{"report_id":"5fd2b8b8-c454-4dfa-84c8-a7d824edd2a2","version":6,"status":"done","tags":[],"date":"2023-11-28T07:42:43Z","url":{"schema":"http","addr":"gfriends.cc/forumdisplay.php?fid=3","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":0,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"gfriends.cc/forumdisplay.php?fid=3","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"title":"GirlFriends | Teen WebCam \u0026 Stickam Forum - Amateur Teen Galleries"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T10:20:18Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"gfriends.cc","ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"domain_registered":"2023-05-12","domain_rank":0,"first_seen":"2023-06-01 09:27:13","last_seen":"2023-11-14 15:47:15","alert_count":0,"request_count":24,"received_data":105676,"sent_data":13749,"comment":"","tags":null,"fingerprints":null},{"fqdn":"imgbay.al","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2023-09-06 06:21:06","last_seen":"2023-11-22 19:47:28","alert_count":0,"request_count":1,"received_data":27432,"sent_data":433,"comment":"","tags":null,"fingerprints":null},{"fqdn":"i.imgur.com","ip":{"addr":"151.101.244.193","port":443,"asn":54113,"as":"FASTLY","country":"Finland","country_code":"FI"},"domain_registered":"2009-01-09","domain_rank":5110,"first_seen":"2012-05-21 10:09:36","last_seen":"2023-11-27 10:42:21","alert_count":0,"request_count":2,"received_data":18475,"sent_data":852,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.usertrust.com","ip":{"addr":"104.18.38.233","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"1997-12-05","domain_rank":899,"first_seen":"2012-05-21 17:43:18","last_seen":"2023-11-27 10:28:30","alert_count":0,"request_count":1,"received_data":1015,"sent_data":342,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img84.pixhost.to","ip":{"addr":"94.229.45.2","port":443,"asn":48326,"as":"DataNetworks s.r.o.","country":"Slovakia","country_code":"SK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2023-03-09 09:19:31","last_seen":"2023-11-10 11:23:39","alert_count":0,"request_count":1,"received_data":12190,"sent_data":484,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images2.imgbox.com","ip":{"addr":"212.63.223.226","port":443,"asn":30880,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"domain_registered":"2009-02-09","domain_rank":80761,"first_seen":"2017-10-24 20:55:51","last_seen":"2023-11-22 09:30:08","alert_count":0,"request_count":1,"received_data":10252,"sent_data":442,"comment":"","tags":null,"fingerprints":null},{"fqdn":"abload.de","ip":{"addr":"88.99.80.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":109071,"first_seen":"2012-07-04 14:18:41","last_seen":"2023-11-28 06:11:30","alert_count":0,"request_count":1,"received_data":12320,"sent_data":433,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48105,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.194328+0000\",\"flow_id\":2016983648696088,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":48105,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":44642,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.194328+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":32904,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.194169+0000\",\"flow_id\":2089594365802105,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":32904,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":33051,\"rrname\":\"gfriends.cc\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.194169+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55211,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.283919+0000\",\"flow_id\":1907251529209103,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":55211,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":41324,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.283919+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55098,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.880319+0000\",\"flow_id\":1560922546335423,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":55098,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":24880,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.880319+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39687,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.882193+0000\",\"flow_id\":2240502336681489,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":39687,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":47415,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.882193+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51382,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.882781+0000\",\"flow_id\":920341059041373,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":51382,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":4860,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.882781+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":47520,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.883241+0000\",\"flow_id\":1391430251936297,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":47520,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":33478,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.883241+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43178,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.883892+0000\",\"flow_id\":1392705857223860,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":43178,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":787,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.883892+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":40241,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.884322+0000\",\"flow_id\":706782400183906,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":40241,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":33220,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.884322+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":47733,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.885846+0000\",\"flow_id\":532548461888598,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":47733,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":52246,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.885846+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45868,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.886877+0000\",\"flow_id\":1342879941625949,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":45868,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":57234,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.886877+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50608,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.888527+0000\",\"flow_id\":1506114468679375,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":50608,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":62396,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.888527+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39972,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.890760+0000\",\"flow_id\":1670916658796424,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":39972,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":41891,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.890760+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37682,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.891976+0000\",\"flow_id\":1625574689053768,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":37682,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":50260,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.891976+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46804,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.894098+0000\",\"flow_id\":416730373792914,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":46804,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":44820,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.894098+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52653,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.894878+0000\",\"flow_id\":101054572504990,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":52653,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":37435,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.894878+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45930,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.895387+0000\",\"flow_id\":1336854102518171,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":45930,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":50318,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.895387+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34045,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.895903+0000\",\"flow_id\":208295610919839,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":34045,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":13726,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.895903+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:29Z","timestamp":1701157349,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":32905,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:29.896610+0000\",\"flow_id\":269576204299874,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":32905,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":43709,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:29.896610+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:33Z","timestamp":1701157353,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48654,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .to TLD","source":"{\"timestamp\":\"2023-11-28T07:42:33.415339+0000\",\"flow_id\":897556257789547,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":48654,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027757,\"rev\":5,\"signature\":\"ET DNS Query for .to TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":60468,\"rrname\":\"img84.pixhost.to\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":87,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:33.415339+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:33Z","timestamp":1701157353,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50476,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .to TLD","source":"{\"timestamp\":\"2023-11-28T07:42:33.415537+0000\",\"flow_id\":1591803361449777,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":50476,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027757,\"rev\":5,\"signature\":\"ET DNS Query for .to TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":17406,\"rrname\":\"img84.pixhost.to\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":87,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:33.415537+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:35Z","timestamp":1701157355,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43852,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:35.514286+0000\",\"flow_id\":1496145849997550,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":43852,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":58970,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:35.514286+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:35Z","timestamp":1701157355,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35824,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:35.524137+0000\",\"flow_id\":1240067014917993,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":35824,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":5761,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:35.524137+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:35Z","timestamp":1701157355,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51321,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:35.527969+0000\",\"flow_id\":2191921961963105,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":51321,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":1686,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:35.527969+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:35Z","timestamp":1701157355,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50617,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:35.534788+0000\",\"flow_id\":1026989392341252,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":50617,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":16048,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:35.534788+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-28T07:42:36Z","timestamp":1701157356,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37164,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2023-11-28T07:42:36.918389+0000\",\"flow_id\":2232496518071157,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.88\",\"src_port\":37164,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":28827,\"rrname\":\"gfriends.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":82,\"bytes_toclient\":0,\"start\":\"2023-11-28T07:42:36.918389+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gfriends.cc/jscripts/jquery.plugins.min.js?ver=1821","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf1f71e20e14765d6d5ea640aa4f7fc7","sha1":"d1f3a0e46dd50d3a4d1839cb821ad42802619def","sha256":"a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149","sha512":"db3f8dba9327793a4d00b0e1266ef60d6f2424ab1235d673def9ee026be896aa10cb02e0b95f8b82bdf76ac49720662c84fa2b419026178c905c5a9c2f1bff0a","ssdeep":"384:HWwrEXSUb3GjSPqGorxn+viQRvuB6haZ7braU:HWmE/3G2hcraU","tlshash":"f662924fba7523a48aff2177a01f196521339db508c24858f1bd87d95d78c0492afb3e","size":14799,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-06-28T02:55:13.877605Z","times_seen":1939,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/forumdisplay.php?fid=3","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"6dea24c8bdc5474de25fe8c724464be5","sha1":"989a281208542b269a5dfffc0c9b421ec579d1fe","sha256":"c528585096279250c336c887dde20d808e11b90371ac3285a1385296cd36fb90","sha512":"1c6ea8ee0895772f0f08dbed525f61afdecedc5496f40970e79c51663b0a51eb7b85b1f70cea9114bda050d59b7c5b76c14542d96952e5d4803965f68179d959","ssdeep":"","tlshash":"60416592744e0d31004d60a76c7d68c69d4790cdbf0ced16db18b47d73c08ee57b566a","size":2155,"data":"","first_seen":"2024-08-20T17:37:34.898587Z","last_seen":"2024-08-20T17:37:34.898587Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/jscripts/inline_edit.js?ver=1821","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"3781858ba413bfc2e58e9546669f097f","sha1":"3f9d6c9d1506b4d8ec3b1a7ba600f472f4cf0872","sha256":"a14ce315b9b11ef33e3ccd59a39f026336ae6a5af17a5672266435afa0af4652","sha512":"de8cfa1433891021350d06203feb45d16d7a72dbf9cbe0baaf2fa41f810691ce83671363024e49adb71e102daff6d60f410ee511a093baba1c9cab94d71fe251","ssdeep":"","tlshash":"6051f027ba34873a4444ffa4d27bc254961b9c18747349a12d24bc87098d89ced72c7f","size":2050,"data":"","first_seen":"2023-03-11T20:45:21Z","last_seen":"2026-06-04T18:41:40.514381Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/forumdisplay.php?fid=3","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"62c2c2ab7028d706cf48e334e0be4ed5","sha1":"9d1974f9795f5fa3093d3ca5d136cb1343ec6786","sha256":"a14419f7da616d1c4cad1be1fb9a59e3628cddd44ba0a323bd8d251ab3ef3169","sha512":"771926191833a2e8711df06c0ae32ffffe147f4f37ceae569dadeae508e9a1f5ec04d2d18188f9923628e87241c1a1c077c5bbbc748c9fba7816f3d53c161abc","ssdeep":"","tlshash":"c5d0a7db27545b0742b345846b5c20e50931a6bfd27caa4b0f1ab968730c8a8b7e9992","size":252,"data":"","first_seen":"2023-03-11T20:45:21Z","last_seen":"2026-06-04T18:41:40.526679Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/jscripts/jquery.js?ver=1823","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89475,"data":"","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-06-29T00:57:32.937755Z","times_seen":17032,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/forumdisplay.php?fid=3","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"e0e774c6eac4073121eb55b9e21d3511","sha1":"5156ea2435d223d0519ddce05085a2510c7b1807","sha256":"45a342390daafbd778ec29ac08c0cd3273410c225c6c1101306700c811b530b5","sha512":"2fd9fdf983e2f651be2955965a0be96ad581a2544bfd5718d3959966bf6d6ed8a39bce6a3d076b735638bb24d1cfc5646f72ac151c295478abe2361e5298f4d9","ssdeep":"","tlshash":"45a012a1c08c0407823411120c002025202fc4780052de496cb159a050c4706036040a","size":77,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-06-07T05:41:57.483879Z","times_seen":1700,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/jscripts/jeditable/jeditable.min.js","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f332fdf2de4e25eb3f5611bf7b6c354","sha1":"53e8a6136fa9af4fe8b50e8068899da860657e1b","sha256":"b76e0536e5ae607a8453dc2dd7ac8d08779ba93e8f8700113ee2c1106f31fd79","sha512":"259739d36bf7b4b74dc94b3b33433e1822f0792944f0126636ace5004d1f68a850fc7734c3ef1357502b14792116dd1cc4b091ecd3c9b4b66d6b4e1b8266cb43","ssdeep":"192:tlrPWGlGyq6jMnnVJDp6gVPs2y2fF/Oi2m7CozZ:tlrPjGyqQWnLDp6gK2y2fEA7C4Z","tlshash":"55f150a53191b5dc8afa6235e0db1319a132b84646b9f036a4b51ce41f78dc4e633fce","size":8067,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-06-24T23:29:28.328903Z","times_seen":1260,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/forumdisplay.php?fid=3","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"6561014543b35259f84b002f9fe2d911","sha1":"9adef30f57086d737f6529d60242be08bf262091","sha256":"0364a328c5f241e4e8af49d0f3088edc26a7372833ea00f6a35bb8279656830d","sha512":"0ddb5d48cb1d3b4e0953e27405bb0e38919b1b4d322be99ca10d349e776d3194340758588e259454e9059a50e77896b05fcbb0545da7410ef1b31f1101c784ef","ssdeep":"","tlshash":"5ed0c795452a930055f36895ce6703090a3612e2394c5a17974697c4744b33dc3a7c99","size":215,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-06-07T05:41:57.504533Z","times_seen":943,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/jscripts/general.js?ver=1821","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"2156f4769004c2e3c7a3f054bed89db2","sha1":"7627a74876803709ef9fa372b2e8a997e2d628ae","sha256":"b68ab79be655fb27de0a4b69d012fad0fc6742dad87b88673b9d530e57d07694","sha512":"180bee2fd55192b78e9e204e57b165ecf69ddeec7a8fc9a908f9ce03c080658c0e5a0f1deb45a1622ef3c2a65131a1f96aae66741e2b168d83c43c522a78eb74","ssdeep":"384:7Hrt3L0wqbPl88aLqh8cOrT6CIJ6X5j3NWR1/jD:HqbPltaLqUXCJ0j3NWRh","tlshash":"34727488ff2c156b41bd306d949f58ccad3c803288945cf7bc6855a4bae8a1e136fd39","size":16206,"data":"","first_seen":"2023-03-11T13:59:01Z","last_seen":"2026-06-27T10:28:50.143443Z","times_seen":105,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gfriends.cc/forumdisplay.php?fid=3","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-28T07:42:29.291Z","timestamp":1701157349291,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /forumdisplay.php?fid=3 HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/7.4.33\r\ncache-control: no-cache, private\r\nset-cookie: mybb[lastvisit]=1701157345; expires=Wed, 27-Nov-2024 07:42:25 GMT; path=/; domain=.gfriends.cc\nmybb[lastactive]=1701157345; expires=Wed, 27-Nov-2024 07:42:25 GMT; path=/; domain=.gfriends.cc\nsid=00ab3df5757c74cfb93b9eea422e8106; path=/; domain=.gfriends.cc; HttpOnly\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 9064\r\ndate: Tue, 28 Nov 2023 07:42:25 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9064,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (379), with CRLF, LF line terminators","md5":"632f6030a1e59fd5feca3ae0d4e0f04f","sha1":"10d42daeb43e5381c5f205486b55d466be47cdf3","sha256":"1962c1230741b58fa70de8640615a0aaee9ea501287a3ef850f08773c2c72af6","sha512":"b4e6215867aedfe9925c921444b6b56977ddeb872480d4687d7702a87dea423ff588f23fa177832b54d170ef44d65b1742f282e5321672088ac7f357704a5716","ssdeep":"1536:gX7yodEkSbChmVgMC4XHuHc7C+ZSS4/pO4a5GgF:gX7yO+6A","tlshash":"fd63535a1a7d677b03c386e3f0922b6764f74ca9a2c4462af5f9860536cff87f416180","first_seen":"2023-11-28T08:42:43Z","last_seen":"2023-11-28T08:42:43Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4246,"timings":{"blocked":147,"dns":0,"connect":25,"send":0,"wait":51,"receive":3895,"ssl":125},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/jscripts/jquery.js?ver=1823","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.897Z","timestamp":1701157349897,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /jscripts/jquery.js?ver=1823 HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:25 GMT\r\netag: \"15d83-61a6835c-5806851;br\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:36 GMT\r\ncontent-type: application/x-javascript; charset=UTF-8\r\ncontent-length: 30120\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Nov 2023 07:42:25 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30120,"size_decoded":0,"mime_type":"application/x-javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65451)","md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-06-29T00:57:32.937755Z","times_seen":17032,"resource_available":true,"data":null}},"time_used":3528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3503,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgbay.al/images/bannerjbz.jpg","fqdn":"imgbay.al","domain":"imgbay.al","tld":"al"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:33.424Z","timestamp":1701157353424,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imgbay.al","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sat, 04 Nov 2023 17:15:39 GMT","end":"Fri, 02 Feb 2024 17:15:38 GMT"},"fingerprint":{"sha1":"DA:AD:59:FD:4C:57:8B:85:58:8E:D4:37:80:D3:DB:FE:60:83:70:D1","sha256":"23:A1:3B:2D:99:8F:20:8E:BD:CB:51:68:CB:32:85:C7:AD:98:45:24:FD:79:77:26:EF:28:C4:24:2A:F4:C5:4E"}}},"request":{"raw":"GET /images/bannerjbz.jpg HTTP/1.1\r\nHost: imgbay.al\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Nov 2023 07:42:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 26720\r\nlast-modified: Fri, 13 Oct 2023 15:45:34 GMT\r\netag: \"6860-6079af26f4380\"\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 2801\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=WRMxk7R%2BCcrz20Mw%2FTR5B%2F2xcyDotgBkZTeie3%2Bjx8xpbXHBes0kUb3vZTYBazl2MOnS%2B1w5Zy1KA7Nlw4%2BWYgNRX3Hj%2BniwdaLe2X27S9TDx7Z%2B0k%2Besrq82Bo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82d0f97affef56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26720,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, datetime=2022:01:13 11:12:46], progressive, precision 8, 468x60, components 3\\012- data","md5":"f2b8e3789f4368fbe8246e144211ee77","sha1":"ba96568bfdd8297b36b4213ad1c9985b6b0c382f","sha256":"d8b409b8800866c03bb548a30ddf9e774830c0f62c46e2af0604f48342165fb5","sha512":"a159a8269b1bb8c3101c03eb730eff389be8e3c4fe09e43831ba4fe63af6a6a82fdaa930930ee81aa21c68c2a546b927882f8ad7f6e4a873612df2f4d0dd1b80","ssdeep":"768:04fsWdOP74TsWdOLkbYyOi4Hdkn/vz3OhXHg:IWdOEQWdOLkbcdknHDIw","tlshash":"a4c2ae25bb81dd52f9f5837868e1e3f37702aca65363aa01b44d35127f313d2dc0a1aa","first_seen":"2023-10-18T22:39:19Z","last_seen":"2024-08-21T04:11:18.393887Z","times_seen":17,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":45,"dns":32,"connect":1,"send":0,"wait":7,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.imgur.com/sJJfBUA.jpg","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"151.101.244.193","port":443,"asn":54113,"as":"FASTLY","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:33.417Z","timestamp":1701157353417,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Mon, 13 Mar 2023 00:00:00 GMT","end":"Tue, 12 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"D6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC","sha256":"83:94:AA:67:D9:97:56:CE:9E:F6:D9:BB:3E:2E:F2:54:0A:42:BB:7D:96:26:E4:EF:46:4B:C1:DF:44:96:9C:53"}}},"request":{"raw":"GET /sJJfBUA.jpg HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 21 Dec 2021 11:32:37 GMT\r\netag: \"67281a493cd7b35b287e5cc465353096\"\r\nx-amz-cf-pop: IAD89-P1\r\nx-amz-cf-id: OieXMn16C_4h3SrT4rl9G4tdKzCFlahNp8POZO7lJAPHWo8Llb6PwA==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:29 GMT\r\nage: 4822355\r\nx-served-by: cache-iad-kjyo7100101-IAD, cache-hel1410023-HEL\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 8104, 1\r\nx-timer: S1701157350.608513,VS0,VE1\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 9863\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9863,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 270x89, components 3\\012- data","md5":"67281a493cd7b35b287e5cc465353096","sha1":"859b1e6bc51ee580b0c4db9d4894afd3719faed4","sha256":"2f6c5d9ae30c6d7f705d39d8cc394a5f2a233afec59039e3c5af9987d16bd6dd","sha512":"6c9a3bb2214a76af33b0c7f3b72d2ee32e4e9532dadb2a5cf0174f1bb59fb9864ef679bd14a1c00f28c219dd921786d6cedc7684b3e02a49dd0d37cbe2eb8de2","ssdeep":"192:XKp++YJOY5MWA+m3SKLWKJxuiD8lH5+g/+xLJugiJNmtILpEizVX8v02sUE:6p+tjm3SKLPxj8lH5+I+xQgiJNmelGrq","tlshash":"9112bfefc9f73ecaeadad5a253a0c58b7449eb09534f26240179101bf157d47668c202","first_seen":"2023-11-19T08:39:07Z","last_seen":"2026-03-28T07:25:35.736976Z","times_seen":13,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":60,"dns":14,"connect":14,"send":0,"wait":15,"receive":2,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.imgur.com/nlBCajT.jpg","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"151.101.244.193","port":443,"asn":54113,"as":"FASTLY","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:33.428Z","timestamp":1701157353428,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Mon, 13 Mar 2023 00:00:00 GMT","end":"Tue, 12 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"D6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC","sha256":"83:94:AA:67:D9:97:56:CE:9E:F6:D9:BB:3E:2E:F2:54:0A:42:BB:7D:96:26:E4:EF:46:4B:C1:DF:44:96:9C:53"}}},"request":{"raw":"GET /nlBCajT.jpg HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 23 Mar 2023 16:27:43 GMT\r\netag: \"22df69eb7bd821b9c02c652bd9a4d682\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-cf-pop: IAD12-P2\r\nx-amz-cf-id: Ts-iIRRbTXa7XVCg3HK-Jiter2GQ5p9AmR-MkjN8IkHPtgBc52seGQ==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:29 GMT\r\nage: 2914718\r\nx-served-by: cache-iad-kiad7000068-IAD, cache-hel1410023-HEL\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 29643, 1\r\nx-timer: S1701157350.611686,VS0,VE1\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 7139\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7139,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 468x60, components 3\\012- data","md5":"22df69eb7bd821b9c02c652bd9a4d682","sha1":"e83baec09aee740980109d3c54960d477136a31e","sha256":"9682fbd94b1bd799ad9b82a0309980bf5dc0f0b68566e432dfbe6c43159e0450","sha512":"8766e2ce6fe78daf385d938c4353918c4f6cf5d5169be2fe860fffa687938eb2ae77c45416a61802a25ea4fad9d5b098e31453567ccc18b997cafa8b0b292300","ssdeep":"192:kZ4+QQAWn8ClYKvx2rKim6zg/o9YjeBE1om46/WVSzx:k69QA2HiKBoM/oAME1N/uOx","tlshash":"7fe18d4eb4009134da5dfff02649aac2ee37df6e9e4ac21d94c300de88a14b236981e1","first_seen":"2023-05-10T14:20:13Z","last_seen":"2025-03-23T23:31:50.234469Z","times_seen":20,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":51,"dns":18,"connect":14,"send":0,"wait":15,"receive":1,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.usertrust.com/","fqdn":"ocsp.usertrust.com","domain":"usertrust.com","tld":"com"},"ip":{"addr":"104.18.38.233","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-28T07:42:33.612187624Z","timestamp":1701157353612,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.usertrust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Nov 2023 07:42:29 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 472\r\nConnection: keep-alive\r\nLast-Modified: Mon, 27 Nov 2023 03:56:46 GMT\r\nExpires: Mon, 04 Dec 2023 03:56:45 GMT\r\nEtag: \"34ac29afa7abebce09735230f0ca18b93ed4492c\"\r\nCache-Control: max-age=597752,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb2\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: HIT\r\nAge: 322\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 82d0f97bdbda0b02-OSL\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"b1acd1df961d0ba68a25d2ef7ad23ed4","sha1":"34ac29afa7abebce09735230f0ca18b93ed4492c","sha256":"5f5bf2f3613638e998b6231d5df626f2767d6a09a279428b29cffb7d53ba465e","sha512":"3712d48eddd8fd39db2160212e1d2620c26b249871b754a88da36b8cef194854c1c1948befeb74eb53e315fe72309bfb904ffca9a047e1f8edd4f61fa1aa41bb","ssdeep":"","tlshash":"84f05440475128650c4c039297062874d054aba684508c6624fc63a6e385b9221d4dfe","first_seen":"2023-11-28T02:21:15Z","last_seen":"2023-11-29T14:27:16Z","times_seen":4,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img84.pixhost.to/images/91/342300511_e620c130c290fa338edab22adee031249badea59.jpg","fqdn":"img84.pixhost.to","domain":"pixhost.to","tld":"to"},"ip":{"addr":"94.229.45.2","port":443,"asn":48326,"as":"DataNetworks s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:33.429Z","timestamp":1701157353429,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pixhost.to","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Nov 2023 09:27:11 GMT","end":"Thu, 15 Feb 2024 09:27:10 GMT"},"fingerprint":{"sha1":"B0:B6:D4:33:92:18:0E:B3:78:E5:26:C5:B8:29:59:C7:9F:FB:F3:FC","sha256":"89:EC:09:36:75:79:26:C5:20:BA:5D:2C:B8:B8:19:7B:6A:D5:EB:8B:EB:BE:42:59:9B:D3:4A:07:08:42:83:49"}}},"request":{"raw":"GET /images/91/342300511_e620c130c290fa338edab22adee031249badea59.jpg HTTP/1.1\r\nHost: img84.pixhost.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.10.3 (Ubuntu)\r\nDate: Tue, 28 Nov 2023 07:42:29 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 11902\r\nLast-Modified: Sun, 19 Mar 2023 17:10:13 GMT\r\nConnection: keep-alive\r\nETag: \"641741f5-2e7e\"\r\nCache-Control: max-age=604800, public\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11902,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 468x60, components 3\\012- data","md5":"3ea26b77d46850c793f8c254781b277f","sha1":"e620c130c290fa338edab22adee031249badea59","sha256":"f8d197c26b6084e6f96c3af6d387f3a37d4827a63207a8347802e4221b4ad3c5","sha512":"57a8a83701a2bb28ab3fe6f5fdf853a6b969a104f9c49e9763cc7f6211e2fb85bd9fc96673f31d6ae005ec6d9fff00b7360359e18b515763c1adf65611943614","ssdeep":"","tlshash":"","first_seen":"2023-11-19T08:39:07Z","last_seen":"2023-11-28T08:42:44Z","times_seen":2,"resource_available":false,"data":null}},"time_used":409,"timings":{"blocked":180,"dns":57,"connect":33,"send":0,"wait":34,"receive":1,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images2.imgbox.com/ad/24/KoUmVeGK_o.jpg","fqdn":"images2.imgbox.com","domain":"imgbox.com","tld":"com"},"ip":{"addr":"212.63.223.226","port":443,"asn":30880,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:33.423Z","timestamp":1701157353423,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imgbox.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Fri, 20 Oct 2023 00:00:00 GMT","end":"Tue, 19 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"C6:95:D3:4F:93:91:25:67:D4:E7:4F:4F:27:C3:8A:CC:7E:6F:D4:92","sha256":"65:8C:16:AF:A1:26:78:9B:77:2A:F2:C6:3D:C7:80:85:59:56:62:B9:2C:E1:B2:C3:A8:E4:ED:3D:4F:4E:3E:80"}}},"request":{"raw":"GET /ad/24/KoUmVeGK_o.jpg HTTP/1.1\r\nHost: images2.imgbox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.14.2\r\ndate: Tue, 28 Nov 2023 07:42:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 9928\r\nlast-modified: Fri, 13 Oct 2023 10:12:46 GMT\r\netag: \"26c8-607964c3fc380\"\r\nexpires: Wed, 14 Feb 2024 03:13:25 GMT\r\ncache-control: max-age=10686882\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9928,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 472x68, components 3\\012- data","md5":"1d0e8e6a50af4ab4672077b5d2cce151","sha1":"c6b0afe9bfc14a0c65bb8c71d2a29b7b08f3b195","sha256":"05eec284e4176a57025fcd9eab935c04144dff18e30e35165ab63bc3660c7a56","sha512":"b3b69a45f447ab0298b4cca6ebd1722e56efde3c3184e1b994ecb4f89064b642e77d7bf927a158dda02787391c410aabae1d8469b1ba61eb8dc3f3c7d7191ddd","ssdeep":"","tlshash":"","first_seen":"2023-10-18T22:39:19Z","last_seen":"2026-05-29T07:11:59.849516Z","times_seen":47,"resource_available":false,"data":null}},"time_used":425,"timings":{"blocked":191,"dns":30,"connect":60,"send":0,"wait":31,"receive":0,"ssl":110},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abload.de/img/07tc472xeijh.jpg","fqdn":"abload.de","domain":"abload.de","tld":"de"},"ip":{"addr":"88.99.80.27","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:33.432Z","timestamp":1701157353432,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.abload.de","organization":""},"issuer":{"commonName":"AlphaSSL CA - SHA256 - G4","organization":"GlobalSign nv-sa"},"validity":{"start":"Sat, 15 Apr 2023 09:37:15 GMT","end":"Thu, 16 May 2024 09:37:14 GMT"},"fingerprint":{"sha1":"5A:21:FB:47:C2:E6:7D:7F:C0:52:67:56:64:1F:2D:45:03:7E:41:BB","sha256":"D9:21:29:A3:CD:BD:BF:D6:D4:71:D6:4A:A3:80:8D:78:17:60:37:16:60:27:FA:F7:B0:7A:02:FF:77:A4:50:EF"}}},"request":{"raw":"GET /img/07tc472xeijh.jpg HTTP/1.1\r\nHost: abload.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Nov 2023 07:42:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 12086\r\nlast-modified: Fri, 13 Oct 2023 10:10:02 GMT\r\naccept-ranges: bytes\r\nx-robots-tag: noindex\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12086,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 472x68, components 3\\012- data","md5":"b86d2fd0404f1cd0938887ada4acd2fc","sha1":"eb572f38a5eef9c6bc5d0dd8ba0eabe5a59eaf6e","sha256":"219361014925e2038e4dd66e52d2f45db67a7bc2d465dff404eee88a168946de","sha512":"e9511dce068c3d2967df7688bff188046a870804896333ffcaa4c2d8bf9b18e392df05c833702959877ed2ca39db29079c29ce5357bf34c58773bec0f30f425b","ssdeep":"192:pHrFC9rOvOwh13vbfCrsOYc23mqMG6gkp3btgV7HMUj26i3K/K/Gxb5p/evyCKka:pLFy0h1TCrh23mZ6MG5sUy6i3K/Kqb5P","tlshash":"0042d056be261313ebf4a66551404ffc07a09f0e264f9db8bff0320218142479e74ad9","first_seen":"2023-10-18T22:39:19Z","last_seen":"2026-02-18T09:24:22.652602Z","times_seen":56,"resource_available":false,"data":null}},"time_used":554,"timings":{"blocked":207,"dns":59,"connect":67,"send":0,"wait":127,"receive":1,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/jscripts/jquery.plugins.min.js?ver=1821","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.900Z","timestamp":1701157349900,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:26 GMT\r\netag: \"39cf-61a6835c-5806853;br\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:36 GMT\r\ncontent-type: application/x-javascript; charset=UTF-8\r\ncontent-length: 4075\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Nov 2023 07:42:26 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4075,"size_decoded":0,"mime_type":"application/x-javascript; charset=UTF-8","magic":"ASCII text, with very long lines (14798)","md5":"cf1f71e20e14765d6d5ea640aa4f7fc7","sha1":"d1f3a0e46dd50d3a4d1839cb821ad42802619def","sha256":"a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149","sha512":"db3f8dba9327793a4d00b0e1266ef60d6f2424ab1235d673def9ee026be896aa10cb02e0b95f8b82bdf76ac49720662c84fa2b419026178c905c5a9c2f1bff0a","ssdeep":"384:HWwrEXSUb3GjSPqGorxn+viQRvuB6haZ7braU:HWmE/3G2hcraU","tlshash":"f662924fba7523a48aff2177a01f196521339db508c24858f1bd87d95d78c0492afb3e","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-06-28T02:55:13.877605Z","times_seen":1939,"resource_available":true,"data":null}},"time_used":5502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3527,"receive":1975,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/jscripts/general.js?ver=1821","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.902Z","timestamp":1701157349902,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /jscripts/general.js?ver=1821 HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:26 GMT\r\netag: \"3f4e-61a6835b-580684c;br\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:35 GMT\r\ncontent-type: application/x-javascript; charset=UTF-8\r\ncontent-length: 4242\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Nov 2023 07:42:26 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4242,"size_decoded":0,"mime_type":"application/x-javascript; charset=UTF-8","magic":"ASCII text, with very long lines (322)","md5":"2156f4769004c2e3c7a3f054bed89db2","sha1":"7627a74876803709ef9fa372b2e8a997e2d628ae","sha256":"b68ab79be655fb27de0a4b69d012fad0fc6742dad87b88673b9d530e57d07694","sha512":"180bee2fd55192b78e9e204e57b165ecf69ddeec7a8fc9a908f9ce03c080658c0e5a0f1deb45a1622ef3c2a65131a1f96aae66741e2b168d83c43c522a78eb74","ssdeep":"384:7Hrt3L0wqbPl88aLqh8cOrT6CIJ6X5j3NWR1/jD:HqbPltaLqUXCJ0j3NWRh","tlshash":"34727488ff2c156b41bd306d949f58ccad3c803288945cf7bc6855a4bae8a1e136fd39","first_seen":"2023-03-11T13:59:01Z","last_seen":"2026-06-27T10:28:50.143443Z","times_seen":105,"resource_available":true,"data":null}},"time_used":5502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/cache/themes/theme1/global.css","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.905Z","timestamp":1701157349905,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /cache/themes/theme1/global.css HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:26 GMT\r\netag: \"79b3-61a68341-1a0e345;br\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:09 GMT\r\ncontent-type: text/css; charset=UTF-8\r\ncontent-length: 5807\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Nov 2023 07:42:26 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5807,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"625916f0e174ce5878c641a8e6ab4d55","sha1":"0adb906f55c50797eebf4e4af1dde6f960adfe46","sha256":"2bd4832e24833c6bb33870e9a4cf6bc6841c3d83dc60e119f8abb84ca7d8832c","sha512":"2597b0215fb86044641465dc6403a2c8e2e0e492e0bfa8742989d48198528bf3aaeb71d4f472babd32e7d0c7c1e33721d22e3e63e6d98f66177fa29283da5412","ssdeep":"768:SSlX9UEND0StaM7xZ6h6tLSGOL3aLnSbcAm4na:SSB9UENCMrLSGO+Ln4na","tlshash":"c4e2507b35511989720f90eafe15dbd9272f0092be1e1f25b4ad3d7ca3894e01137e98","first_seen":"2023-05-10T14:20:13Z","last_seen":"2024-12-22T08:26:25.448663Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5502,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/cache/themes/theme1/star_ratings.css","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.907Z","timestamp":1701157349907,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /cache/themes/theme1/star_ratings.css HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"529-61a68342-1a0e34c;br\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:10 GMT\r\ncontent-type: text/css; charset=UTF-8\r\ncontent-length: 392\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":392,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"ce9c2a1ed05902cdaf4b4f5f0a609ceb","sha1":"9bdc1eed1b2a72b7099ceef0bd547e5003391f62","sha256":"e3442a0ea1d9596000bbbdedcef16335b7db116b6543c1fa40d9c309606dc077","sha512":"d0a0a50b55234012776c054bcd36eb4b382e4cf77f13e45c24bcd3210b418e1acb004cafac71c734cc4232a536452f115182ad14586b5921c99f5d25ef48541e","ssdeep":"","tlshash":"58217c30151e2b4ffe0ab2081c584be8163f0444bb1a0e4ceb7e29e8e6475dc13bac0d","first_seen":"2023-05-21T21:48:04Z","last_seen":"2026-06-22T18:48:35.190825Z","times_seen":787,"resource_available":false,"data":null}},"time_used":5528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/cache/themes/theme1/css3.css","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.911Z","timestamp":1701157349911,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /cache/themes/theme1/css3.css HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"c2a-61a68341-1a0e343;br\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:09 GMT\r\ncontent-type: text/css; charset=UTF-8\r\ncontent-length: 531\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":531,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"926db993b5ce157d2f8dc0a3ebbb198b","sha1":"7b31fcb7d12af07bb714c01c03e13857a98a2bc3","sha256":"ca63f43eff03f479ba21b135c7164d4ff0eef2d0cf3cea4767c1c52c14833f6e","sha512":"b4123c9f2322e53f026cb79d2a1d6974fe865847e765a4dbb26df9dc00885f2e02ec727132c2e192dd3718adc49dd846a5448a410cdafcf9d90273518e688a04","ssdeep":"","tlshash":"ad5152bf341c06986326e94aba19dee3718f03136576aca5f1d0fc3c1202dbe5e558ad","first_seen":"2023-05-11T01:58:08Z","last_seen":"2026-06-28T02:55:13.876418Z","times_seen":933,"resource_available":false,"data":null}},"time_used":5527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/jscripts/jeditable/jeditable.min.js","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.913Z","timestamp":1701157349913,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /jscripts/jeditable/jeditable.min.js HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"1f83-61a6835c-5a02326;br\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:36 GMT\r\ncontent-type: application/x-javascript; charset=UTF-8\r\ncontent-length: 2021\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2021,"size_decoded":0,"mime_type":"application/x-javascript; charset=UTF-8","magic":"ASCII text, with very long lines (826)","md5":"4f332fdf2de4e25eb3f5611bf7b6c354","sha1":"53e8a6136fa9af4fe8b50e8068899da860657e1b","sha256":"b76e0536e5ae607a8453dc2dd7ac8d08779ba93e8f8700113ee2c1106f31fd79","sha512":"259739d36bf7b4b74dc94b3b33433e1822f0792944f0126636ace5004d1f68a850fc7734c3ef1357502b14792116dd1cc4b091ecd3c9b4b66d6b4e1b8266cb43","ssdeep":"192:tlrPWGlGyq6jMnnVJDp6gVPs2y2fF/Oi2m7CozZ:tlrPjGyqQWnLDp6gK2y2fEA7C4Z","tlshash":"55f150a53191b5dc8afa6235e0db1319a132b84646b9f036a4b51ce41f78dc4e633fce","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-06-24T23:29:28.328903Z","times_seen":1260,"resource_available":true,"data":null}},"time_used":5525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/jscripts/inline_edit.js?ver=1821","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.914Z","timestamp":1701157349914,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /jscripts/inline_edit.js?ver=1821 HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"802-61a6835b-580684e;br\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:35 GMT\r\ncontent-type: application/x-javascript; charset=UTF-8\r\ncontent-length: 781\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":781,"size_decoded":0,"mime_type":"application/x-javascript; charset=UTF-8","magic":"ASCII text","md5":"3781858ba413bfc2e58e9546669f097f","sha1":"3f9d6c9d1506b4d8ec3b1a7ba600f472f4cf0872","sha256":"a14ce315b9b11ef33e3ccd59a39f026336ae6a5af17a5672266435afa0af4652","sha512":"de8cfa1433891021350d06203feb45d16d7a72dbf9cbe0baaf2fa41f810691ce83671363024e49adb71e102daff6d60f410ee511a093baba1c9cab94d71fe251","ssdeep":"","tlshash":"6051f027ba34873a4444ffa4d27bc254961b9c18747349a12d24bc87098d89ced72c7f","first_seen":"2023-03-11T20:45:21Z","last_seen":"2026-06-04T18:41:40.514381Z","times_seen":47,"resource_available":true,"data":null}},"time_used":5524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5524,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/logo_gf.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.916Z","timestamp":1701157349916,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/logo_gf.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:26 GMT\r\netag: \"5bde-61a68345-200a6b9;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 23518\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:26 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23518,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 370 x 85, 8-bit/color RGBA, non-interlaced\\012- data","md5":"2e4d4f13f597224040a52397b2eaf222","sha1":"c31da4d036c4f174ec80ad5420b6842006741d91","sha256":"d30cbf0e497be6ec1101b3d8e12e384ced1488d14862a93787170baa75bfec13","sha512":"a14208bcbcfe349e1d74ff104e01301357e4ef324dcfe6f95443629c250d3dfb8b7e2f22c9fdc6dce0231802db71dec2caafcfd06802d33140cf445be0d49b68","ssdeep":"384:QGN6ljiw3LHmyETjNApFwHyHwXCUIdhAAcM1MbBsk/VaNy18O3UyDJcCNw1iqusc:Q/jVSTxgHO/IfAAcM1MHgy1ZNsiR","tlshash":"e7b2e151e40dcc792ee68ed3aa2f1928d451be77609ad185e04d1e882f63cf87ce5d31","first_seen":"2023-11-19T08:39:07Z","last_seen":"2026-01-15T18:54:41.575801Z","times_seen":4,"resource_available":false,"data":null}},"time_used":9465,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3494,"receive":5971,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/nav_bit.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.920Z","timestamp":1701157349920,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/nav_bit.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"56-61a68345-200a6bd;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 86\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced\\012- data","md5":"918839ed4dd4400570446568b618d34a","sha1":"b5e3d9cc407bf5b777d184e17cda2d1962abdb26","sha256":"59d3751e6d307cdf95243f8d969e93de7a67f631e173b7d7d9faf3086d2afc9e","sha512":"2f0a2ccc18d73389c4788ab3879fce3bc3f3052afd35afda5776978e33f2e0ad62ca9a0fe2837f1c0170ede081e29c7d81e37191c0b4b49ed775fc0f44415229","ssdeep":"","tlshash":"16a011e223a00e38e20a0323a008222aecf0020c2a30280808a88aa8220888882c02cf","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-06-28T08:00:01.563349Z","times_seen":920,"resource_available":false,"data":null}},"time_used":9463,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/icons/heart.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.921Z","timestamp":1701157349921,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/icons/heart.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"27d-61a68348-2a059d8;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 637\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":637,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\\012- data","md5":"41a0b6e3ef059b9507b4b0616808c408","sha1":"3739d0c95531d18e6d1ddad097e84e3e8192281e","sha256":"2e3d03afd2a3b318757ea9b66dfaa9335df241746620a6ab69dea8cae591b926","sha512":"7e8fcb1ad7f51b60dd8ecf99349ad47d5e5ed1e4d9b9d4bc187309cd811c978b0927975d50f9974467687116bb86caae652ba1f44fd0da9dda39a5935dc13da5","ssdeep":"","tlshash":"","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-06-25T10:37:28.631935Z","times_seen":37,"resource_available":false,"data":null}},"time_used":9463,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/jump.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.922Z","timestamp":1701157349922,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/jump.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"131-61a68344-200a6b7;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 305\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":305,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\\012- data","md5":"4edbd2227ba89f7f4a5356c934728532","sha1":"64d76050b2f5d1cc8d6b5eb45db5146c60779be6","sha256":"65d5b4ca887168420193f5fad6cd1762cfe160f3d321490593c858c571545409","sha512":"8e6476356f6dba88d6f01d8c066c2b766f95eccb4fd5e875dc16b8476d60f48682562dbec785665319a2dfa11a42163b42be7a7534a7d19520804ca8f7455578","ssdeep":"","tlshash":"dae0e7d272177e3cc10155b9100920f4dc3f109c1750880ccd49523c68a2a5dddd04e5","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-06-04T18:41:40.519836Z","times_seen":43,"resource_available":false,"data":null}},"time_used":9464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9463,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/icons/photo.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.927Z","timestamp":1701157349927,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/icons/photo.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"1ee-61a68348-2a059de;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 494\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":494,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\\012- data","md5":"e3217999f23fd57795679a64d847cdf0","sha1":"5b57947a4c8518a1d2476b597953be71f64840a9","sha256":"461bd09d8e3254f5c10e57375930a5ad64a85a10437b03c8c8c2c97eee02f062","sha512":"a8274200e72a6f4c2f2ee41f01a24d25ea3228c3486df3c4c86df8b25716cc11ee954544017e962b5c3f3475541d5a3627e7be40cb44028eff7f8ef2bbc86867","ssdeep":"","tlshash":"","first_seen":"2023-11-12T04:35:13Z","last_seen":"2026-05-27T06:27:19.679424Z","times_seen":9,"resource_available":false,"data":null}},"time_used":9464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9464,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/icons/exclamation.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.928Z","timestamp":1701157349928,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/icons/exclamation.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"244-61a68348-2a059d6;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 580\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":580,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\\012- data","md5":"560c93b0c202c008a8738ca9480eda6a","sha1":"803235198664b1cfebf5966ab68324673a893650","sha256":"e19e63d9556ee7aec4673d8c916d3932a2cda9f87ad0cfb9d9fb5938e46b7597","sha512":"dc0ea6fa753205006ec60c84e01d6d7dd5aed0f824cd694ea0b6271d2edd375df861c8fcbd1c14d2dd0564930cf395486cf6cc8baa12320fa19535ed73ad4eb5","ssdeep":"","tlshash":"6cf0b76377897ce0154dd13a0312f43362e922cd18b32dc8020790a3d0da67004c8026","first_seen":"2023-05-21T21:48:04Z","last_seen":"2026-06-25T10:37:28.603604Z","times_seen":24,"resource_available":false,"data":null}},"time_used":9463,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/icons/smile.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.929Z","timestamp":1701157349929,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/icons/smile.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"28c-61a68348-2a062c4;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 652\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":652,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\\012- data","md5":"8b2e7b82b98a0e3130004f616c32cbce","sha1":"28e2882858f4dbbad07dce4ba16458f77d23ddd6","sha256":"673da387f6257806541460f8682a879019f581a2cbd98ab46042c4d18fdc4bc2","sha512":"4555fcda5c616a0e92512ecfa8782a3d30443e7877e9a19c25ffe5384ec3cfefcdf196e7e0650f6fcd735a307b3672653a7680119726f219b5444c4670e739c2","ssdeep":"","tlshash":"","first_seen":"2023-11-28T08:42:44Z","last_seen":"2026-06-06T16:31:35.617006Z","times_seen":3,"resource_available":false,"data":null}},"time_used":9463,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/icons/star.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.931Z","timestamp":1701157349931,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/icons/star.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"21a-61a68349-2a062c6;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:17 GMT\r\ncontent-type: image/png\r\ncontent-length: 538\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":538,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\\012- data","md5":"47a8fb962f258b2f6949b9df6a5864aa","sha1":"4eb41316a1220d75dca90d8fd0f82cf89f9b59cd","sha256":"a25bdfe56099b76c302d48a42b538caace7542b21b1f20a08ebd417cf77eeb86","sha512":"cbfbe5394dd3c140c73bb864286ce74778af4dc5e3ea9f7836861db1b8b240815b5e08dddb05e845612742abb8c2ee56976cfa76a454c3ccdf9b58aaa15a662e","ssdeep":"","tlshash":"","first_seen":"2023-11-28T08:42:44Z","last_seen":"2026-06-25T10:37:28.594089Z","times_seen":35,"resource_available":false,"data":null}},"time_used":9463,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/headerlinks_sprite.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:35.521Z","timestamp":1701157355521,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/headerlinks_sprite.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/cache/themes/theme1/global.css\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"926-61a68344-200a6b4;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 2342\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 196, 8-bit colormap, non-interlaced\\012- data","md5":"e38f7f29cf3f740d7dc3651cb82098ec","sha1":"65787e91831d3707a9ec747ab272c1fb5d52b2d8","sha256":"bc8ea31d4d1a30effac6bed60a41d1ec64a7cd42a711c694a103e42da7aa4c0a","sha512":"160481f72d35abdbc7114bb1164915891335978ad8f60529af7e03082cbd29b833e761f97422838e05161ccbffc8b9760573ae27a3f35f367342f98b1abceacb","ssdeep":"","tlshash":"cb414bbb7671dd3c78f04437a0e7f598ee505e2c59948d762898b1909d3008294b1c88","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-06-28T02:55:13.848839Z","times_seen":1122,"resource_available":false,"data":null}},"time_used":3842,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3842,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/tcat.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:35.524Z","timestamp":1701157355524,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/tcat.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/cache/themes/theme1/global.css\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"83-61a68345-200b4ca;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 131\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":131,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 60, 8-bit/color RGB, non-interlaced\\012- data","md5":"10b96a318e186e39860a5945a9071b92","sha1":"daa068efc07bb97ff0a2af218aedebbb28c9f1bb","sha256":"91697e7d6cc941b2bff9f05520c0c22b95d460a655e65b480452ce60da209cdf","sha512":"7b1f7e9ee0a9157cf0edebfd597a9f1a7bf42bb1062c63b420a86234799b2db8bc707d4d570d4b5dab3c192347543f35c15767528eb3b390e3b03150e843c33c","ssdeep":"","tlshash":"11c02bf277614836ec150f770fd50124f9b0464072f52620004f80313c71104d4441c2","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-06-28T02:55:13.878171Z","times_seen":1064,"resource_available":false,"data":null}},"time_used":3842,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3842,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/thead.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:35.529Z","timestamp":1701157355529,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/thead.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/cache/themes/theme1/global.css\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"73-61a68345-200b4cb;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 115\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":115,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 40, 8-bit/color RGB, non-interlaced\\012- data","md5":"96dfa0b7296d710946b220639f5a9d1c","sha1":"40838eabc4f6384d72ec9adca7a773fc4db21c44","sha256":"d2d9d86e65050d0197318b4478cff3931f3e7a071bdee4f12364c2c47d4d576f","sha512":"7d2df3e6522d5253eabf321574f9b319f2f5504a2fc469d4d4c49c5a8bdb68e13273ce62c88d8926163ac5a754d211d228765be73b8826cd8aef23211e39000c","ssdeep":"","tlshash":"e0b022c2ba02ac28e8e2a23382080302ac30022c0fa022000008c0088ab2388c088383","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-06-28T02:55:13.867948Z","times_seen":1009,"resource_available":false,"data":null}},"time_used":3837,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3837,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/folders_sprite.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:35.531Z","timestamp":1701157355531,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/folders_sprite.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/cache/themes/theme1/thread_status.css\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"1185-61a68344-200a6b1;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 4485\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4485,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 340, 8-bit/color RGBA, non-interlaced\\012- data","md5":"a8a79584d9a93d092b19b6a7c7bd78e2","sha1":"cc20c6864cabef4a78c92d176412d4a580fb1992","sha256":"fa836188e344f3a4427164dbea1cc39b8aee32be68885acb09c3df986c4a4e7c","sha512":"549123125aca8ac3fad70cb5c542fe52792b0d7feebf2d75854b0ed275db6f840d8af6908c9e5c366ae6da5687422eacb880e0da545d1a4be1959901dab496e2","ssdeep":"96:rnc7giRu6ZJ7JRRYd1Rnv4xN9bzlRH3y0HjjENLz:r4Tv/RgKfzHCmjjkLz","tlshash":"29917c5b95eb97e5253092d40fba1138727704ac9510dccba40aae6ecf0638cce65968","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-06-04T18:41:40.507286Z","times_seen":44,"resource_available":false,"data":null}},"time_used":3833,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3833,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/buttons_bg.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:35.535Z","timestamp":1701157355535,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/buttons_bg.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/cache/themes/theme1/global.css\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"65-61a68344-200a6a8;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 101\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":101,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 30, 8-bit/color RGB, non-interlaced\\012- data","md5":"10ce6152f07ec77d9f78d381f7509a05","sha1":"24a50f65d81e1546d9f3ae802ee90be3d791fc8f","sha256":"259e21c6d7c25318e4bc00d2a3ee1b48e24679da1346c2af7718fbb7703f3025","sha512":"f1696601b2112b665d7fe0e7384fcda34962296fcf2153f235008ca954891126052655207c557e740482df62999bfd869b496cd465e097b69f56e35aa5a2b8fd","ssdeep":"","tlshash":"7fb012d6bad0dc3ce39a4563c5110b10f570d2ad074536381c969a385561b00c1d0785","first_seen":"2023-05-11T01:58:08Z","last_seen":"2026-06-27T22:58:26.027934Z","times_seen":916,"resource_available":false,"data":null}},"time_used":3827,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":3825,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/images/favicon.png","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:36.918Z","timestamp":1701157356918,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /images/favicon.png HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:33 GMT\r\netag: \"2b4-61a68344-200a6b0;;;\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:12 GMT\r\ncontent-type: image/png\r\ncontent-length: 692\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:33 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":692,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\\012- data","md5":"830cf5601b6256ba9ecaeb3648a1efe2","sha1":"3bf4b4bde463201a9ec01e53f905b8ae1c758986","sha256":"2bd36adfa29944fd23de7f94c5b848b733db0d73d7fcdfbf35201cf8db1b5d2b","sha512":"32fb073e81f93d514d13216e203585f9f47541279ce082c0b96418bd400ce01b5f3e5b84dfe77fe4abc7f45daee23a0744e0f6309974225bd5fc6473a3b8a498","ssdeep":"","tlshash":"ad018851b74076bd9dd2047045331b40d2e7442cd2290ed977118f7e365abe8685ef36","first_seen":"2023-11-19T08:39:07Z","last_seen":"2026-01-15T18:54:41.570458Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2443,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gfriends.cc/cache/themes/theme1/thread_status.css","fqdn":"gfriends.cc","domain":"gfriends.cc","tld":"cc"},"ip":{"addr":"46.8.220.88","port":443,"asn":204490,"as":"Kontel LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gfriends.cc/forumdisplay.php?fid=3","date":"2023-11-28T07:42:29.909Z","timestamp":1701157349909,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gfriends.cc","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Sep 2023 10:36:14 GMT","end":"Fri, 29 Dec 2023 10:36:13 GMT"},"fingerprint":{"sha1":"BD:FA:DF:A8:AE:F7:6F:90:32:EE:FB:F8:37:8E:1C:79:EC:E5:EB:19","sha256":"3A:B4:26:B0:02:FA:78:AD:5F:62:0B:F5:E9:CD:B0:F1:70:F3:91:94:8E:19:34:9E:6C:52:B0:BA:F7:6B:CC:F9"}}},"request":{"raw":"GET /cache/themes/theme1/thread_status.css HTTP/1.1\r\nHost: gfriends.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gfriends.cc/forumdisplay.php?fid=3\r\nCookie: mybb[lastvisit]=1701157345; mybb[lastactive]=1701157345; sid=00ab3df5757c74cfb93b9eea422e8106\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=86400\r\nexpires: Wed, 29 Nov 2023 07:42:31 GMT\r\netag: \"500-61a68342-1a0e34e;gz\"\r\nlast-modified: Tue, 30 Nov 2021 20:02:10 GMT\r\ncontent-type: text/css; charset=UTF-8\r\naccept-ranges: bytes\r\ndate: Tue, 28 Nov 2023 07:42:31 GMT\r\nserver: LiteSpeed\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1280,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (1376), with no line terminators","md5":"9c7c88d9123c1875a92e9189b0ce7fa6","sha1":"d7b28ff2f413e6fe4e74964fa70c285c0e81ca3a","sha256":"ab740d5f6673c1ef2e49933ae12dc5979a673e6493f976ecdd3bba2c3c574640","sha512":"1335bf8f53369d6a25988352b67316d214aee676989d24bb77aa0ab97b67814125d667b6cda203353456e2667fc042649cffff6610e52cf64cd6e722c23f012c","ssdeep":"","tlshash":"2d21ce492de62388bda7dde464da0fb4047fa401d49e0b2dc43e7678a7ec4c8d0569b9","first_seen":"2023-11-18T04:03:52Z","last_seen":"2024-08-29T17:27:44.224538Z","times_seen":4,"resource_available":false,"data":null}},"time_used":5528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}