpsPRSOB3JvQ/9XySxA61oDomHbqHty","tlshash":"1392d07ad2c794c9fe5c76bf88d8f2c697d281ee255152c9719164ec0303bc858b923d","first_seen":"2026-02-01T01:32:16.057206Z","last_seen":"2026-02-01T15:59:00.346593Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/materialiconsoutlined/v110/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:55 GMT","end":"Mon, 06 Apr 2026 08:37:54 GMT"},"fingerprint":{"sha1":"C9:11:F3:8A:1F:95:BA:78:F0:71:09:AC:AA:E5:AC:D1:ED:83:E4:04","sha256":"61:45:36:53:9C:8E:E6:E3:72:93:D5:B6:2E:25:31:08:2F:70:5B:C8:FA:43:EA:70:B8:CE:11:BF:74:C7:92:98"}}},"request":{"raw":"GET /s/materialiconsoutlined/v110/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gemini555.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 155276\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 30 Jan 2026 13:03:25 GMT\r\nexpires: Sat, 30 Jan 2027 13:03:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 183312\r\nlast-modified: Mon, 16 Jun 2025 20:46:34 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":155276,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 155276, version 1.0","md5":"0ba49c096a77b67734434cebcaf2e14d","sha1":"2f9e28ab559782402f27332633c843c40209d95a","sha256":"35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577","sha512":"535cbcaa70d87a908edbe2603738ef1bd6ee7ae9d893bf9ab962d850f0e410013a66aa2da74d57babe4655f8eae61ded74fc722fbb36cf5f99a6fa0a520c84a4","ssdeep":"3072:UPjG/drPcIi87081wBxkBx+nmaAjFlcJJQUD+iFHVV/KmahWxn4TzCOfjA:UP6/VPRqPqcn4F1UDfH+WezCOU","tlshash":"90e31219855f35e0e983b9c9977dd9e68cc0b4be0984aeed8c13031918b87c4dd28dbd","first_seen":"2023-04-17T15:03:43Z","last_seen":"2026-06-08T15:56:42.865573Z","times_seen":5696,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":92,"dns":17,"connect":8,"send":0,"wait":17,"receive":28,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.akamai.steamstatic.com/steam/apps/730/movie480_vp9.webm?t=1698864702","fqdn":"cdn.akamai.steamstatic.com","domain":"steamstatic.com","tld":"com"},"ip":{"addr":"23.36.77.82","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.akamai.steamstatic.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Dec 2025 22:18:58 GMT","end":"Thu, 26 Mar 2026 22:18:57 GMT"},"fingerprint":{"sha1":"BC:88:FA:43:31:7E:36:D1:40:4E:D0:B4:F5:AB:A4:2A:DF:83:38:39","sha256":"25:C7:4C:9C:7B:1E:2F:0A:06:23:E6:9F:0F:4F:94:DD:62:A3:05:3C:2D:98:91:20:1B:A0:ED:BA:B3:03:A7:EA"}}},"request":{"raw":"GET /steam/apps/730/movie480_vp9.webm?t=1698864702 HTTP/1.1\r\nHost: cdn.akamai.steamstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nContent-Type: text/html\r\nContent-Length: 146\r\nDate: Sun, 01 Feb 2026 15:58:37 GMT\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":33,"dns":11,"connect":1,"send":0,"wait":177,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/page_bg_raw.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/page_bg_raw.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 1901643\r\netag: W/\"PSA-aj-tpMgZZooz1\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:51:07 GMT\r\ncache-control: max-age=312729555\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FVZVcPkkANjJsF4WrlUKs7gEFoNIwYseXwhkHVV1%2Bh96qtoMuZ6YmhOgwH6ud2lG2q1mw%2B9X7A%2FKJdwsRfF5nJ%2FNNODpPafICNvAJq4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6bc8d1e0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1839166,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1438 x 811, 8-bit/color RGBA, non-interlaced","md5":"434a40c0374c2edd1cf551e785ed8c15","sha1":"d4960570f8d54e02c1ae55343a5125424bc7d070","sha256":"0b9b1f0f9369d70e5acedde54fac76c3efbf23459bfd05907a51e78f4e7d8dfc","sha512":"74d4e2b8aabf38e94a1cbae85dbc03073e31800bf04675f6575c0469ce40fd9bd6c8d7c124a8e18b5b21efca9dc97c6a1597ac6cbae1e061224d604ebd452778","ssdeep":"24576:WcqpQP2nwj/lV4uMj8unUy/Vk/5rI7qvpxdoMqOVYHj:xpXMjVUy/KxuqvpxdofOyD","tlshash":"f1252394deffa861f2c326c1d0a4472c655d2188122fff516ac1aed7926c63af4377a0","first_seen":"2026-02-01T01:32:16.04805Z","last_seen":"2026-02-01T15:59:00.34904Z","times_seen":2,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:55 GMT","end":"Mon, 06 Apr 2026 08:37:54 GMT"},"fingerprint":{"sha1":"C9:11:F3:8A:1F:95:BA:78:F0:71:09:AC:AA:E5:AC:D1:ED:83:E4:04","sha256":"61:45:36:53:9C:8E:E6:E3:72:93:D5:B6:2E:25:31:08:2F:70:5B:C8:FA:43:EA:70:B8:CE:11:BF:74:C7:92:98"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gemini555.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 31 Jan 2026 15:23:48 GMT\r\nexpires: Sun, 31 Jan 2027 15:23:48 GMT\r\ncache-control: public, max-age=31536000\r\nage: 88489\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-08T19:38:09.432053Z","times_seen":206372,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":102,"dns":11,"connect":13,"send":0,"wait":27,"receive":11,"ssl":85},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/assets/index-AChaslI0.js","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:36.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /assets/index-AChaslI0.js HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"6956df2c-37bc3\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\naccess-control-allow-origin: *\r\ndate: Sun, 01 Feb 2026 15:58:36 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: br\r\nage: 52006\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xy3HZdGBe8HWJ3AZAUXWZHwsf5TZ8nFKJyR%2Fk9pysOlY%2BUdFgjZ4%2FZHOQp1zwmsXF3WPGIwR%2FKdrT8%2BmlrwAAXECu06%2B3aUMyXYLkzk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6b61c040daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":228291,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (41407)","md5":"4ffbb740c9a72567d01088f32af16546","sha1":"eccb235fa192532c3ab0a7d4fa92bc05cd23c92f","sha256":"5d1f7392d5c7057e48497725633f604a062953b0e69a9d5d251b2c6a91899495","sha512":"028ccde7fd59fcf017421cb974eb27c95f4020440c359374299ccb8568f75f59bc41e7e91e78f20e62f0819ee69660ca62d06474d6efdb07bc50258ac7f0cac5","ssdeep":"3072:iKkchNOLoZlqKGVhyJgMd5YNHpHDZaRn57TmExRgaL0A5xzy+g92NmFkSwZ0KoGI:mNNHpHYJTmCSaNBR1mFjGEl9","tlshash":"f4243ce831bdbb666e7305e1109f5107b12d3923980d8c70b174ed5a27b408a66bbfed","first_seen":"2026-02-01T01:32:16.0512Z","last_seen":"2026-02-01T15:59:00.35117Z","times_seen":2,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/index.css","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:36.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /index.css HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tg6IpYuB7cZI62196vxrVqHECY%2Fv9a1qcYxwazS%2B2Ncm1RzagVXdp283%2BJeDXwHE6k9ah%2FIuwELPqogAa%2FkqUFRNHgyNWm2ug8G38WM%3D\"}]}\r\ncf-ray: 9c72a6b61c030daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-08T19:36:24.63917Z","times_seen":524195,"resource_available":true,"data":null}},"time_used":629,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":629,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/300/capsule_sm_120.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/300/capsule_sm_120.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 2031\r\netag: W/\"PSA-aj-Bs9fSmX3Xf\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:35 GMT\r\ncache-control: max-age=312727303\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2nWHnNcmLbiShER6T7g0%2BU8qoJhziEoXYw7sl6peg66dSH4x0kP3O3Eef5Q%2BMlCr%2BfWnxiGTh%2FbGTgdC6q062L%2FIJTc5YyFs%2BQ2JF5M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6baccc20daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1654,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x45, components 3","md5":"06cf5f4a65f75df4db1bc9345268733e","sha1":"4f25add98cfa9af971a946a3916324f8462782e7","sha256":"db972a7ba11e890f048d91d6ae8d951e8d6f87151669187a86c7f06315570897","sha512":"26124d11cfdd09da081516645abc3ccc8c3e9fbef2b8f76a1bd43e6b19ebe3f9b61cba05e9b7b681b3585136862649ee794459988ebb4d828665af9da4bfd143","ssdeep":"","tlshash":"6b310523d626621beb0082bd02b0ade6e74002d5d95ecbb0a0694c7c5c73eb1007acca","first_seen":"2026-02-01T01:32:16.05877Z","last_seen":"2026-02-01T15:59:00.353225Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/avatars.akamai.steamstatic.com/a3ae04cc7cc62b1601506114a804f2a35ea18ec8_medium.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/avatars.akamai.steamstatic.com/a3ae04cc7cc62b1601506114a804f2a35ea18ec8_medium.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 3150\r\netag: W/\"PSA-aj-9JagJh860q\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:38 GMT\r\ncache-control: max-age=312727306\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5LwwbFeGFXUaq%2Bcld0Su8xv6AhyRN0gLNfTdwxhmx%2BZ3aqeLXEC74B9FLvE04OLQHafONlbAxjMmV1QtTjlQhUIBjBOBUd9ltfG8Sig%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6baccc60daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2186,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3","md5":"f496a0261f3ad2ab65e6b9e17dba055d","sha1":"55e3920bc13cb8da3c8d25007852db40faa4db5f","sha256":"85aeabe150844130220c0274180bb733e87e955c4172c398db2acafb914f6a58","sha512":"3e37e5fcb74bd388c7036b08b8f16f96b25e7f50e5a86791f16ac25fc8e9c9416b50f8cf2690a200e8eb895422d4220ed14ca12ba0eae6dc562773de1acb9587","ssdeep":"","tlshash":"0b413a24009dc134ddae273a8753ed300d452ff73bd4ca614c814b7a8fb13e13859586","first_seen":"2026-02-01T01:32:16.053283Z","last_seen":"2026-02-01T15:59:00.354332Z","times_seen":2,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/store.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/store.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/avatars.akamai.steamstatic.com/a3ae04cc7cc62b1601506114a804f2a35ea18ec8_medium.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/avatars.akamai.steamstatic.com/a3ae04cc7cc62b1601506114a804f2a35ea18ec8_medium.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 3150\r\netag: W/\"PSA-aj-9JagJh860q\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:38 GMT\r\ncache-control: max-age=312727306\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ceBsa6jRMM%2FTiqdcGfPQUEQX1temtoeWHR9mezB%2ByTWpDqj7PgydvYdbcBNGunD7Z9OwxdOLMS1ol6KsPR0CC1CuQ3gQvXc1rW9qrtg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6ba8cb90daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2186,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3","md5":"f496a0261f3ad2ab65e6b9e17dba055d","sha1":"55e3920bc13cb8da3c8d25007852db40faa4db5f","sha256":"85aeabe150844130220c0274180bb733e87e955c4172c398db2acafb914f6a58","sha512":"3e37e5fcb74bd388c7036b08b8f16f96b25e7f50e5a86791f16ac25fc8e9c9416b50f8cf2690a200e8eb895422d4220ed14ca12ba0eae6dc562773de1acb9587","ssdeep":"","tlshash":"0b413a24009dc134ddae273a8753ed300d452ff73bd4ca614c814b7a8fb13e13859586","first_seen":"2026-02-01T01:32:16.053283Z","last_seen":"2026-02-01T15:59:00.354332Z","times_seen":2,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:55 GMT","end":"Mon, 06 Apr 2026 08:37:54 GMT"},"fingerprint":{"sha1":"C9:11:F3:8A:1F:95:BA:78:F0:71:09:AC:AA:E5:AC:D1:ED:83:E4:04","sha256":"61:45:36:53:9C:8E:E6:E3:72:93:D5:B6:2E:25:31:08:2F:70:5B:C8:FA:43:EA:70:B8:CE:11:BF:74:C7:92:98"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gemini555.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 31 Jan 2026 15:23:48 GMT\r\nexpires: Sun, 31 Jan 2027 15:23:48 GMT\r\ncache-control: public, max-age=31536000\r\nage: 88489\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-08T19:38:09.432053Z","times_seen":206372,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":136,"dns":2,"connect":20,"send":0,"wait":8,"receive":2,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800\u0026family=Motiva+Sans:wght@400;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:36.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:56 GMT","end":"Mon, 06 Apr 2026 08:37:55 GMT"},"fingerprint":{"sha1":"DE:3B:B4:94:98:33:3A:CB:2A:A9:96:A1:CB:19:8C:84:B5:8D:23:E9","sha256":"D0:A1:5A:83:80:77:19:74:AA:CB:27:69:4A:C7:2C:F0:DA:06:9C:79:1E:07:77:9A:4D:7B:5D:AA:A2:D2:D4:E9"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700;800\u0026family=Motiva+Sans:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 01 Feb 2026 15:58:36 GMT\r\ndate: Sun, 01 Feb 2026 15:58:36 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12635,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"4b1d52c19ccef2398d1de007b3c9a55c","sha1":"c57fa2bcac927a7d60c526cb7ec2b6249019dfe7","sha256":"05f842619ec9f615de0b749034eadaea60e3554d798683fb01ee1eb27abd1e68","sha512":"9dfc4ab3832325eb1438bd85674e15ceb62771b94f06ea8e48a2e286453d571218df3f6727b8df4c1bdfa47218eb5fed0298601da289391a736a76a230d68c3b","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGfNx0NO3kCxHx:vXuM0p2+g7r","tlshash":"1e427892002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T22:54:08.549336Z","last_seen":"2026-06-08T19:11:41.655495Z","times_seen":11340,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":94,"dns":0,"connect":7,"send":0,"wait":18,"receive":0,"ssl":229},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/icon?family=Material+Icons+Outlined","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:36.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:56 GMT","end":"Mon, 06 Apr 2026 08:37:55 GMT"},"fingerprint":{"sha1":"DE:3B:B4:94:98:33:3A:CB:2A:A9:96:A1:CB:19:8C:84:B5:8D:23:E9","sha256":"D0:A1:5A:83:80:77:19:74:AA:CB:27:69:4A:C7:2C:F0:DA:06:9C:79:1E:07:77:9A:4D:7B:5D:AA:A2:D2:D4:E9"}}},"request":{"raw":"GET /icon?family=Material+Icons+Outlined HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 01 Feb 2026 15:58:36 GMT\r\ndate: Sun, 01 Feb 2026 15:58:36 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":612,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d124199cd8c35cedbee194573c5f45b2","sha1":"f99cd9e046ec2500d4b22ec4094c456d1efd38ca","sha256":"cb7883bfc15a46931e0534f4775bc48358e7bb2e933b82a296cdc04cf2cad71e","sha512":"a7b68695e3fca2bb137560b01ac4910c0e6b370e5e581361c8cee18a1fe730a736e6efe7c984881ecbaa748bbb19eab3bedee65fa34e57025f6aa456aaa2e00b","ssdeep":"","tlshash":"03f028547e169846aa110c96334f3f125d1a411ba50accfd9f850d4c9dfe5bb534ab0f","first_seen":"2025-06-17T23:06:32.5471Z","last_seen":"2026-06-08T16:05:25.680769Z","times_seen":2272,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":149,"dns":1,"connect":21,"send":0,"wait":20,"receive":0,"ssl":131},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/240/capsule_sm_120.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/240/capsule_sm_120.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 2220\r\netag: W/\"PSA-aj-ENKtKHQ6cz\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:42 GMT\r\ncache-control: max-age=312727310\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=INuPwnHdSknsKPBlqjhfEuflx9zmdin7HEWyBy0CsGgEQa0IAge%2F0WJh6fA%2FEiefFBT%2FLBIYnKp%2F3EgxVad0SCliFJ%2F97SJnEHX%2FCPA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6ba6cac0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1845,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x45, components 3","md5":"10d2ad28743a7331bb38d800e74fbecc","sha1":"c3753a05231971ddd0fbc946ac45a8ce9f73596a","sha256":"841fab5abc7e4ca25fa333937f6a619f68f7cf1a7d1b6d4e8758c4ded44e3f0f","sha512":"dd0d8eb6aeed43fa4e222277fee66658cfaa3e2058d2f79c17a32a15c7cd6d0f192dd16b03e4f9e95b6016a9a1af776a57eab068fcefda77ffb25354658672df","ssdeep":"","tlshash":"e731eb1753c5f406db1d1b7e897a6f129f828b205a01697c08ecbb6d5664db00ff7534","first_seen":"2026-02-01T01:32:16.06222Z","last_seen":"2026-02-01T15:59:00.356437Z","times_seen":2,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:55 GMT","end":"Mon, 06 Apr 2026 08:37:54 GMT"},"fingerprint":{"sha1":"C9:11:F3:8A:1F:95:BA:78:F0:71:09:AC:AA:E5:AC:D1:ED:83:E4:04","sha256":"61:45:36:53:9C:8E:E6:E3:72:93:D5:B6:2E:25:31:08:2F:70:5B:C8:FA:43:EA:70:B8:CE:11:BF:74:C7:92:98"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gemini555.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 31 Jan 2026 15:23:48 GMT\r\nexpires: Sun, 31 Jan 2027 15:23:48 GMT\r\ncache-control: public, max-age=31536000\r\nage: 88489\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-08T19:38:09.432053Z","times_seen":206372,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":158,"dns":2,"connect":23,"send":0,"wait":8,"receive":5,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/ss_796601d9d67faf53486eeb26d0724347cea67ddc.116x65.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/ss_796601d9d67faf53486eeb26d0724347cea67ddc.116x65.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 4678\r\netag: W/\"PSA-aj-6s8XJAzXI6\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:37 GMT\r\ncache-control: max-age=312727305\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=opwwDyQ3%2BSy7o8Yvee5swHpXnKztIj3ujoR9geBMbTb%2FZgaalpPGlaJ8KOf42zLlJBWG6Oa%2BYRZsUb%2BMRURZbFUChp%2FV0nvPcS558%2BA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6bd5d2b0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3259,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 115x65, components 3","md5":"eacf17240cd723a1da4758fc979bff25","sha1":"d4cdbb4de1556ca2965bf0b70c6046d346fd7ef1","sha256":"56d4c0da877432aa3da428fc075babf7b84c34ae884baee3b1f772d708a13b3f","sha512":"762a8df03c1b953f62d8a83dab519de78f9e9a2f126f2589722882098aefb338a557fec94403b12cf0865333d433fbbc6f27a26f9ce6871045a508320e5dbb43","ssdeep":"","tlshash":"8d616c5787950024fadf26b54222c392f158824e65a5b533f0f4f0b09b866efecce1d0","first_seen":"2026-02-01T01:32:16.060752Z","last_seen":"2026-02-01T15:59:00.357712Z","times_seen":2,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/ss_d830cfd0550fbb64d80e803e93c929c3abb02056.116x65.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/ss_d830cfd0550fbb64d80e803e93c929c3abb02056.116x65.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 5135\r\netag: W/\"PSA-aj-8jpBRXfpqB\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:39 GMT\r\ncache-control: max-age=312727307\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FBbBlQVUUbO1YgAM7UQ9gAud8kSayY0epFt5RGYoPaVxmh2qn9wThTtmSnxNedOOAafJD7lIQa5w1F7gB%2BTsOCvl%2FTv7vYOlW5wRNTk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6bd5d2c0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3626,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 115x65, components 3","md5":"f23a414577e9a81efabd5308bde34f08","sha1":"ae991378c053fd045c1926e5a34ef1d4ff6bf827","sha256":"e5f1ed3f971cddee4317e79e5bb2aa31b9074f3d67383f6437ddfd2b6d8a2c00","sha512":"d0a2a0e409182cca56238e292a5501cd5163463ae60cdedf095808160ec17232c10ce15ff447c2d9979e6fca4afbb27ad88dc4a2e8370b20723cea202ecc3f9e","ssdeep":"","tlshash":"e8713b0831ddba4bd22f4abcf58923579f95a6e253dc293d37610b8b7b2d4889a804d4","first_seen":"2026-02-01T01:32:16.061526Z","last_seen":"2026-02-01T15:59:00.358658Z","times_seen":2,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/ss_0f8cf82d019c614760fd20801f2bb4001da7ea77.116x65.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/ss_0f8cf82d019c614760fd20801f2bb4001da7ea77.116x65.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 3896\r\netag: W/\"PSA-aj-od3ltP4zNj\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:42 GMT\r\ncache-control: max-age=312727310\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v30vg16QVVi6bKNZIjfUdse19JqJpWbLHxTgBL1YExdMibPMhNWBZ6UlYqafKbhh7hJVk5vyf0RtgGEyDj49dbHfvxmX0hp%2FrbdcLGY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6bd5d2e0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2894,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 115x65, components 3","md5":"a1dde5b4fe33363837ce45257e052f07","sha1":"4261b6ef3486f09d78473709c5ef59a38662c52a","sha256":"e5cb293b70ed955f305c9f95b58eb202fe0f98db2022c5c29fc62fee60a8e6d8","sha512":"531aa3bd3d3de3ae3d68a1114367d2a32900bb9f695040287eba0cf25f168750c733e09cb17192b2c0b96dd48e9ee6c8daa3574a5fbe54b6904040570cd86c8a","ssdeep":"","tlshash":"f2512b1bc0225462d33efa7cce7583116784ba5a91350e88e9401331674bee586b503b","first_seen":"2026-02-01T01:32:16.054706Z","last_seen":"2026-02-01T15:59:00.359642Z","times_seen":2,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/cdn.akamai.steamstatic.com/store/promo/steamawards2020/trophy2020.png","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/cdn.akamai.steamstatic.com/store/promo/steamawards2020/trophy2020.png HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 280195\r\netag: W/\"PSA-aj-XUQijJtl63\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:41 GMT\r\ncache-control: max-age=312727309\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wQM0Ed5JWHDMqGAJw0J1Npvm8uW326i3Lk4YWF94Ccr6Xjs7E3EE5PgbIp%2B0ehtORFgWkj52lyb4MspvCIwdfOK6Xq0I2XmuePzeJg4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6bd5d300daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":277859,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 285 x 751, 8-bit/color RGBA, non-interlaced","md5":"5d44228c9b65eb744da24d57b7b68ae1","sha1":"842338651b7fdf914d4e91536c7cb2c161bef9e7","sha256":"9ab0bc60aefa4234734d90a2f26959a7e02714df8aeea971ec1130df36f2651f","sha512":"21b879f778d1b97052095c75b7cbfdb76d84efc55c8d630ea99321edeae15febaeb6ad98b255668045d614e72becadf104ac12d83af97cac67b33ae6a1a0621d","ssdeep":"6144:4vKKBUGeS3eLobzmN54jvGgdO1x99wzQcNjH+GpClGKd:XBS3x3PdO1x4RNjHAPd","tlshash":"344423e5e5ec61f04a7ecd1b63f4e9289e98058c533d28a1b804e8e617fc55ed316f05","first_seen":"2026-02-01T01:32:16.057907Z","last_seen":"2026-02-01T15:59:00.360537Z","times_seen":2,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/header.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/header.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 34296\r\netag: W/\"PSA-aj-LmmkwdaqK3\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:39 GMT\r\ncache-control: max-age=312727307\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lKJQ2kYxW%2B2dV13O2kl1%2FJ9XWPdTNJkN5prwCN%2BC1GhkHY%2FvpYF%2FcA%2FV7tPLHkZzy0ZQQUuLjIE%2FyQgDPPBk413ib0uEjW9gEgnTjzg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6bc9d1f0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21410,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 460x215, components 3","md5":"2e69a4c1d6aa2b76bb086cd927a301cc","sha1":"bf1d220a7d9300e5b72d7485f1b077083aea33b0","sha256":"4f7af3584521cfa10bcf4a0d6c9225a7741e1af6acc9cf60497b6d8f57992298","sha512":"d066c7eeaae9b4f0865e0c53b58be80000ccc699f5717f159ba48f0c127d84e78e13ad8aed3b92e6a6ebdd6fa3d0e90383d828c1898fb7d033f0fcca13e2c9ae","ssdeep":"384:UT0bXoaFTzPXwSyHimHd7oiF2l5Tbw2PZhA4J2QtsfVCB+u92zdJRiBAUNUzuZbZ:w0bXtxzm97NF2l5vlhaQtstG+S2pJkBv","tlshash":"cba2d172be1c0445d50c9d640dcd6a183b50c617d929b7a260e39f9c6f60f9ca5f893b","first_seen":"2026-02-01T01:32:16.052024Z","last_seen":"2026-02-01T15:59:00.361439Z","times_seen":2,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/avatars.akamai.steamstatic.com/b01e88762397b1160f507eafadc0d65e3785e4e0_medium.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/avatars.akamai.steamstatic.com/b01e88762397b1160f507eafadc0d65e3785e4e0_medium.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 2488\r\netag: W/\"PSA-aj-PMhkytN7PO\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:40 GMT\r\ncache-control: max-age=312727308\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jla5eLBGtYrhYe8Jg0XcxmovTh0e%2BPxtKj8XPS%2BOIvG7qJNef6NYtWMAFt87wknN7w8VWMnBLvpqnyJ%2FKy7PyO%2BX%2F7zKQG%2BntyyHzxo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6ba8cb60daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1869,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3","md5":"3cc864cad37b3cec5c592d6e283c18b8","sha1":"a74cd5d1ea3c610214ee00a89445acb0f682966e","sha256":"a547be1a7b2fa13e2f3b3d81026991157f29f1e33562f0e267ba4a3f364badc7","sha512":"4d3180c68e9dcd6f65cb7fa632dae12ff5b4c557e5aa53bce89c5c960e89709960f31d402ac412dbde68533b2703c43491d3b4f0632e99bd7e90e25462e8306f","ssdeep":"","tlshash":"f8312bcac5337612ddbf1c392710b3d39645af4411105bad5ee67c6c93b588d44e68e0","first_seen":"2026-02-01T01:32:16.04697Z","last_seen":"2026-02-01T15:59:00.362376Z","times_seen":2,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:36.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 21 Jan 2026 08:26:32 GMT","end":"Tue, 21 Apr 2026 09:26:27 GMT"},"fingerprint":{"sha1":"90:9B:CE:CB:FE:F2:C6:A9:53:13:5D:52:B6:07:F4:B4:84:28:97:60","sha256":"61:49:94:E8:FB:D1:24:14:DF:C9:92:BE:60:84:A8:D8:37:E3:89:DC:42:7B:0A:64:D3:F2:32:FD:D0:93:4C:4B"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:58:36 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::gv5lr-1767495562922-401ec0c56245\r\nlast-modified: Sun, 04 Jan 2026 02:59:23 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 2465953\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GVq2TAGhCtZ52LJssyJlXinulOc3DNuW0WrI1H1GpGPeHiSpz5wOLDIb1l%2BKulgj5Yu5oJrDWQAH8xXQqIZD3T8rYQJ6ZTf6n7P5jrr9kl8%3D\"}]}\r\ncf-ray: 9c72a6b64ec2b4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-06-08T19:30:16.835599Z","times_seen":39843,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/store.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/store.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 01 Jan 2026 20:55:08 GMT\r\nvary: Accept-Encoding\r\netag: \"6956df2c-e64\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, s-maxage=10\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nage: 0\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iFfGhEnxLByPJPjJu3KzUTPz5tEla8oWcsk43mTNLbDg4gyLj2IXuYtQsD3cqKJ4QUY6EKw5wyOMhRU3VK5RzsfsObL7rmGnstNAEWA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6baccc00daa-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3684,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b7a7e43284e2ffe806ac1bc27c1f6a87","sha1":"e8196489e2ae99ec6eb33995b5a3e108d6e44de0","sha256":"c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb","sha512":"757e4f382a864cac9f975220c28586f5ea415b2e2215375c1a47e011a9190fcd15313d399007539f150a6df0378b8f2022ac88e995693ab03a9f5656bfe40832","ssdeep":"","tlshash":"1c71a6cc37338ba06a95827d1f357ad623b255eae97041e4c3952c262c07ef2ea64d74","first_seen":"2023-04-05T18:00:53Z","last_seen":"2026-06-06T14:36:19.895297Z","times_seen":2466,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":549,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/240/capsule_sm_120.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/240/capsule_sm_120.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 2220\r\netag: W/\"PSA-aj-ENKtKHQ6cz\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:42 GMT\r\ncache-control: max-age=312727310\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A0NmBYMhCAsGZOCUITTExUm9Sx%2FxbfYXFXZC2KKC8MOTS7tFTsbTSqdmtEmwC5E6I1fV8HKMqO9%2FTNegcsS4RQZe%2FaAXOsxj84OZYbk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6baccc10daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1845,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x45, components 3","md5":"10d2ad28743a7331bb38d800e74fbecc","sha1":"c3753a05231971ddd0fbc946ac45a8ce9f73596a","sha256":"841fab5abc7e4ca25fa333937f6a619f68f7cf1a7d1b6d4e8758c4ded44e3f0f","sha512":"dd0d8eb6aeed43fa4e222277fee66658cfaa3e2058d2f79c17a32a15c7cd6d0f192dd16b03e4f9e95b6016a9a1af776a57eab068fcefda77ffb25354658672df","ssdeep":"","tlshash":"e731eb1753c5f406db1d1b7e897a6f129f828b205a01697c08ecbb6d5664db00ff7534","first_seen":"2026-02-01T01:32:16.06222Z","last_seen":"2026-02-01T15:59:00.356437Z","times_seen":2,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/ss_13bb35638c0267759276f511ee97064773b37a51.116x65.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/730/ss_13bb35638c0267759276f511ee97064773b37a51.116x65.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 4851\r\netag: W/\"PSA-aj-9D6RAjj07U\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:40 GMT\r\ncache-control: max-age=312727308\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DQYVXQdSi3zIcqgBY7VtPuGKrGPZncMkLR57ZXlLW%2FolVlUjD59LVAKZ701iLIHZGwlIv48UJC7hU%2BpSFP08VjCXo3L6t82Htta%2BgJc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6bd5d2d0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3487,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 115x65, components 3","md5":"f43e910238f4ed4707860a0223b6075e","sha1":"f8a94657a521c173543bc6233cd00a7585f37ef7","sha256":"85e2df1bb6b1db73de25660da4a969a7f8a51070bc1f729e236d2d40d4a3eaf9","sha512":"acb208a9bb1ccb49b5a52a10e3f11a3d4ecce6d8e4a3e83fa70af9627d39842ac64f2dee705495cf5d9fd05dff8f0db4bb6e1a1c46d45fa12989edced5b6ac04","ssdeep":"","tlshash":"f2717c65154dedafc8bf3e7d084c1b05da42acd87c225f061f5d0ad033b97dcaa48042","first_seen":"2026-02-01T01:32:16.049439Z","last_seen":"2026-02-01T15:59:00.364256Z","times_seen":2,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/2406770/bb577b428ed83ff9e3aa1c64844d1561814dffca/header.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/2406770/bb577b428ed83ff9e3aa1c64844d1561814dffca/header.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 32363\r\netag: W/\"PSA-aj-_vN9-jToy-\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:39 GMT\r\ncache-control: max-age=312727307\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MwlZZrlGzqYBm85BwzD0J2byP2M%2Fv%2FgZgaKNMWjF7EuSH%2FD5PazKeSwHX2tMvvLrGI2wnuwN6OAkUBhfJN%2BessjFEokYRf5OqCe9c2c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6ba7cb00daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20900,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 460x215, components 3","md5":"fef37dfa34e8cbe7682d4904392bc091","sha1":"97fbba93b8d813a2ef1bc214f02c1eff7a14d5a1","sha256":"b81231c4a3f501394f111c46940c3a601a1af0265cce7f4d7a223afafad605d7","sha512":"a1a70b85eb197d6d9b956541f6acde83a183948e72900117a05d02f1181ffacbbb0edd66768243c224cb184b8dc880210a2b8c7c99e436b2990cfafe6a62caa8","ssdeep":"384:c13o/4gWotq4UjIfg43G+XaRyAy1FRfZ1R8/jhHrTXdJn6F24:cRo/4atq4dfgoGSaYAyrT8/l/XW3","tlshash":"7892c0c76fddacd0648f75b130262b4503ae8822e221b5eb405f76e633371695ef4549","first_seen":"2026-02-01T01:32:16.046058Z","last_seen":"2026-02-01T15:59:00.365242Z","times_seen":2,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/avatars.akamai.steamstatic.com/b01e88762397b1160f507eafadc0d65e3785e4e0_medium.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/avatars.akamai.steamstatic.com/b01e88762397b1160f507eafadc0d65e3785e4e0_medium.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 2488\r\netag: W/\"PSA-aj-PMhkytN7PO\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:40 GMT\r\ncache-control: max-age=312727308\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t0908ZAYFpTEpPITFRmcQDtfm5NCvbXC2HL3bPf1Qjnwv%2Bmf8X40s%2FH6NN1Pxq7qfvZHprs5YBGo29jH4oSvXbmkVTHgYQEJoYykB2E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6baccc50daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1869,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3","md5":"3cc864cad37b3cec5c592d6e283c18b8","sha1":"a74cd5d1ea3c610214ee00a89445acb0f682966e","sha256":"a547be1a7b2fa13e2f3b3d81026991157f29f1e33562f0e267ba4a3f364badc7","sha512":"4d3180c68e9dcd6f65cb7fa632dae12ff5b4c557e5aa53bce89c5c960e89709960f31d402ac412dbde68533b2703c43491d3b4f0632e99bd7e90e25462e8306f","ssdeep":"","tlshash":"f8312bcac5337612ddbf1c392710b3d39645af4411105bad5ee67c6c93b588d44e68e0","first_seen":"2026-02-01T01:32:16.04697Z","last_seen":"2026-02-01T15:59:00.362376Z","times_seen":2,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/community_assets/images/items/730/c30260bb120bf1379f075802653c8eb86da7a7e9.png","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/community_assets/images/items/730/c30260bb120bf1379f075802653c8eb86da7a7e9.png HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 94069\r\netag: W/\"PSA-aj-SR3LU4j8CL\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:37 GMT\r\ncache-control: max-age=312727305\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VSAHuZsUmTaj5jOeVgGpqW4tdDVDZQmBntf4fgR26NZ8JsY4sHj1OToxBqoMR0vdJz3F2f8dL1un6%2F1M3xUfqP4Y%2B32eVvllXd8Q7oQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6bd5d310daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92847,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 244 x 244, 8-bit/color RGBA, non-interlaced","md5":"491dcb5388fc08b56b0b88a361abc1aa","sha1":"f85459975683259ab0a341cc61c6bd6a14cdfe03","sha256":"c33d62c321d1b77df5247bc37e95be18c0cda581e2695558bdd3d6b3a2392955","sha512":"d46bef0b030a696bba2f95feed4b111fbf1b3ae8923cba19f69c75ada37e69f40d7f77673fd155d4b42562a41d3c28b77f333b2cee792048c74ed45c4ff25098","ssdeep":"1536:NQFXCexuUyQbBlIRrfZbNOtPa+gzkpFA7kfHPavidtGBUabjMUg0CYfJWXLav59D:kxuUyIBlIlnPCNC3MUgLXG51P","tlshash":"be9302c4f1e4599b0e2f4e65d9dd1d026c3a4ae6cb6ccb3c849a33cd6695181b0f1f92","first_seen":"2026-02-01T01:32:16.055564Z","last_seen":"2026-02-01T15:59:00.366262Z","times_seen":2,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/favicon.ico","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 15:58:38 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400, s-maxage=10\r\ncontent-encoding: br\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TArnDCJLLbeDte6iHRH9BtC%2FlK8biCOucCUWs1%2BoWjtpHYee4UNaCMV3KL8ZhCmSvq5einyT53DazA8AiAIv5btlO7yGPlid3ghY988%3D\"}]}\r\ncf-ray: 9c72a6bedd5e0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-08T19:36:24.63917Z","times_seen":524195,"resource_available":true,"data":null}},"time_used":584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/300/capsule_sm_120.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/300/capsule_sm_120.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 2031\r\netag: W/\"PSA-aj-Bs9fSmX3Xf\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:35 GMT\r\ncache-control: max-age=312727303\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jfSG%2BlTaRK5pD5INX7oerCL7rKqAWW7LVmF4QOVDS5wPH1kguQPFCNjc0x1Uw6nLHTRDkQ8gSieUAutLqSspTIZQX%2FbacZZ%2FRRSe1dg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6ba6cae0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1654,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x45, components 3","md5":"06cf5f4a65f75df4db1bc9345268733e","sha1":"4f25add98cfa9af971a946a3916324f8462782e7","sha256":"db972a7ba11e890f048d91d6ae8d951e8d6f87151669187a86c7f06315570897","sha512":"26124d11cfdd09da081516645abc3ccc8c3e9fbef2b8f76a1bd43e6b19ebe3f9b61cba05e9b7b681b3585136862649ee794459988ebb4d828665af9da4bfd143","ssdeep":"","tlshash":"6b310523d626621beb0082bd02b0ade6e74002d5d95ecbb0a0694c7c5c73eb1007acca","first_seen":"2026-02-01T01:32:16.05877Z","last_seen":"2026-02-01T15:59:00.353225Z","times_seen":2,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/2073850/7cb28d822b86affe0f10eef8fe62caa7d5edd178/header.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/2073850/7cb28d822b86affe0f10eef8fe62caa7d5edd178/header.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 32246\r\netag: W/\"PSA-aj-BkQHdyj9RX\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:36 GMT\r\ncache-control: max-age=312727304\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zFmlj5Z0AwZyZD1pPtjpP9IV2zGjvdmEs0dShyb66xu43SIKPyTLprKMdIL5KEDEPavQkksij%2B2Reb9sGywdhsLnaNVbQ6GQjg3i4mA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6ba7cb20daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20720,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 460x215, components 3","md5":"0644077728fd4571b1618d275f1a1734","sha1":"c1bad78513b6d5c7e9599574775f61680c659cc8","sha256":"65375994c411e7309705ba1d19df8a11e01c4b7f95eee9937ffc8c3f73c20a93","sha512":"ccdeba43cf00b5c1f65dd21c6021325b9bec953a66b9eda53446f6f66b19195562678fbfa5dd7ffc87c80e1fac23dcfb7ce5f41f11c4fe800dbbc68912b8f5ff","ssdeep":"384:JtHhXjsP5XuROBZBJF5QVFiKPi2XySxl+6rJs5DSJ0hcD4blPECXy8Y8Su3xXp:zHpsPRSOB3JvQ/9XySxA61oDomHbqHty","tlshash":"1392d07ad2c794c9fe5c76bf88d8f2c697d281ee255152c9719164ec0303bc858b923d","first_seen":"2026-02-01T01:32:16.057206Z","last_seen":"2026-02-01T15:59:00.346593Z","times_seen":2,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/2406770/bb577b428ed83ff9e3aa1c64844d1561814dffca/header.jpg","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:37.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET /images/shared.akamai.steamstatic.com/store_item_assets/steam/apps/2406770/bb577b428ed83ff9e3aa1c64844d1561814dffca/header.jpg HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini555.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nx-original-content-length: 32363\r\netag: W/\"PSA-aj-_vN9-jToy-\"\r\ndate: Sun, 01 Feb 2026 15:58:37 GMT\r\nexpires: Sun, 30 Dec 2035 14:13:39 GMT\r\ncache-control: max-age=312727307\r\ncontent-encoding: br\r\nage: 52005\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TnsDB8c3Emf2trxCTKO3G4Ep%2F3OXPqGnn2DVTd1LO97s%2FH%2BI77akQs8u8zoB2uXgFQRSYOJRg982j7r1FeLm8bKF2soKkkBs7HfIieI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c72a6baccc30daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20900,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 460x215, components 3","md5":"fef37dfa34e8cbe7682d4904392bc091","sha1":"97fbba93b8d813a2ef1bc214f02c1eff7a14d5a1","sha256":"b81231c4a3f501394f111c46940c3a601a1af0265cce7f4d7a223afafad605d7","sha512":"a1a70b85eb197d6d9b956541f6acde83a183948e72900117a05d02f1181ffacbbb0edd66768243c224cb184b8dc880210a2b8c7c99e436b2990cfafe6a62caa8","ssdeep":"384:c13o/4gWotq4UjIfg43G+XaRyAy1FRfZ1R8/jhHrTXdJn6F24:cRo/4atq4dfgoGSaYAyrT8/l/XW3","tlshash":"7892c0c76fddacd0648f75b130262b4503ae8822e221b5eb405f76e633371695ef4549","first_seen":"2026-02-01T01:32:16.046058Z","last_seen":"2026-02-01T15:59:00.365242Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini555.vip/","fqdn":"gemini555.vip","domain":"gemini555.vip","tld":"vip"},"ip":{"addr":"172.67.204.133","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-01T15:58:35.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini555.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:31:12 GMT","end":"Wed, 01 Apr 2026 13:29:41 GMT"},"fingerprint":{"sha1":"8C:90:26:3D:B0:BD:27:85:30:17:13:6B:CB:71:EA:10:44:51:AF:DC","sha256":"72:E5:93:83:FF:D4:7D:34:01:45:70:0F:BD:12:9E:18:24:02:62:F9:FD:66:B8:D2:AC:D2:54:DE:74:58:DC:84"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gemini555.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 15:58:36 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-permitted-cross-domain-policies: master-only\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=0, no-cache\r\nx-page-speed: 1\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Oy4YIGgciE5ux%2FsXXPjmt8avRpPot6QkawtQ5w6B3ZmeL7uj4WozQSpSTn1Y%2FN%2Flp5K8mCDYSF4sqoCsU7hPoDD0n%2B2vxCUHojrs\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c72a6b03a64b51e-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google PageSpeed:1","description":"Google PageSpeed is a family of tools designed to help websites performance optimisations.","website":"https://developers.google.com/speed/pagespeed/mod","common_platform_enumeration":"","icon":"Google PageSpeed.svg","categories":["Caching","Web server extensions","Performance"]}],"data":{"size":5258,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (326)","md5":"a81ea3c09eaffb00ec1ee4ccb7c900f9","sha1":"1cb10f956308a55115c1c7ed83192fbe0bbc9c71","sha256":"2bd1be449b78335977c796204d9e558d2f204f9bea3ecb09433b62e29435934d","sha512":"03560070b883d74629dc55773330f3a561afa5c47a4b8007815fc23bfb91aa1074df9a5e650754527466c30341c6a968477cba4ef48b5b2cc8e08509c6efd17c","ssdeep":"96:yDStW1ZthVStAxkSStypVhgi1PxGzm/NmH/4SthTN8/h7AUsKJK66JB:qztRv7hXx+m/NIrTN8VAc0XB","tlshash":"46b144f7bc088ca42e150405a761b34490185c276f62b4c4f5fe649ebbd8f568877ecb","first_seen":"2026-02-01T01:32:16.060068Z","last_seen":"2026-02-01T15:59:00.367378Z","times_seen":2,"resource_available":false,"data":null}},"time_used":743,"timings":{"blocked":46,"dns":29,"connect":1,"send":0,"wait":648,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"gemini555.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gemini555.vip/","date":"2026-02-01T15:58:36.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 21 Jan 2026 08:26:32 GMT","end":"Tue, 21 Apr 2026 09:26:27 GMT"},"fingerprint":{"sha1":"90:9B:CE:CB:FE:F2:C6:A9:53:13:5D:52:B6:07:F4:B4:84:28:97:60","sha256":"61:49:94:E8:FB:D1:24:14:DF:C9:92:BE:60:84:A8:D8:37:E3:89:DC:42:7B:0A:64:D3:F2:32:FD:D0:93:4C:4B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 01 Feb 2026 15:58:36 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::lscqt-1769961272665-8cc801c6a19b\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 243\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=90Q%2F%2FiYA4UCrbncdtmneHLPmHOrmKrlOIoVEAeXdeZXA%2BPgu%2Bx8FEObrte4Jhkvu%2BEXD0P2%2BFyv9287HfP6asg53p5MuUXFmdGvC6AEntq4%3D\"}]}\r\ncf-ray: 9c72a6b54e0cb4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":5,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}