{"report_id":"5eec0b85-be4f-4b10-82b3-c08b20079352","version":6,"status":"done","tags":[],"date":"2026-01-05T20:58:28Z","url":{"schema":"https","addr":"gearsvalo.top/","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gearsvalo.top/","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"title":"Valorant","dom":{"size":69520,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (24991)","md5":"acce1d06f1c8507dcb5ceaf41a92f37b","sha1":"91d21b92fb47dc6b84a37d72f6bb79e3ce84bfb1","sha256":"6670ab40f7eab5007bfff682b7d3650b800f4b00c1ecaf4347a0b79a2f0abfec","sha512":"4ae293d4d8425328f52351a5221e3bf69f42c35ec9318e3ebb3a4b984c17c51de4f06856b4bd895ce56ceea3e67818a00f3c23ff5746d4c089a1a372c15fd113","ssdeep":"768:WGQMJVzK92klriX78OQVPLLkGAXw6zvg12yscm2/L5:WGdJlKu8/9Lsw6zvg12yscm2/l","tlshash":"e463632511f015a44017eea579b2af1e5e31d553ef520d4c33ac9af24fbac83ee2e909","dom_hash":"domhashda0e36ab41e91fc4dc1a8129624ec90d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"gearsvalo.top/","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T20:58:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"gearsvalo.top","ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-23","domain_rank":0,"first_seen":"2026-01-05T20:58:29.692208Z","last_seen":"2026-01-05T20:58:29.692208Z","alert_count":93,"request_count":47,"received_data":2860938,"sent_data":21294,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gearsvalo.top/main.js","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"50b88e2a4ec4649c2f1574a268b862f1","sha1":"bffea3b75e7434a17d6d8dbfa2526d81d48fa10e","sha256":"b5ec3532746a58fbbf0fe16676cb0de68f70f542973f59b25368beeec01b0d4a","sha512":"cb37a8021516192517dbc8a1979b4c7b17d6260cc65ab27e8c29427f85f5d2e5178569cb8f29fecc82682aa1bc7b0fa623bd2635b57c5d004d4cec55817742ad","ssdeep":"192:GHjJCv281NaJY0eGC1NccaIrbo4S8LB/HvuKRf:GHUv28HaJTq12Z8LB/zRf","tlshash":"be1251116f80675b27c65eff362390e0d198241efa41898fd01c98f868a670bedd2ab5","size":9520,"data":"","first_seen":"2026-01-02T22:48:02.274568Z","last_seen":"2026-02-08T12:14:09.240623Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/jquery-3.6.0.min.js","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4c5675ea97db85460016f2e43880888","sha1":"1a545a30dcf23fcef8545842d202f6cf5c7f2ba2","sha256":"6e1cccd429a180d7f27c0a85f7234af9b6c173f55b91ebba65362b1afea319ed","sha512":"baca74ace37282d46a58e6ca2f8a099af37d57fc6eed8807e8c53a4004e856c733648acb21cef5fcf6b906bbc9400eaade2bf60a7b3fae72c89b636cfa54b7db","ssdeep":"3072:rPi51vm3ViMky5ySYTpyTaePHvakuTWklm/0o+tUJ+cNsTQC9+m2P3YU7oPNsRik:rPi51vEVsy5ySIpyTlPHvbuTWklm/0ox","tlshash":"18045f9a669524398137f37eae6f8905f0b21b3f028649033d3c81565f72914a7b6fec","size":173703,"data":"","first_seen":"2026-01-05T19:01:47.717743Z","last_seen":"2026-02-08T12:14:09.237159Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/roulette.js","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d0b8ac383d69b550952316709e1085d","sha1":"fe0a85599a4e40b4440bdf61591460707d619f5c","sha256":"ad25623e4bb371d9d83243c354df0e154f1ab121e57c747a79be8e06dbdb454c","sha512":"05ae48bf1a613f6bb6bb97072db102d2a8fd7767768d0b79a7cd119388da11fa236ed4817173eceab4e61749c795d47f519eb89e3d56a1eac12eb11636a4c1fe","ssdeep":"96:2519ImViH5v/oNrRt1Kum6R1yu9XjcY0M9byGAxqgzJBNBuqNidN1N801mhHEnvN:23amVCNwbKc1BXjcCezLNBuqNi31N801","tlshash":"d0c14fa49d801a9e232a0ffbf63f28e8c254475b65cc874b9244d80aad2053bf3f5534","size":5627,"data":"","first_seen":"2026-01-05T19:01:47.768658Z","last_seen":"2026-02-08T12:14:09.216469Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gearsvalo.top/roulette.js","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /roulette.js HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:08 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gq0otiNDh3BYWzBEjuR64%2FfAc5OuzAru1B7IdceXm2WSyU4NUOuKWQxymBpOc%2BY%2FaJR17IapXkeXWIixgHl6sbQWoP9olTeRG6SW\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 25 Oct 2025 08:49:18 GMT\r\netag: W/\"15fb-19a1a8ed179\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9b95e45298d67130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5627,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5627), with no line terminators","md5":"1d0b8ac383d69b550952316709e1085d","sha1":"fe0a85599a4e40b4440bdf61591460707d619f5c","sha256":"ad25623e4bb371d9d83243c354df0e154f1ab121e57c747a79be8e06dbdb454c","sha512":"05ae48bf1a613f6bb6bb97072db102d2a8fd7767768d0b79a7cd119388da11fa236ed4817173eceab4e61749c795d47f519eb89e3d56a1eac12eb11636a4c1fe","ssdeep":"96:2519ImViH5v/oNrRt1Kum6R1yu9XjcY0M9byGAxqgzJBNBuqNidN1N801mhHEnvN:23amVCNwbKc1BXjcCezLNBuqNi31N801","tlshash":"d0c14fa49d801a9e232a0ffbf63f28e8c254475b65cc874b9244d80aad2053bf3f5534","first_seen":"2026-01-05T19:01:47.768658Z","last_seen":"2026-02-08T12:14:09.216469Z","times_seen":6,"resource_available":true,"data":null}},"time_used":1193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/BlenderPro-Bold.woff2","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /BlenderPro-Bold.woff2 HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 21\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\netag: W/\"15-bm7tJgu8FHlq5QU+Y6gDxOGPfRc\"\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8SfBIbsMwSDBRdEnmqjc9wHL5S%2F%2BigfNGkV%2FmWFuRqWbHt5BvlZlfGlgG5pM6ecOjrz%2FiFG0V6FXo3MMCyDDch9g4xHD3qZNmSZ8\"}]}\r\ncf-ray: 9b95e454a9047130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2efae0e06cfdc3eacc743546ff595d74","sha1":"6e6eed260bbc14796ae5053e63a803c4e18f7d17","sha256":"c8d3eae160a892e32837db3dcae515e843e5383fef52b8141940c8bcf8b6d59f","sha512":"0041d86cee0352b6e8af8e9755fbe8ad6db1912b7bc2efd53d19ff60ce8f79a69bbac9bc2bbac25d9fa6d9e9e48d8bcc241fe04776c23c13ba5a2b2896643572","ssdeep":"","tlshash":"c57000082082020e0002e0e0088c283000880a8008308c2000008008800008f8800088","first_seen":"2023-05-16T10:31:07Z","last_seen":"2026-06-08T01:38:03.24594Z","times_seen":519,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/assets/spin_4.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:09.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /assets/spin_4.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 16887\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:03 GMT\r\netag: W/\"41f7-199d4ef187a\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dgiR5IKWphFcb1tkdN5GzK0QU4ODg0HVhBLtLw45ShhV39Tgtbd9z3YMS7gbAPJZy0%2B6jhE5bWoDzkxS5GG1tlngueYBHL28hWnJ\"}]}\r\ncf-ray: 9b95e45f09d27130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16887,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 123 x 122, 8-bit/color RGBA, non-interlaced","md5":"0b3cac33d282a6fb304e96dad4961d6f","sha1":"f6a147440c73713304648b4ed2639694ede11314","sha256":"0d2bb8721578827bcb8e1f0e4030cf0fdb9e31baac481c111a6e5b268ff7c076","sha512":"c86149dcff8d207441ba8e8f39219555b785ef4ba2e4a552effd0254c8abeba0d86da72b40907cbc257e636ffc3eb082ec1aaf1ec437a00e95cee9b3ad81ce0d","ssdeep":"384:ZFzUaFGMR+WQCvw6M825JfTKVq0n68G89GLi8Q3xRW:HzWMQGGB5JLKln61899BxU","tlshash":"8f72d1dc4ad8219afa245ebc18fab8650c1851c8c579e1cec91f84e0bb38dcb4eb0d94","first_seen":"2025-07-17T18:38:35.807221Z","last_seen":"2026-02-08T12:14:09.221993Z","times_seen":10,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/assets/spin_5.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:09.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /assets/spin_5.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 22385\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:03 GMT\r\netag: W/\"5771-199d4ef187e\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jmZF8yjz56qxSAA4famyivmzB8f6Dmus2bz4GaDCBQMjmSWlRkEnz0eVAHawhLKFnzxrbCPxGb5gTMX5HJ9IfaoyuaYGI1VdtX0P\"}]}\r\ncf-ray: 9b95e45f09d37130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22385,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 334 x 73, 8-bit/color RGBA, non-interlaced","md5":"590906e9c13a18b37b0bf36fa34694c1","sha1":"9cbeb791d48e6ac2efb0c4892906fde4b8b8cd3d","sha256":"e4032c5f5fd0ce7fd0d34163083f9a7d725ee0c115ef0f6bb953efab5f59dd06","sha512":"e064cc9bfac852d1f8cf3a36ef87c612d69a75643718677247d073e77598c1d0e2a6ff79491d3b3b4e44ad9e4ff0cbdde9b29fe236355627e735d0b6e39f7961","ssdeep":"384:FENQt5C9SaTQkwE6AlzGRAZcQyb6bK8qlSiZltDIwZLOf9y:qN65C9SiBlhlzci5yj8qUiTKf9y","tlshash":"05a2d0845cd6a032876700d842b6430c9ae263a114da3d29fef94df62b6b55e6ed0eb4","first_seen":"2025-10-11T20:47:29.680684Z","last_seen":"2026-02-08T12:14:09.218876Z","times_seen":9,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/assets/spin_7.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:09.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /assets/spin_7.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 31356\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:03 GMT\r\netag: W/\"7a7c-199d4ef187e\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KCPzYs2oYIH4J%2BTPxtWKtSo47nhhWwfw7z4k3yv2%2BnmHdrl5%2FWlYvHZZ3w2eWI6gpa%2BuNrBITTTRJH02lsX8BOjsHd0WAi%2FaQ9vf\"}]}\r\ncf-ray: 9b95e45f09d47130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31356,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 318 x 92, 8-bit/color RGBA, non-interlaced","md5":"7eaf5ec003ba3362ac43f64c4f92a00c","sha1":"e8c70f3d2250f2149a0a450d7b7e4ca1ed4e25e1","sha256":"b7766405bc2e6579add2a204d89ccc86703192317206a7f1b89e532b325bf23f","sha512":"007c67dfe7397fd6bea46a143b957a31dd0090c5fda92225071729251bf8b48ef6f1b70b23fe0fa3760792cfe8c61491a126a44aac06c99117dba47d58f6339c","ssdeep":"768:nTj+mRSbuJkU6DEqJZEAvCNG85QkDnskVMJRv56:nl6uJ0KACvHsku356","tlshash":"6ee2e2fbe6b3c0f2d5bb7da4452491c369a5e250088821f9b8dbc9e715f84dc1c58784","first_seen":"2025-07-17T18:38:35.824833Z","last_seen":"2026-02-08T12:14:09.235971Z","times_seen":10,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/guns.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /guns.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 55792\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"d9f0-199d4ef129e\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4ab9%2BsNmKY0oDvBlDOGY32LyBY1d8wpZLSUdu6bTSacdljWe2RtxnySEK%2Frg07wJ6GSC8Sz%2BmfKIMFcEDJ53FUPW6QXaQ2VQDQIA\"}]}\r\ncf-ray: 9b95e45298dc7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55792,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 506 x 184, 8-bit/color RGBA, non-interlaced","md5":"1c917fe4fb7c0bd81eec9e1fba55d259","sha1":"dcacba57578f1f1f44457b38f50d0eb1bdfb3ff7","sha256":"1e5aa00697e11abed69feda3d6f14318dc9c97643d5300e0bc44bce444169229","sha512":"3c29ab291832c81fc4abfe425553d97284b830d2825f9aeb2877d142c49a30bef4ade93773d79d8bdde2990f0f97e4e17bd1f9f9119e47bd4e3536f3a4a18c00","ssdeep":"1536:GizHRmI72XZUgRBBtE3gwubA9OGGgAPWEa7tYpF9V0MJ:fzR/72+clbwuE/juZHZ","tlshash":"3443022d786a036e0fbeb460bca34379b38d66dce5e54b757d4148052f743682e19f82","first_seen":"2025-07-17T18:38:35.820043Z","last_seen":"2026-02-08T12:14:09.226023Z","times_seen":11,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/gift.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /gift.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 31046\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"7946-199d4ef129a\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xjCodGnefW3zUXRoWOla8WfqnZSPQUM82kb4WH2i9rNlZm%2BI%2FwosDkBFPdy%2FcG67Xr%2Fqo59CRhH2US4CTCJXKHp%2BA6wmg6o%2FtM7Y\"}]}\r\ncf-ray: 9b95e45298dd7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31046,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 302 x 198, 8-bit/color RGBA, non-interlaced","md5":"5b584d0443a0dbb26bc693ebe88618d5","sha1":"bd16d7017feb10403f44aa98106523ec578052b1","sha256":"801b6e9b26f33211ff8694f877a11b0fbae44436f2470ccca5da94f316bf3467","sha512":"fc292f3b174c1db1190aee916ae6a0ceab5f2775d16a3c304357ad954c3481b0ac15c5120723076d7e9993aa25a3a6940fbfef33d13ce06918b5d406bc04b03f","ssdeep":"768:Gv2w/MSYI93RUdqBj2N7mF9sjOu/IKOX08fjwA:GvJjYYBS8SNqF9QOu/xk08fD","tlshash":"26d2e2dd8a6981cdb9fddcc3f14f9a97551ce8388aaf9d2c3ec0a0c11d54035c25ad5a","first_seen":"2025-07-17T18:38:35.790325Z","last_seen":"2026-02-08T12:14:09.221032Z","times_seen":11,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/croshair.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /croshair.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 51620\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"c9a4-199d4ef1286\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xvNXWEi5tv4Tz6EnGjbQvS8HfVI%2Bzbf6bhu0QCSX39J8kTe7%2FSsgZKiA1S5%2Bn7T5W08kEkVJnI0%2FCkKn9cqxdViPIMVTtf9446Va\"}]}\r\ncf-ray: 9b95e452a8e57130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51620,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 544 x 259, 8-bit/color RGBA, non-interlaced","md5":"cdce87047fea89fbe72d7a291903a66e","sha1":"93f24e63dc629a69515a8acef84988e15bf80584","sha256":"d0a47263542a7fc75e5b572534e88be02651483604c3b723b8a4c2e29805f570","sha512":"303be42e0b09d068e83440edecd9d7ab4b74570f492682cef7a296b25c52160a01f1b82efe9b630611837dc7c8bc89ff33e58d65e3e1fdd3fa24e400239fb334","ssdeep":"1536:HUpy+y9Q+PtyBgbC+8TfN/Jb1O2SyOQ7p:0pMhoBD1dSs","tlshash":"8033f1ff6010dec658ca08bfaff393b97195540691868c7778429ffa5035221d3eae24","first_seen":"2025-07-17T18:38:35.805285Z","last_seen":"2026-02-08T12:14:09.217559Z","times_seen":10,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/news1.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /news1.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 86845\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"1533d-199d4ef12ba\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n7s9yF07nxw%2BvgrXs1BSHWcfpy16zu9jQTSCPlrd%2Brm9mYr1XkJVSb1Tv1HLT%2F8JMBpiXWEscLnfO0B5sV8I%2BDolW5tYjo1ZfsdE\"}]}\r\ncf-ray: 9b95e452a8e67130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86845,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 560 x 293, 8-bit/color RGBA, non-interlaced","md5":"6d3d9f4ae8568e63b099f9e9d34d1def","sha1":"dbc18bcfe8ee491f563efede58d8fea55185aaeb","sha256":"9ba83d062b8896c78ecb54049b24d0e5e47dac1417add48f763df3742d8bcd2b","sha512":"ce54add5cbdaabe06f10fc7b7c6016a323dc49f69e3801c489ad862ebd89c0878433e04dedfb4bca3865d0d518519459c642cacc6c3d601ecc33a97254d8f7cc","ssdeep":"1536:OE5dMMmgfqM86UZrPHyQkRJpMCkjlAsMa6Jr374Qq62TYhmCNcS8SB:OEbMGfY9ytRJJEA7TOTqN37","tlshash":"998302b9244013f2c6a1796f88a3f0eb06d68b8d3fe4e4f59753aa49cd2c471b55c8c5","first_seen":"2025-07-17T18:38:35.829312Z","last_seen":"2026-02-08T12:14:09.231369Z","times_seen":10,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":83,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/BlenderPro-Heavy.ttf","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /BlenderPro-Heavy.ttf HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:58:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\netag: W/\"15-bm7tJgu8FHlq5QU+Y6gDxOGPfRc\"\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IpvudZKLG20Jp%2Br105MR37nMMlc5b1IM2R6RF0QAjExD4VBOXQD2fpjBy5ShbGjsXSdYoEK%2BfkRIL4k58hV2F4v4iU43WHJoBjcr\"}]}\r\ncf-ray: 9b95e45779327130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2efae0e06cfdc3eacc743546ff595d74","sha1":"6e6eed260bbc14796ae5053e63a803c4e18f7d17","sha256":"c8d3eae160a892e32837db3dcae515e843e5383fef52b8141940c8bcf8b6d59f","sha512":"0041d86cee0352b6e8af8e9755fbe8ad6db1912b7bc2efd53d19ff60ce8f79a69bbac9bc2bbac25d9fa6d9e9e48d8bcc241fe04776c23c13ba5a2b2896643572","ssdeep":"","tlshash":"c57000082082020e0002e0e0088c283000880a8008308c2000008008800008f8800088","first_seen":"2023-05-16T10:31:07Z","last_seen":"2026-06-08T01:38:03.24594Z","times_seen":519,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/assets/spin_1.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:09.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /assets/spin_1.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 26101\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:03 GMT\r\netag: W/\"65f5-199d4ef1872\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dPw5PKb%2BmiStr4WfRx8QK5HcZnT%2BQloq4HBgwVBUXEhEyGguBu6bFAvZRujp4m%2FDXLOoG8E1hvBYqdnDQWn%2F7sOXufWI0FlmS7bS\"}]}\r\ncf-ray: 9b95e45ee9cb7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26101,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 281 x 92, 8-bit/color RGBA, non-interlaced","md5":"d3920b48975ce2c5e825976a8a8013af","sha1":"a206e50b3e10ab2304bf4fd654172aa49286e67c","sha256":"c09f148dd00bdf3997196eee1adb6245010b75eab839d442cd11e5151aca361e","sha512":"70487342b409d6dbb518a1eeb0d1531f6a2237b82fd1e9fff85bea171906934f09452fb60f97a8fe9c6b589fa85ac254d5baacfea88abb957ef877e871c39adb","ssdeep":"768:tN6DVX8eYOt4ozSAOF8DU/VL+euFf7xir:/6DFY+4ozSAI8Q/dkji","tlshash":"9cc2f1eb9cd1db1b74be8bb63ac7cd96b00b0c0520ed48e14d30766195b77a42076b36","first_seen":"2025-07-17T18:38:35.833335Z","last_seen":"2026-02-08T12:14:09.24147Z","times_seen":11,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/assets/spin_2.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:09.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /assets/spin_2.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 15749\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:03 GMT\r\netag: W/\"3d85-199d4ef1876\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AwCOtvORGjDDDV8uIKy84F4kFKnwRqnp%2BbkiiUH8qZ1jOgfI3J3kEfj9%2BUkkaOyVmPANY48KsnYWJxoSHaX6vXIt1Z%2FYULyBYLXf\"}]}\r\ncf-ray: 9b95e45f09d07130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15749,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 206 x 79, 8-bit/color RGBA, non-interlaced","md5":"b1185708c4b588b536e8455d6830aa70","sha1":"93a0826ab937b9c1274348bc2c9fdec367afbffd","sha256":"cfee89cbfe981dc9f47fe9a94d02a9632b04097288de1d57f77d0ea833010508","sha512":"662082696864f690bf0cc6201fda1050cebe9d73839bc3d729e7fb05e00c3bffe386cc6aefad27eff75f33a7f0b4d880fa2049ba2385580a0e1193126305a420","ssdeep":"384:+ZrLheoP0ZzvTw25iVDSlBM38n6CALgCydWXid9BZV10gDJKZqBSk25:WrLgvL50wBk8nfALgCZ49HV1bKZqBSk8","tlshash":"7b62e1f8baa8d75a434e467c1cae4830e9e7fe7f1a1802c41567a71837ef192130e085","first_seen":"2025-07-17T18:38:35.815261Z","last_seen":"2026-02-08T12:14:09.232348Z","times_seen":11,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T20:58:06.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:06 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HN5upn5TliGlvNoesq68Sr2oMrABRCHw0iqTSbSYn8ZIs5%2FwP8kAiqrK%2Fd8%2Famz0XIB2wJtbLyABqVe%2F8wymSTKyTtkHJJdUdkD%2Bm2Y%3D\"}]}\r\nset-cookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==; Path=/; Max-Age=86400; HttpOnly\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9b95e450785a3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":63621,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (24991), with CRLF, LF line terminators","md5":"d542cf13ce9731661f6d0bd5098a2126","sha1":"65a3f1be5a23b8ad92253c2438a23bc462f0280b","sha256":"41d70a8d5b9c8dab9845c306de9819d36476db232280c9cca312d78657686e49","sha512":"ccd3dcfbd7298b58cb9d3105ab648cb00cfc32b0649805729313ba856a48110bc40d4b3b58333a1944ff18f9138046e6dc679be374f1bd7f3155ca62f54b99db","ssdeep":"768:xpQMJVzK92klgoNDrO0cLxLkGAXw6zvg12yscm2/Lo:xpdJlKprXSLsw6zvg12yscm2/k","tlshash":"bc53973525e014948027eea579b2ff2dd9358543ef620d4c339c96f28ffa942ee1e909","first_seen":"2026-01-05T20:58:39.055515Z","last_seen":"2026-01-05T20:58:39.055515Z","times_seen":1,"resource_available":false,"data":null}},"time_used":850,"timings":{"blocked":355,"dns":336,"connect":1,"send":0,"wait":135,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/cube.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /cube.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 327293\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:02 GMT\r\netag: W/\"4fe7d-199d4ef14e6\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9R1N%2F3mECndmvW2BQKReG71yuYgjjtl5kTMN7dfrBv0wNEuiUzXyhzEdK%2FBMYYYvtp4w4pgcc19xEfemXye8Q49nFxfVoTAlPZu1\"}]}\r\ncf-ray: 9b95e45298da7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":327293,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 527 x 587, 8-bit/color RGBA, non-interlaced","md5":"6e9661c2b0bda9039ed844619d235fc1","sha1":"89688555332e4d1443854f63b24bdf64a5bceff4","sha256":"498143c28261d848cece0519610e53693b1cd2e7a2c70862e61f0c0b173ad8c1","sha512":"0175c76e1a1fa65be9b51c0d82f2048cbbb6e1ea8504e6e003021410687f13567a53c05fd62330ebf06268cea47f877beec55b94cfc0fd82afa89651b8b4bbfb","ssdeep":"6144:g3f5EFYctfjFolUyOafdJ2xzMs9CUnMk8iBTEWrjwmSC9njcV6OwWPU/dBkyNXC:g3BoZftyOMdJejCUM49zMmSC9guziytC","tlshash":"5264232c860db9d45ce882c1e7115b4f8b65f397ecfab331d232aa419551c12ad47cf6","first_seen":"2025-07-17T18:38:35.823069Z","last_seen":"2026-02-08T12:14:09.223661Z","times_seen":11,"resource_available":false,"data":null}},"time_used":459,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/yt.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /yt.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 346\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"15a-199d4ef12e6\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KKn1lbn2RtXgy2nhl%2Fsj1hduhBCRo%2FYqcf0aumdqKc4NPo9qYYiQvPqeLpWvI9tNU7e99GINv8RmXroAajNAgT7%2FDQdwGvWUdzk0\"}]}\r\ncf-ray: 9b95e452a8e27130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":346,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced","md5":"42928907dbce49eb7ecf0a646232b8ff","sha1":"4755848d0e9e0e6155ce3d4a5de613384364dd9d","sha256":"ac2afb0f006d8b458ee8a1f2b56f0f16ac94188d6ad5c45a861901851e460c10","sha512":"2a5bb6f1fb41d3a0b8c897863f4b5ec5cc7a16a57a0dbe569fbb22c535a156497eabfa20dd37bc38b135576dbf8ec4b1fdefae48fcd41cb78f6640446ebdbc44","ssdeep":"","tlshash":"d8e078c363099eff651c05972153cafc735708575e173e4a4cd05010a55ce22d7156f2","first_seen":"2025-07-17T18:38:35.82099Z","last_seen":"2026-02-08T12:14:09.229809Z","times_seen":10,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/main.js","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /main.js HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F0NP9Cvk10JwBHJTkHoQEWk5tePqI%2FEHda%2FwQII87Tft58JamLpihYJUQiOFCmO7NKi9GQuHzhxHrkXyahGggiQIxuUI8ZRNAiPT\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 25 Oct 2025 08:48:54 GMT\r\netag: W/\"2530-19a1a8e72c9\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9b95e452a8ed7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9520,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9487), with no line terminators","md5":"50b88e2a4ec4649c2f1574a268b862f1","sha1":"bffea3b75e7434a17d6d8dbfa2526d81d48fa10e","sha256":"b5ec3532746a58fbbf0fe16676cb0de68f70f542973f59b25368beeec01b0d4a","sha512":"cb37a8021516192517dbc8a1979b4c7b17d6260cc65ab27e8c29427f85f5d2e5178569cb8f29fecc82682aa1bc7b0fa623bd2635b57c5d004d4cec55817742ad","ssdeep":"192:GHjJCv281NaJY0eGC1NccaIrbo4S8LB/HvuKRf:GHUv28HaJTq12Z8LB/zRf","tlshash":"be1251116f80675b27c65eff362390e0d198241efa41898fd01c98f868a670bedd2ab5","first_seen":"2026-01-02T22:48:02.274568Z","last_seen":"2026-02-08T12:14:09.240623Z","times_seen":7,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/BlenderPro-Bold.woff","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /BlenderPro-Bold.woff HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 21\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\netag: W/\"15-bm7tJgu8FHlq5QU+Y6gDxOGPfRc\"\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z2b29aJsPd8Oej%2B2Xkv92e4XiqlWGCpwFOHH%2FU7%2Bq0vfEYLbvw8EHcwxlXdyJkqVRnnwwvt14V%2FlMgO42lIaxdjHZ5Bk2gQ9LFwD\"}]}\r\ncf-ray: 9b95e455f9157130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2efae0e06cfdc3eacc743546ff595d74","sha1":"6e6eed260bbc14796ae5053e63a803c4e18f7d17","sha256":"c8d3eae160a892e32837db3dcae515e843e5383fef52b8141940c8bcf8b6d59f","sha512":"0041d86cee0352b6e8af8e9755fbe8ad6db1912b7bc2efd53d19ff60ce8f79a69bbac9bc2bbac25d9fa6d9e9e48d8bcc241fe04776c23c13ba5a2b2896643572","ssdeep":"","tlshash":"c57000082082020e0002e0e0088c283000880a8008308c2000008008800008f8800088","first_seen":"2023-05-16T10:31:07Z","last_seen":"2026-06-08T01:38:03.24594Z","times_seen":519,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":208,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/BlenderPro-Medium.woff","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /BlenderPro-Medium.woff HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 21\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\netag: W/\"15-bm7tJgu8FHlq5QU+Y6gDxOGPfRc\"\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=csyRamUbsdzC%2FbWgir7bryqzsxT6oJEcwj%2FS%2FkXaxBix9S6xbFT0ALwTZ8DAJ7CcES1Ky06d6Ho2uPv3s037gxSDn98C5RErB8P2\"}]}\r\ncf-ray: 9b95e455f9167130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2efae0e06cfdc3eacc743546ff595d74","sha1":"6e6eed260bbc14796ae5053e63a803c4e18f7d17","sha256":"c8d3eae160a892e32837db3dcae515e843e5383fef52b8141940c8bcf8b6d59f","sha512":"0041d86cee0352b6e8af8e9755fbe8ad6db1912b7bc2efd53d19ff60ce8f79a69bbac9bc2bbac25d9fa6d9e9e48d8bcc241fe04776c23c13ba5a2b2896643572","ssdeep":"","tlshash":"c57000082082020e0002e0e0088c283000880a8008308c2000008008800008f8800088","first_seen":"2023-05-16T10:31:07Z","last_seen":"2026-06-08T01:38:03.24594Z","times_seen":519,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":11,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/riot.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /riot.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 2710\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"a96-199d4ef12ca\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EisbbC5sileP7VUKJlRsxoZir78mKNvbJjg%2FCAbZa9YwHbCMtMHUq7nHoBZsDUnsPl3dzswTapFvfpfwnyRKt%2BCbKcnXl5yIHQMz\"}]}\r\ncf-ray: 9b95e452a8ea7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2710,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 110 x 32, 8-bit/color RGBA, non-interlaced","md5":"bbe29345caf7579a0c3e375a810fed52","sha1":"7371650667f30d4ee793b0b306b273f91350b090","sha256":"61eb93ba8b95817a305bb3a300f0c5c20644cac11073771136356ceab379714b","sha512":"507eaf276c441708d5c1db07e9008660c52dbe9b670aec86ffad9fc9f6a0f0441df139268f702bb25f241099d14983a2bc3715dbd70c868a284b96790cf5a6de","ssdeep":"","tlshash":"96514caf278435359c34b94a3114c58cf4246f46162334c83ec4be374c47f6a99ae93a","first_seen":"2025-07-17T18:38:35.797156Z","last_seen":"2026-02-08T12:14:09.242425Z","times_seen":10,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/BlenderPro-Medium.woff2","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /BlenderPro-Medium.woff2 HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 21\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\netag: W/\"15-bm7tJgu8FHlq5QU+Y6gDxOGPfRc\"\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RURMRjoG3%2BQs5UlIZAmK9rkqlbEWIQcaaWSIiwW3yyn1NIxZVjWd5JSNZvSHk49zGlxn63D2d1M9HfZ4e80x4pysmfaXArqe%2F9bn\"}]}\r\ncf-ray: 9b95e454a9037130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2efae0e06cfdc3eacc743546ff595d74","sha1":"6e6eed260bbc14796ae5053e63a803c4e18f7d17","sha256":"c8d3eae160a892e32837db3dcae515e843e5383fef52b8141940c8bcf8b6d59f","sha512":"0041d86cee0352b6e8af8e9755fbe8ad6db1912b7bc2efd53d19ff60ce8f79a69bbac9bc2bbac25d9fa6d9e9e48d8bcc241fe04776c23c13ba5a2b2896643572","ssdeep":"","tlshash":"c57000082082020e0002e0e0088c283000880a8008308c2000008008800008f8800088","first_seen":"2023-05-16T10:31:07Z","last_seen":"2026-06-08T01:38:03.24594Z","times_seen":519,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/assets/spin_8.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:09.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /assets/spin_8.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 29534\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:03 GMT\r\netag: W/\"735e-199d4ef1882\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DXSNQEnFHL6UkGlqva9nSsUDlXneBTZM1myF3HzUGXYxIdrPr%2FK7FN84OhZHTHNgvXj3He5EYe%2B7plzD1hAQOm8lusSoH5W6KBMK\"}]}\r\ncf-ray: 9b95e45ef9cf7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29534,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 326 x 74, 8-bit/color RGBA, non-interlaced","md5":"111ada71ab1fbe97963cd5fac2ada59a","sha1":"8ac879715a5f9b89b7a46823c3c1eaad6aea2ef1","sha256":"73204ad4535b54d45672deaadb19a9ea4d5d6434c7315945826fc0b1e88af154","sha512":"14c03ff45dcb021ca7353f0b4c439f5f76eef0cbd0a445d9045eeac04d0c9e1b6582ae9f3b527baa702f819e87c8d3cb10dbcd2094b9726fbac1a75bbbc67954","ssdeep":"768:N4cAUsiVtcELr0DV/zBl6zcVmdgjG7a1AzvrC0oI+0hB:ycnPVtpr0VLD6NaRlI5","tlshash":"12d2e138f5ddf079b395f63d849b0c7544f96d322aaaceb368f2b199058306458e485c","first_seen":"2025-07-17T18:38:35.816251Z","last_seen":"2026-02-08T12:14:09.23797Z","times_seen":11,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/bc-1.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /bc-1.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 699170\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:03 GMT\r\netag: W/\"aab22-199d4ef1a06\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4ocvMVL77ij%2FWrC8oBUMVuBtFTUplXsrHnT%2F3mwpp%2FReMqxr9J0%2FNzpjIiLR1XUMb0st6YpLdgfBUgI%2BvT4Rqq9EawTsVKs%2B0XYX\"}]}\r\ncf-ray: 9b95e45298d97130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":699170,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1440 x 891, 8-bit/color RGBA, non-interlaced","md5":"866d0e864004bfaf79c9c71bbcbcb39b","sha1":"caec197e732501dcb2b34659b5821b52c637ecd0","sha256":"0d38584560519bcfe67725069fd6b3195c5cf0db07f982237191e8070ce048f3","sha512":"3a8008faf521fc96c14d571d83e18415c39e17d6df52a69d6fbc3e644625ff44bc32db37391bda7031d8587395ce083f3b2993714a0bee2b3701a7ee1cbc55d2","ssdeep":"12288:MjWtyg1AeR/exlTgNmrsPZkTqEA1sJjwwYh4762ueivf4R:Mity4eHgNcsKqv1RwZOfvgR","tlshash":"a1e4236acdcb458c7456a43d7c1b4fc12a0d1bff786de197d0a686c81390b1239eba1d","first_seen":"2025-07-17T18:38:35.809723Z","last_seen":"2026-02-08T12:14:09.22288Z","times_seen":10,"resource_available":false,"data":null}},"time_used":531,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":257,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/tt.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /tt.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 389\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"185-199d4ef12de\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=COrh2V75ytnD7AE%2Bb5jZFrLlZkGwnZ62ACVOsGwFQ7ncm1MZBcZv%2FP7bOFs4H6NcQKttToVnGHuIktBJaj%2FvH6aC1AB%2Fuu2aSOt%2F\"}]}\r\ncf-ray: 9b95e452a8e17130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":389,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced","md5":"6a79d4ab07772cf90158d9e873674872","sha1":"919a3674cafa88f2c1a5a348016894a0d698dad7","sha256":"1621e75d265c7159a92691b058156709f8066ad65f1a2dd8e231ddc80171d3f3","sha512":"28db8a3e8eee016bb2845a74de71c5a8cdffd5a0a638a6852c1df33d64a48e008d235561d5e2254a55600dc6732feede952994eb1eb05afc1c90a4e49f84dbae","ssdeep":"","tlshash":"56e0f1c52a28102ece3548da8a4b1025dd23c48e0503100cddf7cb13b20f0527311371","first_seen":"2025-07-17T18:38:35.792833Z","last_seen":"2026-02-08T12:14:09.228402Z","times_seen":11,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/news3.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /news3.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 138633\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"21d89-199d4ef12c6\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RHFYpcwaNQUN%2BbwtPIIF6SKDXKMC5WrN1jYY3Fk%2BItAXv8Edy8%2FopVf9d5UqyenY89%2FHSy177aljl%2Fc9LGFj6hfO4oKyW6J9j%2BP1\"}]}\r\ncf-ray: 9b95e452a8e87130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":138633,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 560 x 293, 8-bit/color RGBA, non-interlaced","md5":"8616bec227f17f57651939f2b0ef5f96","sha1":"8ab000824079ee171a4caaa1b812c71b7d5d93b2","sha256":"ea6c935ad1bc660f82ad2f24ceaaee2c33cf49b6b4789374d4fa93e08ac9076c","sha512":"88888c8af905eafef4616b090fccf611a0c7f4e3047ad7fea5b81e87623d22cf377b624e1f00c55022bc522e117be1595624498223eee73f713c148e2b8e586e","ssdeep":"3072:xBR5FK/DBiP+GwgGaw2XAoK0dyeGzuI8eG9a:h5FKtwdt1w2wwyfxJD","tlshash":"b4d3127920f52f91207fd56c45af8ee2cda23e83b28cb77381e560599301a7c68587f6","first_seen":"2025-07-17T18:38:35.837635Z","last_seen":"2026-02-08T12:14:09.23974Z","times_seen":10,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":265,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/BlenderPro-Heavy.woff","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /BlenderPro-Heavy.woff HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 21\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\netag: W/\"15-bm7tJgu8FHlq5QU+Y6gDxOGPfRc\"\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k2tGynFmvUu9kyrXY5H645cRZCTIAC3ebIIuSjWgDP4OBCNVq6yPPOV%2Bax0wWNJt8jA6hIMVv96hp2TUwXif2HoGfcCe4SLDtNPX\"}]}\r\ncf-ray: 9b95e455f9177130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2efae0e06cfdc3eacc743546ff595d74","sha1":"6e6eed260bbc14796ae5053e63a803c4e18f7d17","sha256":"c8d3eae160a892e32837db3dcae515e843e5383fef52b8141940c8bcf8b6d59f","sha512":"0041d86cee0352b6e8af8e9755fbe8ad6db1912b7bc2efd53d19ff60ce8f79a69bbac9bc2bbac25d9fa6d9e9e48d8bcc241fe04776c23c13ba5a2b2896643572","ssdeep":"","tlshash":"c57000082082020e0002e0e0088c283000880a8008308c2000008008800008f8800088","first_seen":"2023-05-16T10:31:07Z","last_seen":"2026-06-08T01:38:03.24594Z","times_seen":519,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":10,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/BlenderPro-Bold.ttf","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /BlenderPro-Bold.ttf HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:58:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\netag: W/\"15-bm7tJgu8FHlq5QU+Y6gDxOGPfRc\"\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dB3R1XluKQ8uPPWt%2FopSLovc4ssVXIKC5XZKIVFD3hLBrIdzauOjeKNWc%2Bi8yW4TgLHur2dEWASaLhDRWmMtDMgjHB2QN%2BKp%2Fr3D\"}]}\r\ncf-ray: 9b95e45759317130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2efae0e06cfdc3eacc743546ff595d74","sha1":"6e6eed260bbc14796ae5053e63a803c4e18f7d17","sha256":"c8d3eae160a892e32837db3dcae515e843e5383fef52b8141940c8bcf8b6d59f","sha512":"0041d86cee0352b6e8af8e9755fbe8ad6db1912b7bc2efd53d19ff60ce8f79a69bbac9bc2bbac25d9fa6d9e9e48d8bcc241fe04776c23c13ba5a2b2896643572","ssdeep":"","tlshash":"c57000082082020e0002e0e0088c283000880a8008308c2000008008800008f8800088","first_seen":"2023-05-16T10:31:07Z","last_seen":"2026-06-08T01:38:03.24594Z","times_seen":519,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/favicon.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:08.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 674\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"2a2-199d4ef128e\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UZlnoNkQMYo6H16fyURut5RP%2BWpo9zsJ4k7pQeh%2Bgz5%2Fexr%2BY3%2Fn41mv2n56JolbQ%2B5GCkgWE44Jqdp2wggrXXz6GYbHNK2vxAoU\"}]}\r\ncf-ray: 9b95e45bb9a17130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":674,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"0c3d7610ef8d3a44bb0f6e7b5378fb83","sha1":"98d241830cda6d89005c1fc70f4bada2ca58562d","sha256":"d78afe71dc668a52642611038fa54dbf81153e73f781e12042083e0b11a1e9be","sha512":"eb6ccf579b301d7a408bd784eaf799a88dfb3f7c0585777e8de239e8da0d5b02ef658b4cc0877716635c7afc628018501b212b9714741051b8eac3151b885326","ssdeep":"","tlshash":"580123cf26a11ca4e11b51ec273e06a8586c1a457447194958b39c674496916d2f23f2","first_seen":"2025-07-17T18:38:35.798633Z","last_seen":"2026-05-07T16:28:28.643891Z","times_seen":21,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/stylesheet.css","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /stylesheet.css HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=77o5aee7ECo8z%2Bc8iHO0LBbTBCFlNHIl17PGAvzzQ22AJ985xey5z3p6o%2BMf5mEIq3GCjJ5B8DQSPR4miab%2BpCZy5JoQxaB4vyYN\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"e81-199d4ef12ca\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9b95e45288d37130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3713,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with CRLF line terminators","md5":"94ac1e172340dbda9f276de81d03a5cb","sha1":"3275276c610a79bd3182583ae46184f11dac1624","sha256":"ae4f7bc9f021138792f8726c0f567869c811358db85a32cbb7cc6c0da2128f4c","sha512":"10a4d57041bbf122f3623dcdae5fe94b4bb6c85d742ee6c3dae698367b22874a13dd99854e3df73c53d2ba6ad0b3482e9405e03d98505606a07c13531b34db5f","ssdeep":"","tlshash":"557103b0184a352261700a6de3ea2f54ce0e31eb509c5f57737e388b4f76e94629cb2c","first_seen":"2026-01-05T19:01:47.748257Z","last_seen":"2026-02-08T12:14:09.243198Z","times_seen":6,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/roulette.css","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /roulette.css HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T8ofCiel%2B74MtUZYbnwV8Ci4O7Guf7pEdfSJyU%2BzOY1USZanPvgtLX3h4%2FlXoTw2buM76x29lk0RMRSz6oYfDl1C3p9wB3jZesgt\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"f95-199d4ef12ca\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9b95e45288d47130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3989,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with CRLF line terminators","md5":"909f8bd4632db012ded2528788b263cd","sha1":"d1ee2802c20d7ce463fe13b0a90a622673200731","sha256":"c3fa2653683af4e03418bd64dc1338284a24c5636307fca635fee593b71231b2","sha512":"2e30f116b7aae81b89e0250b40b599fca66a7335d3404628de94a40a9e8fb2ccf0836f5cf91ee52d1ebadf1feb4903845da1e2e3d39090165db60c43b65d0cab","ssdeep":"","tlshash":"8c81d33345256008533b755cabf5232eceb8e027ba0747efb5da289643916ec16bf1c2","first_seen":"2026-01-05T19:01:47.758701Z","last_seen":"2026-02-08T12:14:09.244137Z","times_seen":6,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/index.css","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /index.css HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2VpmANF8x6Hi3PQ3ckYmoTjiF6fRQvKopkp2q%2FE9ssv6z3WKS9h9gra7LCw3zaFz2Ft%2B4cmPu32NWBRGw4gAtk39Dl1fQoYM67oF\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"1015e-199d4ef12aa\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9b95e45298d57130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65886,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with CRLF line terminators","md5":"2ab329cc977bd9e50906cd5ca51255ac","sha1":"61faa7b1978df4c44a2fdb8ebc3225b362951cd4","sha256":"e9036c325f3aa2a56ff09e8423011204b8d10be19f0e3fe0b8518e2e6a662189","sha512":"6fdb7b49ea8db6ec7a2c3b96d63ba4f02cf448287a2de90474ed2aded914af83588d462ba3566cf0ad2b5b2eb55f6469c840e819ffc8dd7133d2f39f73edf3d0","ssdeep":"384:1QtJjitw3ahe3diNtRYFmHrL2zCYFB7Tmngy9UeXQdE/aJQ4ST/xqwGx64JC2RdS:1QtJjit5hbtRYFWOzbTmngQPRejiTegX","tlshash":"f6531314a500dcb67db2a7b9d3db6208fd3760a7cb0611e87ad8d2051ff03b84949ee9","first_seen":"2026-01-05T19:01:47.760479Z","last_seen":"2026-02-08T12:14:09.202272Z","times_seen":6,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/header_logo.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /header_logo.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 875\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"36b-199d4ef12aa\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fQ2fEgDPxoCeCzlsJdn9JbnQb4hS3hD%2FL7GdSjQcl%2Fc0EiDlgMwmFsYY1B0W8BcqMTGw0eA3vIOj7Fvn8Ai19t%2FwqxBwfE7nzt4G\"}]}\r\ncf-ray: 9b95e45298d77130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":875,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"e594d0138dc4a68cb6359ef46b44b1c3","sha1":"3cdb5a8caa70f47105fda24c7f925641e613a729","sha256":"2a0a726af6115a366df46d6d39cb7d761d77b77f72cb3f1b8c628218d5b36872","sha512":"b3df4ef7d3f168d61f830e9098d1a49151e339cbabef52f6a74b18a76aa98463e3054e4f53e15ad452ef85d1af22f0877fae449efae595368d1933eacd32e7cf","ssdeep":"","tlshash":"e41196fbd31b20949bfc50015253b5c0863b8b6c025a64358bea1e2a073f30d5147751","first_seen":"2025-07-17T18:38:35.808473Z","last_seen":"2026-02-08T12:14:09.220062Z","times_seen":11,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/BlenderPro-Medium.ttf","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /BlenderPro-Medium.ttf HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:58:09 GMT\r\ncontent-type: application/json; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\netag: W/\"15-bm7tJgu8FHlq5QU+Y6gDxOGPfRc\"\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncontent-encoding: br\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1UY57pnTuPrSmJ%2FtJWnQLjzCiFC41PnzwA1gZMLCQRV0FtvUktuOfM1XCwohwUqVRlD7JG1RMigYwwspHbgBXVqWJ4kBwTbsFMJn\"}]}\r\ncf-ray: 9b95e45789337130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2efae0e06cfdc3eacc743546ff595d74","sha1":"6e6eed260bbc14796ae5053e63a803c4e18f7d17","sha256":"c8d3eae160a892e32837db3dcae515e843e5383fef52b8141940c8bcf8b6d59f","sha512":"0041d86cee0352b6e8af8e9755fbe8ad6db1912b7bc2efd53d19ff60ce8f79a69bbac9bc2bbac25d9fa6d9e9e48d8bcc241fe04776c23c13ba5a2b2896643572","ssdeep":"","tlshash":"c57000082082020e0002e0e0088c283000880a8008308c2000008008800008f8800088","first_seen":"2023-05-16T10:31:07Z","last_seen":"2026-06-08T01:38:03.24594Z","times_seen":519,"resource_available":true,"data":null}},"time_used":1174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/type","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:08.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /type HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:58:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\netag: W/\"15-bm7tJgu8FHlq5QU+Y6gDxOGPfRc\"\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vdu4t%2Ft25SB%2F3yYL%2FiM0YELVxH6Aqq%2Bdvk6hPL6J3vBVn6UxmVsyNIAHk%2B7fimD8%2BNkyZCtTHqVKiwBPo0a9tFfu8ebREcRo4V6s\"}]}\r\ncf-ray: 9b95e45a29597130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2efae0e06cfdc3eacc743546ff595d74","sha1":"6e6eed260bbc14796ae5053e63a803c4e18f7d17","sha256":"c8d3eae160a892e32837db3dcae515e843e5383fef52b8141940c8bcf8b6d59f","sha512":"0041d86cee0352b6e8af8e9755fbe8ad6db1912b7bc2efd53d19ff60ce8f79a69bbac9bc2bbac25d9fa6d9e9e48d8bcc241fe04776c23c13ba5a2b2896643572","ssdeep":"","tlshash":"c57000082082020e0002e0e0088c283000880a8008308c2000008008800008f8800088","first_seen":"2023-05-16T10:31:07Z","last_seen":"2026-06-08T01:38:03.24594Z","times_seen":519,"resource_available":true,"data":null}},"time_used":155,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/val_logo.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /val_logo.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 674\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"2a2-199d4ef12de\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D84%2Fo0PtWnEVLddN3OaI%2Bw7q2t90gaWGVN%2Fnpc2uh3TeDq2DztQqAphBXwWon6ZKijp507iRzf%2FYBGm18qzvBKs3Y6dHW38U9j3G\"}]}\r\ncf-ray: 9b95e45298d87130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":674,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"0c3d7610ef8d3a44bb0f6e7b5378fb83","sha1":"98d241830cda6d89005c1fc70f4bada2ca58562d","sha256":"d78afe71dc668a52642611038fa54dbf81153e73f781e12042083e0b11a1e9be","sha512":"eb6ccf579b301d7a408bd784eaf799a88dfb3f7c0585777e8de239e8da0d5b02ef658b4cc0877716635c7afc628018501b212b9714741051b8eac3151b885326","ssdeep":"","tlshash":"580123cf26a11ca4e11b51ec273e06a8586c1a457447194958b39c674496916d2f23f2","first_seen":"2025-07-17T18:38:35.798633Z","last_seen":"2026-05-07T16:28:28.643891Z","times_seen":21,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/tenz.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /tenz.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 208143\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"32d0f-199d4ef12de\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E9Q%2FXTkZxfSxdDzI6%2BH0fztxi6KHIUw0AMHaDtqm0W5ksKIUJaNm4ihDSG%2Fu7PVCGySLBSJhlmpJtZvjHHYzPD34xrT5R%2FUSQt9C\"}]}\r\ncf-ray: 9b95e45298db7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":208143,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 544 x 468, 8-bit/color RGBA, non-interlaced","md5":"baefee5127bad9ef30b4dc5ebed8c93c","sha1":"6311377eaffcee7077ac88f477d6c27069ef3759","sha256":"9e5eb2e1afe624b5344e7314d8f5968edf66d13e65c3a2931387c9b939572f30","sha512":"d5d34d61b392ca8156c9e83c567025af83cef5351cc030df71dd4d7d551f7673d01fdce83a1adef0d9c582a788eac7372fb00ba1baa30c5980898e7063b1aacc","ssdeep":"6144:Yo5C8RgGZd5SefmG1LzBzMBVz4dlfmR9kdTgpthSadI8:FR/x/1LzBzMBpGUYWtM8","tlshash":"5a1423b84d3d8798ddda72e76edc755de7e3b0a993ce4f76380708e4a8a5b824030145","first_seen":"2025-07-17T18:38:35.795825Z","last_seen":"2026-02-08T12:14:09.204037Z","times_seen":11,"resource_available":false,"data":null}},"time_used":1319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1198,"receive":121,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/insta.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /insta.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 534\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"216-199d4ef12aa\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a73i9Xb%2B6NYdYM4ginqzvCjF%2Fk4oTSmIU65L9pwgXUCSwAzvUsvvcCVnqRDqqHDAOszXH2E%2FnSF2ptMazQg8l753mg2LTjGcuasr\"}]}\r\ncf-ray: 9b95e452a8e07130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":534,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"ce8d43c7c13b6a12c4b3d295d2af34b4","sha1":"9aa4cfc9ba4c0aebf1c339da1523e85b3557b339","sha256":"01d75301f2afef0268bfd51655f5168cb6d6e93b4697094404a277a7e900bf6a","sha512":"3cc9db0fabda910ec7a9572b3f764f4aafe058c675f4388e8febd8d92b8a9455f9b7ede2a298c453c94551c543e01e64a0e4e7f7669f58e5e6ef372c2ac40aad","ssdeep":"","tlshash":"d0f075cade500a1b841f036b690b80c9b167867b0056653e55909be77e88ca08d2fbb2","first_seen":"2025-07-17T18:38:35.791606Z","last_seen":"2026-04-30T11:35:51.131034Z","times_seen":11,"resource_available":false,"data":null}},"time_used":1234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/news2.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /news2.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 182427\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"2c89b-199d4ef12be\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Dpr%2BKauFHNtk6bl2sVeCRMKCkil2MiJqnqdLa5bEYk0D%2Bb%2Bdj6SoToAJ3f%2FsxkcCWGjQRLXw3%2BJzID%2Boy5YFHtnpd6eqm%2FZjhF4\"}]}\r\ncf-ray: 9b95e452a8e77130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":182427,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 560 x 293, 8-bit/color RGBA, non-interlaced","md5":"691aa5e9be7243f7aea5f58904f709ca","sha1":"19758b047a171b285c10487141e53a828f31aca2","sha256":"3e69041a7525dae74f13aa5666c971ad71ff7d0a0f63597d2bca59bfcd46e33f","sha512":"99f9ebb88ba58866ffc598d76335a9852881201e9763aced2fc9fb294d97ddd0dfbd5c17198f299342bf664c27796a6a7534508e1bb543182fbb97e1ae222835","ssdeep":"3072:DbtRfK7AtLfikCVQAaxRoypCmPDqxOjzeF68rP7A5FundlxFYrrudBEc06a/k:DbXjxPCVQLRomDqEa6gYFYLFqrudBEHY","tlshash":"cd04232616bce483398307785ebf7636d531296419fcdad3883dbe294bf3ac62910176","first_seen":"2025-07-17T18:38:35.830425Z","last_seen":"2026-02-08T12:14:09.238759Z","times_seen":10,"resource_available":false,"data":null}},"time_used":402,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/BlenderPro-Heavy.woff2","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /BlenderPro-Heavy.woff2 HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 21\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\netag: W/\"15-bm7tJgu8FHlq5QU+Y6gDxOGPfRc\"\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hrb03nq0pgL9UFe8uKR2hXnstkXDJ8OJ3I9k5ZIBEvhhd%2BL%2FP5bbpSB90juiUoQDRH13CLLbmdZNyK7rwk5iRNt4NZ851tqAMDbZ\"}]}\r\ncf-ray: 9b95e454a9057130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2efae0e06cfdc3eacc743546ff595d74","sha1":"6e6eed260bbc14796ae5053e63a803c4e18f7d17","sha256":"c8d3eae160a892e32837db3dcae515e843e5383fef52b8141940c8bcf8b6d59f","sha512":"0041d86cee0352b6e8af8e9755fbe8ad6db1912b7bc2efd53d19ff60ce8f79a69bbac9bc2bbac25d9fa6d9e9e48d8bcc241fe04776c23c13ba5a2b2896643572","ssdeep":"","tlshash":"c57000082082020e0002e0e0088c283000880a8008308c2000008008800008f8800088","first_seen":"2023-05-16T10:31:07Z","last_seen":"2026-06-08T01:38:03.24594Z","times_seen":519,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/assets/spin_6.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:09.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /assets/spin_6.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 18693\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:03 GMT\r\netag: W/\"4905-199d4ef187e\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aZlWr9%2BTO07VlxpAkdWw9oeFGzO5iOEua4K%2BsCMTeo7Ybaeuswykjw23xR2CBo8sUCIJduW7zXsI6n1HgQ18NdS%2FC4VKQK4jyFP%2B\"}]}\r\ncf-ray: 9b95e45f09d17130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18693,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 176 x 78, 8-bit/color RGBA, non-interlaced","md5":"3a9950db19539ace1ea9d356891729c6","sha1":"d996179e82be8ab963e4a8620c031af918149992","sha256":"6d72941b0c0973fce9e4a8395c9db73f7b798528e7c95e88c12b76fb6030c36f","sha512":"6e55b8117b038b0d75cb03296db3e33b6690eccd053bfd79b2609875be241da553e2908089ec394ea7d35a2c871d0c8851cfef6fde4e5d5de99fb9fe39663b3c","ssdeep":"384:G6i8yyQ2CpfNjKuFh1BSiy/L4kW3iGycdkIQ71+Np6bo8wx1Z6X3sb:Ji2K31W/23iIr+1sp8wPZwC","tlshash":"2d82e138cb790984df99105d13c8de92db6f25fe007864ce552f662be2b481973da90f","first_seen":"2025-07-17T18:38:35.825949Z","last_seen":"2026-02-08T12:14:09.23427Z","times_seen":11,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/spin_shadow.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /spin_shadow.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 355647\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:02 GMT\r\netag: W/\"56d3f-199d4ef14ee\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6FwSmxRxf3Mlg39AsxImBA4l9KqJ1dSOjRhehcEw3e2WtG5%2F3oHOVORVh0PszFxPxLO3DkomyeXeX6WnRu1r9I%2FEfEFtVFOXj5dn\"}]}\r\ncf-ray: 9b95e45298de7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":355647,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1006 x 439, 8-bit/color RGBA, non-interlaced","md5":"82a88f7eea958f90c4e197bc07524076","sha1":"33078266440bb73714a346e95997a2bb0ecb053e","sha256":"d871f4215eaf360b6b04952e34cb1b13a3e89d841db13d5e0e88360f9605044e","sha512":"6ba528e8b2925e1b2f920cf762da619563d059e7b591d67f8aaf6c299c41b517385f9c9cbb8ff83c3abc9d9b8ac0587e0ad1b1f3428f6e65fbceff892942a214","ssdeep":"6144:B+33jPj9tSI+z7uBuutD7UTMHBppOaqy3TBCsAvLHif6S42tNSldcSyQihZ:833Lj9sIic7gMHTpO16c/HkO27S3VyVz","tlshash":"477423edd96c6cb3f258ecac5da218c24066754a394144a5c308033fe2e5ae175fed6f","first_seen":"2025-07-17T18:38:35.804281Z","last_seen":"2026-02-08T12:14:09.205221Z","times_seen":11,"resource_available":false,"data":null}},"time_used":484,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/tenz_info.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /tenz_info.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 19982\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"4e0e-199d4ef12e6\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nXE2tVbNQte0tmjxZDpY%2ByE4quwPyquhT7Opcj7HCoz4dPY%2Bh4ZiMPm4gFm5%2BDi16kfxsUup922L%2BVZNL2GnEZ4dYmXcnxG7t3IW\"}]}\r\ncf-ray: 9b95e452a8df7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 353 x 102, 8-bit/color RGBA, non-interlaced","md5":"697fd14186d90bf1994cfa265c7d662d","sha1":"7290bd619175099029579b9d1d139520f87f35b3","sha256":"e03218789394cbd722748ff7f50956b8f579f9d95e1eb22fa8f6466ab3bd992c","sha512":"3bb2674fa9108e03bbb2c3610d80f29ab4ec663eefb1646d522ca28bfa366c1504b7bd66b6be14d4b0ac1c741e58facce9469d5baac4f2d4a5afdcc2011ffc11","ssdeep":"384:Q+9EHrMIXn19lc1yX+fbw0OogX5nAJk0PlGGjnqsHlpXkpX2vmhR8VdDXMgkRiLk:z9EHAIXTl0yuDwjoIWJkKlGGjnqA/Mio","tlshash":"f592d0da578af6be1a4f4a81c12561321c042558a1d3cd83df835b5e38e3de2df1b58a","first_seen":"2025-07-17T18:38:35.828133Z","last_seen":"2026-02-08T12:14:09.191023Z","times_seen":11,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/x.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /x.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 417\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"1a1-199d4ef12e6\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EtjGfZn4ayxTDvL2XQM07%2FAvkjMNy8FSNKTF6AM2%2FpDtzy3dKw3oefM7aoZ7J29YEBJt0s8jRraJtQSDaaWFolksF%2BKlfQhbU6mr\"}]}\r\ncf-ray: 9b95e452a8e37130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":417,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced","md5":"164411f46d963c467672f25aa71bcc2a","sha1":"449b6133b69f568a5653f2e1abb652012564e43a","sha256":"bc329aa81523c6d9b690fcfb826de38a8aba10c0103898533e8ff2f23a7acd39","sha512":"f16ab254eda95e4ce9928e88bd3ddeffd05fda4b15eace65d4b578994ddfe704e2fc46d7ac684f31487e2e31b3ac54811d5549f1682a6bbc03e54f9c9ad8692b","ssdeep":"","tlshash":"e4e0abe8b25898bf8c581839c19a0172605704fd26a08c1e8a258a707d6acc2a5d2be3","first_seen":"2025-07-17T18:38:35.821886Z","last_seen":"2026-02-08T12:14:09.194756Z","times_seen":10,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/twitch.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /twitch.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 347\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"15b-199d4ef12de\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4uOLdewDuWCaRg5wWMXVOggrus9ymdsHJ2GHJBotsW%2BuaaYJviDtLYNQ32nJLhjZdT%2F%2BcqkEZucpDrir2YnX9EGJbDWwqreTR5En\"}]}\r\ncf-ray: 9b95e452a8e47130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":347,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced","md5":"5072df816def23b1cb9859441e6e2fe2","sha1":"504598b8a5d7124bc1a90c6849de3968e83b84eb","sha256":"5a196dc15cf21401392eb4fa8acfb03aeaa7e4a3ba992d3e610c487395336adb","sha512":"b7c5ce33d0e713feec5c4055d6e285bd26135d70350c0d0c2b5a9bfd19ec1ad9206aa3aed413e4c17f41d61e8b944132f85842a301af601a6b1b52a85f6d9472","ssdeep":"","tlshash":"93e0c0cb5954e47ee5c906b706564712309f14f81a02602ae9e5f0184b5545442a3f8a","first_seen":"2025-07-17T18:38:35.813539Z","last_seen":"2026-02-08T12:14:09.197452Z","times_seen":10,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/news4.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /news4.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 141704\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"22988-199d4ef12c6\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bh0rX5SYMJHoyacaSoeo6aAr5%2FVzdPa0qAutPyJD4dCgJeILVvGtCTeL6ZKV5fML%2FNXNRmTzR7LBBC43VzZWUglqo%2FN%2FNHn1rlSS\"}]}\r\ncf-ray: 9b95e452a8e97130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":141704,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 560 x 293, 8-bit/color RGBA, non-interlaced","md5":"56d6fb08c7f54f0fe5599993b84a20c0","sha1":"e91a8b0bb01d9fc97c77b4f834d9943778319dff","sha256":"da85f5dd639023c9b7cdc4d254b2b058092b86795544fa482c7f60dd028bddf5","sha512":"fd2e365b4668b9f20725b9de2d801be5f2f3ccdad8de1513aca43fe14bcd8cb2474b38921e634351079ea100e830a7ed5cbdf337ad9549a576dd5378c8c0a5b1","ssdeep":"3072:NzqOlxh7ZAdJTsUqGCFki6bmWuWZEcyOcaeXTE00GRN:9qOlxhVeJT9C25bHPEJHH40Lf","tlshash":"07d312694661df804c0e7907ae031dc5e86846b50a2462663e2774e6e1dced7adecfd0","first_seen":"2025-07-17T18:38:35.811471Z","last_seen":"2026-02-08T12:14:09.207709Z","times_seen":10,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":108,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/mega-foot.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /mega-foot.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 7715\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"1e23-199d4ef12b2\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7oJjOOhfJOHfakgdN7MTg5edDk6GK3rIejueYKwQPQGbnclEIPz4uxC1rt8jvfcRz%2B5Cmvyd3f9tZW%2BIpWvbQ03bgVHt%2BI%2B3AsP2\"}]}\r\ncf-ray: 9b95e452a8eb7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7715,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 223 x 129, 8-bit/color RGBA, non-interlaced","md5":"6979f28094312e3a8605bb22c0e294cf","sha1":"6f80aa3956e2de5e10d48dc113e10bc908775cf8","sha256":"ee081fd9d19d5427052ec0104d08d4019c69a0f99d1bd31d16fcb303f476a9a2","sha512":"93fc2b51ed57fd35bdb4f08b463a246c35250e0de563b6c2d7a15254f40ad48a6b3d8d86c53cc9793911c3661cb2adac4827756b26043dea566cac3aef609062","ssdeep":"192:4SErQ5JiTG5pwTHohtjltPuDNYzFM7j15bS511oqln9sv86:/ErQnii5sHy7Qyi7j3S5USnl6","tlshash":"3af1afe0d441ca2255acba2f0797ff86049fc0fcb9f46184ab8a7f52f5643315c9d954","first_seen":"2025-07-17T18:38:35.814427Z","last_seen":"2026-02-08T12:14:09.214893Z","times_seen":10,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/jquery-3.6.0.min.js","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:07.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:07 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r7utcTMzTo8IWvdXMDlJVFuDFz9CpZbqm3W3jaBtECNh%2FxnIOFoMI8X%2BWNm1zCr%2BwLS9k5Yru3r9%2BeSV0s0Al4gzn2xCb0jXQLL%2F\"}]}\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:01 GMT\r\netag: W/\"2a687-199d4ef12b2\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9b95e452a8ec7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173703,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"e4c5675ea97db85460016f2e43880888","sha1":"1a545a30dcf23fcef8545842d202f6cf5c7f2ba2","sha256":"6e1cccd429a180d7f27c0a85f7234af9b6c173f55b91ebba65362b1afea319ed","sha512":"baca74ace37282d46a58e6ca2f8a099af37d57fc6eed8807e8c53a4004e856c733648acb21cef5fcf6b906bbc9400eaade2bf60a7b3fae72c89b636cfa54b7db","ssdeep":"3072:rPi51vm3ViMky5ySYTpyTaePHvakuTWklm/0o+tUJ+cNsTQC9+m2P3YU7oPNsRik:rPi51vEVsy5ySIpyTlPHvbuTWklm/0ox","tlshash":"18045f9a669524398137f37eae6f8905f0b21b3f028649033d3c81565f72914a7b6fec","first_seen":"2026-01-05T19:01:47.717743Z","last_seen":"2026-02-08T12:14:09.237159Z","times_seen":6,"resource_available":true,"data":null}},"time_used":355,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gearsvalo.top/assets/spin_3.png","fqdn":"gearsvalo.top","domain":"gearsvalo.top","tld":"top"},"ip":{"addr":"104.21.25.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gearsvalo.top/","date":"2026-01-05T20:58:09.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gearsvalo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 23 Nov 2025 15:49:35 GMT","end":"Sat, 21 Feb 2026 16:48:01 GMT"},"fingerprint":{"sha1":"19:93:EF:7C:FC:90:51:C3:E7:16:49:1B:8F:C9:C2:70:B5:82:31:52","sha256":"B9:2D:B9:1C:AD:78:A5:91:D7:5B:78:5C:30:63:B5:51:32:A3:11:81:DD:1D:57:D4:D1:28:05:BF:C9:B7:9F:B4"}}},"request":{"raw":"GET /assets/spin_3.png HTTP/1.1\r\nHost: gearsvalo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: sl-session=0CzzOV53XWm2HkIw0McX2Q==\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 05 Jan 2026 20:58:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 25591\r\nx-content-type-options: nosniff\r\nreferrer-policy: no-referrer\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 11 Oct 2025 20:21:03 GMT\r\netag: W/\"63f7-199d4ef1876\"\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8l9%2FryU6uPLr65N0hvEof8oqMLLvH9TX8%2FobnI36IA0TxI8TqCno2HWw4jpzcrScTP2EynXKmI7EeJcWlEpPakbO1oY%2BCWXPjEnM\"}]}\r\ncf-ray: 9b95e45ee9ca7130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 318 x 72, 8-bit/color RGBA, non-interlaced","md5":"8ce8a3ae77babb327f6dd4cc285dd8af","sha1":"507e8834aa0a598e8263634cd7f4d5f8b615663a","sha256":"9d167109a5a92cf0cd699c13aeefdc046712921f1c12f69dff2ff0b3d17e30fa","sha512":"c56571516993aa2d07a97eca57910bcaf0cb77ecd45eedfd8a0931ad9fc1477c0a50f351c72762d3cb93e8f74fc5443483e5c3e1df0ed7cbaccb24af39bd330e","ssdeep":"768:VtaaRn8W4xtKFifoQ+cUK1JUWLw30Hq1SpW2:VtBRnG2iQGHWWLY1Spb","tlshash":"2ab2e1984321091e8e887b615ffd245769be7d0e1e5b0abf6e7800c01cfbdc64c626ad","first_seen":"2025-07-17T18:38:35.806278Z","last_seen":"2026-02-08T12:14:09.235164Z","times_seen":11,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"gearsvalo.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}