{"report_id":"563d6536-8c03-4548-b0a5-7f7c4ca48c71","version":6,"status":"done","tags":[],"date":"2026-04-30T10:54:19Z","url":{"schema":"http","addr":"new-autha.cyou","fqdn":"new-autha.cyou","domain":"new-autha.cyou","tld":"cyou"},"ip":{"addr":"62.77.158.10","port":0,"asn":212531,"as":"UAB Interneto vizija","country":"Lithuania","country_code":"LT"},"final":{"url":{"schema":"https","addr":"new-autha.cyou/","fqdn":"new-autha.cyou","domain":"new-autha.cyou","tld":"cyou"},"title":"تسجيل الدخول - Vooply","dom":{"size":19846,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14649)","md5":"1986ce4f2caad40b72c2b57ee4c25bef","sha1":"7074ff007e43ba7fb42b927bb0ad8426befa86f7","sha256":"14d45e66868bc731e224439ee145a8722d851e16a41cda847559adf37466377a","sha512":"f94f0864ef9150972be9dc84045b2feaa2619a52441645cc47d1f4abd63a58821bc0dac96b2690e2804fc3743564588bebff1e67275ccbd6004fa2aab491e7fe","ssdeep":"384:/O8U5Q6nBOmEAUU/cxksc64Jysq7vGj1ptYY0Yx:tsnB7cxksc64Jysq7vGjJYY0Yx","tlshash":"20928740741c02786d3fea55eac4a72ce025b842eee34466b10d148be6d3ff535fab95","dom_hash":"domhashc6161d34d4a98a2c4ce903772c1bb8ae","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"new-autha.cyou","fqdn":"new-autha.cyou","domain":"new-autha.cyou","tld":"cyou"},"ip":{"addr":"62.77.158.10","port":0,"asn":212531,"as":"UAB Interneto vizija","country":"Lithuania","country_code":"LT"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-04T10:54:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"new-autha.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"new-autha.cyou","ip":{"addr":"62.77.158.10","port":443,"asn":212531,"as":"UAB Interneto vizija","country":"Lithuania","country_code":"LT"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":4,"request_count":4,"received_data":682907,"sent_data":1781,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-26T22:20:29.825994Z","alert_count":0,"request_count":1,"received_data":17441,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-26T22:16:47.246638Z","alert_count":0,"request_count":2,"received_data":87940,"sent_data":1098,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"new-autha.cyou/assets/index-iunAUQC2.js","fqdn":"new-autha.cyou","domain":"new-autha.cyou","tld":"cyou"},"ip":{"addr":"62.77.158.10","port":443,"asn":212531,"as":"UAB Interneto vizija","country":"Lithuania","country_code":"LT"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa6887101f47ba774343aed2f4777ee2","sha1":"ff897139b00c72465e6e5846922f397eb134735a","sha256":"dbb7bfd80734c4372e182fc5f3eaadca81b73d12545ef5a312151452cc1415e6","sha512":"f8ce3b84245d8671019d4f71b1db1e2b27d836c80833e51f8c1ec7627d7340b48aa7a6ccb065c9455522d4d88d6885e2d52afe24e040fb3aa05ddc9034a83aae","ssdeep":"12288:JrBdxXGlLTDpxYc+je0BsCEFoGoSMIyCgwVItDoeIwAH:JsJTDpvysVoGoSBJH","tlshash":"20d46cc471aaa0750ba245e1907f0103f23d3916740e8064f26d9eef7bb9d45a27bfb9","size":597807,"data":"","first_seen":"2026-04-30T10:54:26.932041Z","last_seen":"2026-04-30T11:07:55.866581Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"new-autha.cyou/assets/index-iunAUQC2.js","fqdn":"new-autha.cyou","domain":"new-autha.cyou","tld":"cyou"},"ip":{"addr":"62.77.158.10","port":443,"asn":212531,"as":"UAB Interneto vizija","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-autha.cyou/","date":"2026-04-30T10:53:58.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpanel.new-autha.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 19:03:15 GMT","end":"Mon, 27 Jul 2026 19:03:14 GMT"},"fingerprint":{"sha1":"8C:28:91:D1:1C:67:B8:F8:4D:83:C9:BE:15:E0:14:6F:BD:DA:89:2F","sha256":"CD:5A:7E:39:0E:71:73:96:B4:0A:71:39:82:A9:9C:E8:A6:B2:C4:8C:3E:E7:C5:CE:3B:8C:8E:86:E6:7A:DF:5F"}}},"request":{"raw":"GET /assets/index-iunAUQC2.js HTTP/1.1\r\nHost: new-autha.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-autha.cyou/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 28 Apr 2026 15:45:12 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=604800\r\nexpires: Thu, 07 May 2026 10:53:58 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: application/javascript\r\ndate: Thu, 30 Apr 2026 10:53:58 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":597807,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37534)","md5":"fa6887101f47ba774343aed2f4777ee2","sha1":"ff897139b00c72465e6e5846922f397eb134735a","sha256":"dbb7bfd80734c4372e182fc5f3eaadca81b73d12545ef5a312151452cc1415e6","sha512":"f8ce3b84245d8671019d4f71b1db1e2b27d836c80833e51f8c1ec7627d7340b48aa7a6ccb065c9455522d4d88d6885e2d52afe24e040fb3aa05ddc9034a83aae","ssdeep":"12288:JrBdxXGlLTDpxYc+je0BsCEFoGoSMIyCgwVItDoeIwAH:JsJTDpvysVoGoSBJH","tlshash":"20d46cc471aaa0750ba245e1907f0103f23d3916740e8064f26d9eef7bb9d45a27bfb9","first_seen":"2026-04-30T10:54:26.932041Z","last_seen":"2026-04-30T11:07:55.866581Z","times_seen":2,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"new-autha.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://new-autha.cyou/","date":"2026-04-30T10:53:58.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Roboto:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-autha.cyou/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 30 Apr 2026 10:53:58 GMT\r\ndate: Thu, 30 Apr 2026 10:53:58 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"4c8ef72eb043b6205edde8d9e910787e","sha1":"fa8b1cd29ea6e9bd2113a33d10ab096306430f37","sha256":"0031e12119f0b0e9820611dc4e888b0decf9c9924e4b2bea291397e70105305a","sha512":"80bf1edac61df533f32176b490302e90a6213b72b5ea335092fa25128a4229cc7967e5c4cdc6cec06c923335260d0ecb779fad1b36a26ff616b4eb4465e34e7f","ssdeep":"384:89fM919W969yh9/qY4X9N9t9i9fD9O9d9B9ya9/qY4Q9G9m949fd9k9D939yQ9/O:8yjooYhREHPM5svvYaR7AIWP2ZZYQRVs","tlshash":"8c721fa1041744009b838ce223cebf35fe1f52117142d0b5abfd9b6baddbca6526936d","first_seen":"2026-02-19T23:44:13.889102Z","last_seen":"2026-06-07T20:47:46.878035Z","times_seen":4209,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":106,"dns":1,"connect":8,"send":0,"wait":24,"receive":0,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-autha.cyou/assets/index-BSRdc2qQ.css","fqdn":"new-autha.cyou","domain":"new-autha.cyou","tld":"cyou"},"ip":{"addr":"62.77.158.10","port":443,"asn":212531,"as":"UAB Interneto vizija","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://new-autha.cyou/","date":"2026-04-30T10:53:58.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpanel.new-autha.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 19:03:15 GMT","end":"Mon, 27 Jul 2026 19:03:14 GMT"},"fingerprint":{"sha1":"8C:28:91:D1:1C:67:B8:F8:4D:83:C9:BE:15:E0:14:6F:BD:DA:89:2F","sha256":"CD:5A:7E:39:0E:71:73:96:B4:0A:71:39:82:A9:9C:E8:A6:B2:C4:8C:3E:E7:C5:CE:3B:8C:8E:86:E6:7A:DF:5F"}}},"request":{"raw":"GET /assets/index-BSRdc2qQ.css HTTP/1.1\r\nHost: new-autha.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-autha.cyou/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 28 Apr 2026 15:45:12 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=604800\r\nexpires: Thu, 07 May 2026 10:53:58 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-length: 10481\r\ncontent-type: text/css\r\ndate: Thu, 30 Apr 2026 10:53:58 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":62129,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (62128)","md5":"7bcaf52c63fa93896b82a53b0b955cc5","sha1":"5f4f455554caf57ddba32e11e1b8065b1580f67c","sha256":"b04993ccc0d57c1b6bb777df270fac4a7c443d76c15558504a167aba73e4aba2","sha512":"447462560204b6ec4a005ab3b5130d28b1cf4ff5bccbc4f9f61c3d4935c4166cc1691ee29378d9cf98080eec76bb7afe31421ea1d1e6e7debd6c25d6270564ae","ssdeep":"1536:9hneqYTktUxWaGPDr378VQZkt5FNCoNrN:9hnetktUxWaGPDr378VQZkt5FfNrN","tlshash":"66539419b91d617e2c2780f883ccb9ec510af0c0de3b06b5be9a41316ad37f659b7558","first_seen":"2026-04-30T10:54:26.935165Z","last_seen":"2026-04-30T11:07:55.869626Z","times_seen":2,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"new-autha.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://new-autha.cyou/","date":"2026-04-30T10:53:58.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://new-autha.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 29 Apr 2026 22:40:32 GMT\r\nexpires: Thu, 29 Apr 2027 22:40:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 44006\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-07T20:34:13.217973Z","times_seen":181023,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":109,"dns":0,"connect":21,"send":0,"wait":22,"receive":30,"ssl":86},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://new-autha.cyou/","date":"2026-04-30T10:53:58.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://new-autha.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 29 Apr 2026 22:40:32 GMT\r\nexpires: Thu, 29 Apr 2027 22:40:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 44006\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-07T20:34:13.217973Z","times_seen":181023,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":223,"dns":1,"connect":21,"send":0,"wait":21,"receive":12,"ssl":198},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-autha.cyou/favicon.ico","fqdn":"new-autha.cyou","domain":"new-autha.cyou","tld":"cyou"},"ip":{"addr":"62.77.158.10","port":443,"asn":212531,"as":"UAB Interneto vizija","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://new-autha.cyou/","date":"2026-04-30T10:53:58.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpanel.new-autha.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 19:03:15 GMT","end":"Mon, 27 Jul 2026 19:03:14 GMT"},"fingerprint":{"sha1":"8C:28:91:D1:1C:67:B8:F8:4D:83:C9:BE:15:E0:14:6F:BD:DA:89:2F","sha256":"CD:5A:7E:39:0E:71:73:96:B4:0A:71:39:82:A9:9C:E8:A6:B2:C4:8C:3E:E7:C5:CE:3B:8C:8E:86:E6:7A:DF:5F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: new-autha.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-autha.cyou/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 27 Apr 2026 15:11:40 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=604800\r\nexpires: Thu, 07 May 2026 10:53:58 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-length: 19989\r\ncontent-type: image/x-icon\r\ndate: Thu, 30 Apr 2026 10:53:58 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":20373,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"9f504444f85a5af2eef9264b02ae40be","sha1":"dd15dcde9da684402cd56070688bc4d18d2ebb46","sha256":"dd821076a9b03adc2173c93956226aea3d92482d7578fc4339c5d3a2e9c24586","sha512":"e5dbd729746c77d5ec72483a822c6df608086e5877a1ac146cd3e347a2fcaf50af6c561fc4477923925e9bc9d81b65010e911a40b830a637fddd666972b6651d","ssdeep":"384:zvAOjbCDJfSLloocQmVv1Abb/ttPoGwktQ5nuxFqgrssRi:zoiOJfMoNQmVv1AXbXGZu4","tlshash":"3792d10db18eb66d4ff5819bd0f8e53d42c71aa4b4232282cc8229f15db78dd63d2b59","first_seen":"2025-12-01T00:59:47.52305Z","last_seen":"2026-06-07T20:38:46.36782Z","times_seen":2071,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"new-autha.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"new-autha.cyou/","fqdn":"new-autha.cyou","domain":"new-autha.cyou","tld":"cyou"},"ip":{"addr":"62.77.158.10","port":443,"asn":212531,"as":"UAB Interneto vizija","country":"Lithuania","country_code":"LT"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-30T10:53:57.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cpanel.new-autha.cyou","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 19:03:15 GMT","end":"Mon, 27 Jul 2026 19:03:14 GMT"},"fingerprint":{"sha1":"8C:28:91:D1:1C:67:B8:F8:4D:83:C9:BE:15:E0:14:6F:BD:DA:89:2F","sha256":"CD:5A:7E:39:0E:71:73:96:B4:0A:71:39:82:A9:9C:E8:A6:B2:C4:8C:3E:E7:C5:CE:3B:8C:8E:86:E6:7A:DF:5F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: new-autha.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 28 Apr 2026 15:45:12 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-length: 481\r\ncontent-type: text/html\r\ndate: Thu, 30 Apr 2026 10:53:57 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1391,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"97a2e07047b2738ad00c433efd9ea329","sha1":"52690cf613b6a00efcddfa354ceefe7c809ea6c6","sha256":"894309ee4778feb30464903a07a7db6896a5dbd043bb8568457ef746b09a8b6b","sha512":"36ed3967f55c5c8ac0f086badfe5110c26ae840373ae1ff2802b29a250da0683fcf7f046448e6c8c278b5efeed3899a033e385fe73d99e863ebe294d2a795b3e","ssdeep":"","tlshash":"f721e1b35155c8091320c62069c2f418d9b28547c70afc98b2ae20ef4fc5fd0c2fb6b1","first_seen":"2026-04-30T10:54:26.939218Z","last_seen":"2026-04-30T11:07:55.84396Z","times_seen":2,"resource_available":true,"data":null}},"time_used":382,"timings":{"blocked":163,"dns":79,"connect":36,"send":0,"wait":56,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"new-autha.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}