{"report_id":"62ffc557-4de9-43bd-9d7e-0511d6411d99","version":0,"status":"done","tags":[],"date":"2026-07-02T12:46:52Z","url":{"schema":"http","addr":"gom-player.app","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"104.21.56.98","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gom-player.app/","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"title":"GOM Player - Professional Media Player for Windows | Free Download","dom":{"size":179649,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (334)","md5":"2ab9e2405ca1aeb7e3e4128b0bba0516","sha1":"13db3199e285ec490600e6ae53ee9211780de7d6","sha256":"22b50c851276275f0432ec8b1ebd675c6b6ba1c677e90346c6c86c8c2a419a4a","sha512":"fbe7ccbdee3fd0ad7c9119af2e68f6c6568ae7864736089d35c526a93f5c79db55e9c974786ab190fd3f2f8408a3f31a17e7bf9940f1aea5150a8bf4a09a9ac8","ssdeep":"3072:YT2e+ZaL3xx9jvyB3RH09HGU3oVmCbf9XQfIsS6y0z:YT2e+ZaL3xx9jvyB3RH09HGU3oV/VnMz","tlshash":"5604b72572f555ba7c53a3f9e78e762e7a28d087d92b8848b5dc01209fc39f6cd83610","dom_hash":"domhash6040ed44e6db3c22bd637957d740748e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gom-player.app","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"104.21.56.98","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-06T12:46:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"gom-player.app","ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":28,"request_count":7,"received_data":3824641,"sent_data":3619,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-06-28T22:30:22.905773Z","alert_count":0,"request_count":1,"received_data":485934,"sent_data":477,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-06-28T22:47:06.167692Z","alert_count":0,"request_count":1,"received_data":277404,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-R1GERZBS4Y","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b4b67965ec70011cb02d8ee2c8a7e52","sha1":"bb6d7c2f07aa508cc89f8f5769d80ee9228e0ee8","sha256":"cc8b2a59e953f9a50efb8704230a333fd5f25b54feb3ae7ad1c15aff5ad9cffd","sha512":"e9e3e4742efcbbc6649b3ae2fce7676c0107fc38218adb86822fd1d02334f4b3e3e1fd3ebe04d7d638e6127e967f4d2ae6884fc74ae8d683e2da1a7873feb0e5","ssdeep":"6144:ZLz5tCn0dF5iqGCvJwXQd7pcxIGQznsWjfGUpEGmwvPrLi:9z5zFY0AQQUpEZEni","tlshash":"f9a4f8cdb3d674265396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","size":485330,"data":"","first_seen":"2026-07-02T12:46:57.957449Z","last_seen":"2026-07-02T12:46:57.957449Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tailwindcss/browser@4","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ab42b0053e976bc3a170bb73eb47e4a","sha1":"72ffa8579bed201cb460a4d929f91e62a08ab606","sha256":"d04446c80203b7517ca833115e9bdcbd87f1ff709a9f4f7ca48804604129d782","sha512":"99037b4ad0b354997eaf089e5adf9afec0ccea6b9c15223adfab27d897fc4877c105d68bfeb093ea1c04e9aff378393131689519862e1385a478cb9157abb99e","ssdeep":"3072:O3M3h4O2WMhWAY/LBcDcQKwod0PNTsVPYoYZGJtgXoul5VWR8cWiYVSi5+0Lra2Z:D2OT7jaWsNxy0uOz","tlshash":"cf442b353603a03e5fbb43da20de6004d62e6b65a75841e8f782d51b21e5af809f7f39","size":276272,"data":"","first_seen":"2026-06-30T06:12:31.279404Z","last_seen":"2026-07-03T03:09:44.104071Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.app/","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d2aacdbbda6c628288056698ebab1477","sha1":"8a4416d4091fae8f000627173578d0da661a77a3","sha256":"bdd73a9bfb2844bb39e42ffbfe22048d1b1caa97b3989397e1d12ce6ffcc9729","sha512":"52aca6bd40597e44a6fd56c5338a787c333f1d08c1b9390c2e47bec7b8f69542f8e226bd783f868370161a63c6845f47e87cf89c014e6772389b3cfe1486d794","ssdeep":"","tlshash":"93c04c88224b5c7155e72a454b6fa704b055325194919a21391f62445f21d57d7a4858","size":160,"data":"","first_seen":"2026-07-02T12:46:57.963913Z","last_seen":"2026-07-02T12:46:57.963913Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.app/","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a333c9c50998d061308eb3442ee4a891","sha1":"0437b045746236c003a8739cb5618d55271467ff","sha256":"15cd13d82f198cfef091da1b061815dedd4a8506d6eb4be37bb5810cfceba704","sha512":"483aa46788b325df4b5fdc3a4e96a334a601cfe870e212deb2174469f082517a7ea1c843e167f6bd5f54adb11a580e31f5b7b1168141d2b48f546cdecae7c925","ssdeep":"","tlshash":"5fe0721a34c2003a03b794a623bba10a21223b0bc48ecb227a9fc4da2f34ca1040260c","size":319,"data":"","first_seen":"2026-07-02T12:46:57.965113Z","last_seen":"2026-07-02T12:46:57.965113Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.app/script.js","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1ac24064a5a88b7f6742425014d37f1a","sha1":"d6530996c0bc53698b7f069b46c9067166ad40cf","sha256":"414c5332619ba4580ad206fe336bc3dad1cb29576994f6a7fb929ee23967793f","sha512":"f3e77f1cc007cf50dae89be88e144043bea45a8d723fe901b03778d3b790c71bf8997282ddb2214a0e95fe1344b80369803d079861f2d7a260ae6d5e6c023753","ssdeep":"192:0gE3kwuaLwGL9iukSltNgeGMuI9Tlb0FVCMFCaLO+M222kM+gMRTU/YVoNp4T936:ULwGLYGgeNT0FQMnMYUTCmuEGNdps+","tlshash":"ae92225a2121203784736379db976649fa391067610296093e6e87081fb37a49bf2fee","size":19919,"data":"","first_seen":"2026-07-02T12:46:57.960397Z","last_seen":"2026-07-02T12:46:57.960397Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gom-player.app/","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-02T12:46:23.599Z","timestamp":1782996383599,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 18:53:13 GMT","end":"Sun, 23 Aug 2026 18:53:12 GMT"},"fingerprint":{"sha1":"E3:31:B3:B3:B5:A1:33:AB:DD:B8:F6:49:05:05:7B:C5:98:A7:4A:91","sha256":"6D:9D:CE:2A:0F:08:46:93:33:42:4A:C2:37:75:E1:38:6A:D7:B9:64:4F:6A:DD:98:8E:3D:C9:02:D5:45:69:1C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gom-player.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:23 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YgYw5%2B85vJciCMnga%2FplxQ%2BOzGbovsfVQIXvVhJLQJNpDvyZAPArakJ3lKcFaHOct2rHML0WIHIe%2FWwM7pUrVHl32I7q8i3Kt%2BrQ8Q1iKkMTH9oLSeuho5YFAkR2qWn%2BmQ%3D%3D\"}]}\r\ncontent-encoding: zstd\r\ncf-ray: a14dc0c62e4a1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":118032,"size_decoded":18252,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (457)","md5":"0625f111c01d01f1c7769a104e0248de","sha1":"e73668466b57d57c5eef9259a545f4b1e6fdc803","sha256":"5f385c5a84a33a52ea43615b6d7c641a109395fed0dae38e8ef3bd2a5240d979","sha512":"c834589d460bc2372dee5a7bd72f025b3d5c205a0530968b7db371f0664904f82d314b09963da91be7edee5256ebc500c29305c2e85f3a5bf55781df28444507","ssdeep":"1536:rgegwXO7xPHwmxTtlTqGs+PlZBgqUvqZ/fIsDGtWPXw4Lrqg0p5Jl3A0OL:ITZf9X/fIsSdu04","tlshash":"25b3c62263f815ae24c7c7b9fb467b376d64d187e66b4048f2ac05645fc7c8ade83260","first_seen":"2026-07-02T12:46:57.955728Z","last_seen":"2026-07-02T12:46:57.955728Z","times_seen":1,"resource_available":true,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":82,"connect":20,"send":0,"wait":174,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-R1GERZBS4Y","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gom-player.app/","date":"2026-07-02T12:46:24.304Z","timestamp":1782996384304,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:39:04 GMT","end":"Mon, 07 Sep 2026 08:39:03 GMT"},"fingerprint":{"sha1":"6D:E4:85:F4:01:A4:0B:02:E0:64:E2:F2:58:93:6D:3F:4C:AB:30:9D","sha256":"4A:07:79:34:AC:03:17:68:07:4A:CB:68:23:A7:E3:14:B2:DE:22:3C:E1:AE:8D:F5:2F:2E:2D:C6:28:58:47:CE"}}},"request":{"raw":"GET /gtag/js?id=G-R1GERZBS4Y HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\nexpires: Thu, 02 Jul 2026 12:46:24 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 165039\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":485330,"size_decoded":165643,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"0b4b67965ec70011cb02d8ee2c8a7e52","sha1":"bb6d7c2f07aa508cc89f8f5769d80ee9228e0ee8","sha256":"cc8b2a59e953f9a50efb8704230a333fd5f25b54feb3ae7ad1c15aff5ad9cffd","sha512":"e9e3e4742efcbbc6649b3ae2fce7676c0107fc38218adb86822fd1d02334f4b3e3e1fd3ebe04d7d638e6127e967f4d2ae6884fc74ae8d683e2da1a7873feb0e5","ssdeep":"6144:ZLz5tCn0dF5iqGCvJwXQd7pcxIGQznsWjfGUpEGmwvPrLi:9z5zFY0AQQUpEZEni","tlshash":"f9a4f8cdb3d674265396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","first_seen":"2026-07-02T12:46:57.957449Z","last_seen":"2026-07-02T12:46:57.957449Z","times_seen":1,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":2,"connect":14,"send":0,"wait":44,"receive":62,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tailwindcss/browser@4","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gom-player.app/","date":"2026-07-02T12:46:24.307Z","timestamp":1782996384307,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/@tailwindcss/browser@4 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 02 Jul 2026 12:46:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 68133\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 4.3.2\r\nx-jsd-version-type: version\r\netag: W/\"43730-cv+oV5vtIBy0YKTZKfkeYqCKtgY\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230233-FRA, cache-bma-essb1270054-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 33780\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ofg3PuK8OYaQeq5%2B%2FTQJ7pone9lCdlEBw3yH3SJwny45i%2Bt5Ta8J5Nt7NG9wrUxSH81G2AlDrPrbc2jm%2FFsWLCOH4zOZ40IazeBnxl8kPbS7cczw5lEP0kAofx7kfAYXiLs%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a14dc0f1ce87569d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276272,"size_decoded":69265,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65267)","md5":"4ab42b0053e976bc3a170bb73eb47e4a","sha1":"72ffa8579bed201cb460a4d929f91e62a08ab606","sha256":"d04446c80203b7517ca833115e9bdcbd87f1ff709a9f4f7ca48804604129d782","sha512":"99037b4ad0b354997eaf089e5adf9afec0ccea6b9c15223adfab27d897fc4877c105d68bfeb093ea1c04e9aff378393131689519862e1385a478cb9157abb99e","ssdeep":"3072:O3M3h4O2WMhWAY/LBcDcQKwod0PNTsVPYoYZGJtgXoul5VWR8cWiYVSi5+0Lra2Z:D2OT7jaWsNxy0uOz","tlshash":"cf442b353603a03e5fbb43da20de6004d62e6b65a75841e8f782d51b21e5af809f7f39","first_seen":"2026-06-30T06:12:31.279404Z","last_seen":"2026-07-03T03:09:44.104071Z","times_seen":33,"resource_available":true,"data":null}},"time_used":6388,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":8,"receive":2,"ssl":6377},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.app/images/icon.webp","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gom-player.app/","date":"2026-07-02T12:46:24.308Z","timestamp":1782996384308,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 18:53:13 GMT","end":"Sun, 23 Aug 2026 18:53:12 GMT"},"fingerprint":{"sha1":"E3:31:B3:B3:B5:A1:33:AB:DD:B8:F6:49:05:05:7B:C5:98:A7:4A:91","sha256":"6D:9D:CE:2A:0F:08:46:93:33:42:4A:C2:37:75:E1:38:6A:D7:B9:64:4F:6A:DD:98:8E:3D:C9:02:D5:45:69:1C"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: gom-player.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\netag: \"69eeff38-116c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rvu9b6QW1fe6mK%2FSJPE7ZC3T0yHEnqev3b5E3xUVdcHKMPYq4h3AeEP5y4udy7PAzwe3nYpUyyRZCN7i%2F1cWLAieSQ71TPdhiMKvHeq%2Fd5Fp9vgM4JeLkxkW5T7GHR4CkQ%3D%3D\"}]}\r\ncf-ray: a14dc0c9eeb51a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 4460\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4460,"size_decoded":5196,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19f9163ccb146f269c7b0f6debffd2eb","sha1":"14adfcbef21179fdb0ad9a17313d4f48603852d3","sha256":"2c241bcbba186737815f8feaf7cc204534c48b9a5600a814713feb3f076d52b6","sha512":"2960c8c39df1a469720dfaa3279ac40077f2eec91db73024f120dbf9905bcca5c5f90de2523d6aa6ed4c568da8bdd25ca31025c979ebe8e92ffff844cd2cbc08","ssdeep":"96:/+gi4CtXzg99vvdOZVnJF4WZKRE1JmG5bKNfJoqrgFh2M2uVHcJ5ZMpo:/Hi1Dg/NBC1kNizHgz7","tlshash":"1b918d5b2c27608ade6a7441623cfe691b4c378c26edeac143441bae0e85a43d7c6379","first_seen":"2026-07-02T12:46:56.509011Z","last_seen":"2026-07-02T12:46:57.959487Z","times_seen":2,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.app/script.js","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gom-player.app/","date":"2026-07-02T12:46:24.310Z","timestamp":1782996384310,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 18:53:13 GMT","end":"Sun, 23 Aug 2026 18:53:12 GMT"},"fingerprint":{"sha1":"E3:31:B3:B3:B5:A1:33:AB:DD:B8:F6:49:05:05:7B:C5:98:A7:4A:91","sha256":"6D:9D:CE:2A:0F:08:46:93:33:42:4A:C2:37:75:E1:38:6A:D7:B9:64:4F:6A:DD:98:8E:3D:C9:02:D5:45:69:1C"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: gom-player.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff38-4dcf\"\r\nexpires: Fri, 03 Jul 2026 00:46:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PvGY%2FHu6TEgJ70DtHGjSkf6FWywZk69A%2BV3LHLP3pdA9JF24Gu7vg%2F96%2BeNKeGdEahK7%2Bx0gEU5fGtw8wnLWH%2Bhhm1rAqzawwXTiyF3rwE%2BOKCrBxs%2BrQIurUeF2rRBJIw%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a14dc0c9feb61a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19919,"size_decoded":5214,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"1ac24064a5a88b7f6742425014d37f1a","sha1":"d6530996c0bc53698b7f069b46c9067166ad40cf","sha256":"414c5332619ba4580ad206fe336bc3dad1cb29576994f6a7fb929ee23967793f","sha512":"f3e77f1cc007cf50dae89be88e144043bea45a8d723fe901b03778d3b790c71bf8997282ddb2214a0e95fe1344b80369803d079861f2d7a260ae6d5e6c023753","ssdeep":"192:0gE3kwuaLwGL9iukSltNgeGMuI9Tlb0FVCMFCaLO+M222kM+gMRTU/YVoNp4T936:ULwGLYGgeNT0FQMnMYUTCmuEGNdps+","tlshash":"ae92225a2121203784736379db976649fa391067610296093e6e87081fb37a49bf2fee","first_seen":"2026-07-02T12:46:57.960397Z","last_seen":"2026-07-02T12:46:57.960397Z","times_seen":1,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.app/images/gomplayer_visual.png","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gom-player.app/","date":"2026-07-02T12:46:24.486Z","timestamp":1782996384486,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 18:53:13 GMT","end":"Sun, 23 Aug 2026 18:53:12 GMT"},"fingerprint":{"sha1":"E3:31:B3:B3:B5:A1:33:AB:DD:B8:F6:49:05:05:7B:C5:98:A7:4A:91","sha256":"6D:9D:CE:2A:0F:08:46:93:33:42:4A:C2:37:75:E1:38:6A:D7:B9:64:4F:6A:DD:98:8E:3D:C9:02:D5:45:69:1C"}}},"request":{"raw":"GET /images/gomplayer_visual.png HTTP/1.1\r\nHost: gom-player.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.app/styles.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff38-37c22a\"\r\nexpires: Sat, 01 Aug 2026 12:46:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cKV7u97NQX4u6eCHzFMvsjt5%2BeP1GIBVQ6f5UqRWQExG0A9ajCSBQTnSpp05uzkW1NDp9YGVTvTb%2BU4GEbgbA%2BYH7AXNLQLsB6g%2BuFAsoXyMBa4WnaZ%2FxDGKqvEpjC%2FwUA%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a14dc0cb0edd1a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3654186,"size_decoded":3646143,"mime_type":"image/png","magic":"PNG image data, 3840 x 1160, 8-bit/color RGBA, non-interlaced","md5":"f9d9498c8d056b5abae387f2bfbba919","sha1":"cf11b30388a59ba262b18f5f053eeee68b05628c","sha256":"f428067efcf6617c161200dabcbf776843174644e9256db255a2cd01528fa73e","sha512":"72153aec6921f6b08f7252dcce6295120d9184910e75b4eccfbf7b18009cdc6a9674368c26d49f9f2d9ed220d02d2dd19c9a106a9951300709200415d3491b8f","ssdeep":"24576:BtF22V2bXhFyLMzYc7iRfqn0bWzYFLgjfPTBH5Bw:BmcavmMzvsfqn0bWPjfPlHo","tlshash":"f0253378d5dc69f531ebad3569a5103936e5b328b169ea31a732cbf53e09dcb0b10302","first_seen":"2026-07-02T12:46:56.500463Z","last_seen":"2026-07-02T12:46:57.961878Z","times_seen":2,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":195,"receive":521,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.app/styles.css","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gom-player.app/","date":"2026-07-02T12:46:24.301Z","timestamp":1782996384301,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 18:53:13 GMT","end":"Sun, 23 Aug 2026 18:53:12 GMT"},"fingerprint":{"sha1":"E3:31:B3:B3:B5:A1:33:AB:DD:B8:F6:49:05:05:7B:C5:98:A7:4A:91","sha256":"6D:9D:CE:2A:0F:08:46:93:33:42:4A:C2:37:75:E1:38:6A:D7:B9:64:4F:6A:DD:98:8E:3D:C9:02:D5:45:69:1C"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: gom-player.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff38-3604\"\r\nexpires: Fri, 03 Jul 2026 00:46:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cQMHCpJO0B7X2q57xzd%2FH6Jys1mRDkLtaaPmQbsFbv4%2BIxfhfEwB%2FD5DrC4aWLDKGK3gE5UI5BP661xkIIi%2BkTpZVAkL5ia0LlhBH8XB24uWTdBhA3z150ybsjhR0NKY8A%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a14dc0c9eeb31a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13828,"size_decoded":3798,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"7cfdc1372a2e61575cf2e5ec778447e6","sha1":"e03dce3016e78d347e66818e2e34f5e00bb8c01b","sha256":"c065946585e642cc41f8b262919341eda3105cf6992025a85a3861c2a62be177","sha512":"befb508287744cfc88ab6e6e5fa7a633d6c02bf0bd47b393a3b32870081f5cd9eb280f0164ab9f1b4b177ec04fbdeab96d57ad6788c3798b7f68162f6c3e93d2","ssdeep":"192:XqZWfZBBf+n/BqsBlWB23USny4CPdQeFmkxQRY2hsi61LcEIQK9V/zt/Lna6nF+3:t3f+Ex38EMY5DEBK","tlshash":"3a5232986de31840645783682bfea359233cc057da2f9cadb7cf22549f463786662f90","first_seen":"2026-07-02T12:46:57.96271Z","last_seen":"2026-07-02T12:46:57.96271Z","times_seen":1,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.app/images/icon.webp","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gom-player.app/","date":"2026-07-02T12:46:26.414Z","timestamp":1782996386414,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 18:53:13 GMT","end":"Sun, 23 Aug 2026 18:53:12 GMT"},"fingerprint":{"sha1":"E3:31:B3:B3:B5:A1:33:AB:DD:B8:F6:49:05:05:7B:C5:98:A7:4A:91","sha256":"6D:9D:CE:2A:0F:08:46:93:33:42:4A:C2:37:75:E1:38:6A:D7:B9:64:4F:6A:DD:98:8E:3D:C9:02:D5:45:69:1C"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: gom-player.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.app/\r\nCookie: _ga_R1GERZBS4Y=GS2.1.s1782996384$o1$g0$t1782996384$j60$l0$h0; _ga=GA1.1.948964585.1782996385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:26 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\netag: \"69eeff38-116c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EbpfTJkZITcBeUn1fK2xVm7UtjmCiKZmmQzXY9Xv07UCFmaR3WJaAzacdCOi0f0wOeKCxRS1olAJ3lVxZg3eWtZPcusSJt4DItkhoBJzyU9z7rQXAW%2BFKdMFSXPSwltt9Q%3D%3D\"}]}\r\ncf-ray: a14dc0d718a11a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 4460\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4460,"size_decoded":5202,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19f9163ccb146f269c7b0f6debffd2eb","sha1":"14adfcbef21179fdb0ad9a17313d4f48603852d3","sha256":"2c241bcbba186737815f8feaf7cc204534c48b9a5600a814713feb3f076d52b6","sha512":"2960c8c39df1a469720dfaa3279ac40077f2eec91db73024f120dbf9905bcca5c5f90de2523d6aa6ed4c568da8bdd25ca31025c979ebe8e92ffff844cd2cbc08","ssdeep":"96:/+gi4CtXzg99vvdOZVnJF4WZKRE1JmG5bKNfJoqrgFh2M2uVHcJ5ZMpo:/Hi1Dg/NBC1kNizHgz7","tlshash":"1b918d5b2c27608ade6a7441623cfe691b4c378c26edeac143441bae0e85a43d7c6379","first_seen":"2026-07-02T12:46:56.509011Z","last_seen":"2026-07-02T12:46:57.959487Z","times_seen":2,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.app/images/icon.webp","fqdn":"gom-player.app","domain":"gom-player.app","tld":"app"},"ip":{"addr":"172.67.183.191","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gom-player.app/","date":"2026-07-02T12:46:26.415Z","timestamp":1782996386415,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 18:53:13 GMT","end":"Sun, 23 Aug 2026 18:53:12 GMT"},"fingerprint":{"sha1":"E3:31:B3:B3:B5:A1:33:AB:DD:B8:F6:49:05:05:7B:C5:98:A7:4A:91","sha256":"6D:9D:CE:2A:0F:08:46:93:33:42:4A:C2:37:75:E1:38:6A:D7:B9:64:4F:6A:DD:98:8E:3D:C9:02:D5:45:69:1C"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: gom-player.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.app/\r\nCookie: _ga_R1GERZBS4Y=GS2.1.s1782996384$o1$g0$t1782996384$j60$l0$h0; _ga=GA1.1.948964585.1782996385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:26 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\netag: \"69eeff38-116c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B7c5pJMK7QdhDj6rIH61bWuqYP5Sb1kBmmvNjf0M%2FpE8ejUUJIXYztmvF0tR3ESaoqqtNd9HEr%2BrdsosbR8LYz05fwOtawzmKufzfaFyK12tdA90ZXo0Ai0knJzKmFH01w%3D%3D\"}]}\r\ncf-ray: a14dc0d718a21a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 4460\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4460,"size_decoded":5204,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19f9163ccb146f269c7b0f6debffd2eb","sha1":"14adfcbef21179fdb0ad9a17313d4f48603852d3","sha256":"2c241bcbba186737815f8feaf7cc204534c48b9a5600a814713feb3f076d52b6","sha512":"2960c8c39df1a469720dfaa3279ac40077f2eec91db73024f120dbf9905bcca5c5f90de2523d6aa6ed4c568da8bdd25ca31025c979ebe8e92ffff844cd2cbc08","ssdeep":"96:/+gi4CtXzg99vvdOZVnJF4WZKRE1JmG5bKNfJoqrgFh2M2uVHcJ5ZMpo:/Hi1Dg/NBC1kNizHgz7","tlshash":"1b918d5b2c27608ade6a7441623cfe691b4c378c26edeac143441bae0e85a43d7c6379","first_seen":"2026-07-02T12:46:56.509011Z","last_seen":"2026-07-02T12:46:57.959487Z","times_seen":2,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}
