{"report_id":"7553ad76-3f5c-4948-a7a6-59f0bb9a14fc","version":6,"status":"done","tags":[],"date":"2026-03-20T18:39:22Z","url":{"schema":"http","addr":"vote-surge.xyz","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"104.21.77.141","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"vote-surge.xyz/","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"title":"Vote | SURGE","dom":{"size":2162,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2123)","md5":"cf35e468170d8893a85ae9e07ec75d29","sha1":"c7f9ed56dbc95d0b780967293744f5c6bc56cdba","sha256":"4988b12715d752b4323b2bbd2ccead34e63de964f53ef70dfb84c963feb7c6a3","sha512":"fc796d65cad7d9cf40b295e91aa825ca83b397ded20ec0f5fbacc28e49cecd45a0bed2d6d674939ce0331675302ac0f165ac878b03d413a87cfb17f317f78e54","ssdeep":"","tlshash":"bc4109a292114a287d5a5a33a9d2d0d982339ccf78c91018f9f4f7504273aef5161cfe","dom_hash":"domhash1b838b182bbc8c7be786b9f3c16bbd25","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"vote-surge.xyz","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"104.21.77.141","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-24T18:39:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"vote-surge.xyz","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-12","domain_rank":0,"first_seen":"2026-03-20T18:39:23.884739Z","last_seen":"2026-03-20T18:39:23.884739Z","alert_count":58,"request_count":29,"received_data":1751334,"sent_data":13587,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Webflow","description":"Webflow is Software-as-a-Service (SaaS) for website building and hosting.","website":"https://webflow.com","common_platform_enumeration":"","icon":"webflow.svg","categories":["Page builders","CMS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"vote-surge.xyz/A3sLm15Y.php?s=%2Fipfs%2F7Gc6p9UQ5JqaOMMS_fY_pg0702b396044cd339a8cd438d2bd10030%3Ft%3D1774031941176","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca4ed5828659229182cdc6a3d22ebc19","sha1":"3609a32b43b32b33fd0fe901447739ca23dda525","sha256":"627ca94110cfa37489e284ef9b5d17545163683a64921c90128474b8138f996e","sha512":"146d74c9c5eb60e7a81614bee3eaf67dd955a193667c372e5c3fef1dbe5489b6637e2c95780fcc27a824d26db11c50be4308da4223498d049d69d4e3f96d9285","ssdeep":"6144:qh5gDu6Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qsuZunzvlzSWP8p0Q+Bz","tlshash":"f2d499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd09ca5e379b8351e5998","size":634305,"data":"","first_seen":"2026-03-20T18:39:27.924569Z","last_seen":"2026-03-20T18:39:27.924569Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"26f046ddb68743ca84feb418db0428b0","sha1":"7ce424c4ec5b6f99547ca2743b4b8d31c41980ab","sha256":"3f861ee1b4e23fac8e2e3797b1651d8dc5916fff17747a041809ab396887dab4","sha512":"eb663a2462d18c5cf77f6b3729f4d0f3c4274da58afa68233c935c6d7ef0dec0e92487231b26908494c2f55a9edc555f2a2535c3a08499c6ea2de943b770dc35","ssdeep":"","tlshash":"8ac0120d7064656614cf686d0ccf08897f36881261080dc599ecc4547fb1e6942b084c","size":174,"data":"","first_seen":"2025-06-27T19:09:25.566951Z","last_seen":"2026-06-10T12:27:56.757152Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20651838f19e6b691e93ed84f3dad539","sha1":"6f6961f7794a57b892397db1023c6983f1a26492","sha256":"98084b954a3a850d8dc476d0e7c521cc47f789b6d5d2254ca0aa7193a308497f","sha512":"e32674fee4d2647d86a532abe4a1fa045cac81f1d01ab632e3ba4d0b0b8137168f91db5626041da0a18b482a097a880a9c861a9df6ddfdbcbe9a9f008f2f47fd","ssdeep":"","tlshash":"1cc0222482f089f0813c24c7107e22552070286a0022a08af2ae8ec7584cfc84608d10","size":191,"data":"","first_seen":"2026-03-20T18:39:27.977067Z","last_seen":"2026-04-25T07:20:44.077235Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"895f526ab37305311d1e998fa4d5a6e8","sha1":"06d0220830c81bf254c70552e908371c6dc1f18f","sha256":"90916b8b1fb2fbbd765a22eba866c30d8829f59aa2d7ee86869abd20207b2117","sha512":"6b087d2e2025f4d11073254448b124af8839ce24ff37eb45bf2fd1a2b66bee8fd4fdca2b4d23c08786d217dd71dbc660d1054b7876b37752dee3baaefdaeaa4e","ssdeep":"","tlshash":"2871bc3beb00173bdc8fa9fdced5b4c02e62497262496960691ce102a16cd7487bed88","size":3743,"data":"","first_seen":"2025-08-14T22:47:51.287187Z","last_seen":"2026-06-13T05:32:08.573707Z","times_seen":1326,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/index_5.html","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"76244d8526da359429886b03a7ada498","sha1":"90415cd87cc2f928fc8e16b7740dfb09f7e5bc10","sha256":"3f699786f5f750c5ee9696bce7941003b51f5e5628b55aa6ca59917195d8b490","sha512":"3ba24210155df81c4378587bf70fa4a66f8eb44e60d01deca3b32a8ccdd092d350a1fd870334d90469b750c2fc86822743811cba384e7baa95635291061c3adb","ssdeep":"","tlshash":"dcc0125970206966048e787d4ccf088ebe268412a20849c999dcd8547fb1e6c42e484c","size":184,"data":"","first_seen":"2023-09-20T06:28:52Z","last_seen":"2026-06-13T04:20:14.575575Z","times_seen":1765,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"vote-surge.xyz/token-logo.png","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vote-surge.xyz/index_2.html","date":"2026-03-20T18:39:01.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /token-logo.png HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/index_2.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:21 GMT\r\npriority: u=4,i=?0\r\netag: W/\"69b3027d-7a8\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z%2F87qfLqpP3On8MP%2FrxDntN9nyf2MmM844%2Befjk%2B%2FlseoDLJbZlrBqvn30GY2qOoOVLka1tY%2F6fCYrTpxDIL425R1yd8NosEPo6zOwF6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d65178a2c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1960,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit grayscale, non-interlaced","md5":"d3894e9169df40cdf8bcc5a480ce7d00","sha1":"6ea2c551b18971a1353aeadd5e13680d1273b7dd","sha256":"870518b59d8efe9e3e9884ef1acc070274dc8e37b93e8c6c6dff93d01eb29c81","sha512":"6cf96ceca5e89a4d6dec1c87caefb802bf9eff5e588ee5fb0b79adbafc420bc8959c5527b1402e2e7fade242975eff9dd9f6f88c1a5d874f563bc9cd83325b2f","ssdeep":"","tlshash":"a2412aebc822635760d558308852759ceb331dbf1173bc264d29529133bc086c5b2d78","first_seen":"2026-03-20T18:39:27.919041Z","last_seen":"2026-03-20T19:01:15.292656Z","times_seen":2,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-20T18:39:00.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 12 Mar 2026 18:17:45 GMT\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PWK2oEwk95yd%2FOaEE%2BANecFIObDDA%2BqakFLyqQmiCgK%2FyKVhFmRabFczX8wnSIV89Iof30IsYvYaXRbqd06q3OmRYrUG%2BShSaQfoh4VQ\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9df6d64df98fb80b-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Webflow","description":"Webflow is Software-as-a-Service (SaaS) for website building and hosting.","website":"https://webflow.com","common_platform_enumeration":"","icon":"webflow.svg","categories":["Page builders","CMS"]}],"data":{"size":291482,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (367)","md5":"bb2cac50043794d38d639f3fc3a3142a","sha1":"154fe6f2aeed424c2d57bd87740b6e8e5628b85f","sha256":"02939e4afaca55b114c846f3677e8305674ede20859dba0b19a8b184dff5cb80","sha512":"8c589a76c8d4595e0d8117ba0eeac26d6d1553d1395a740fa4e8edc8ddc7ac0f11ee0567aba44f9e3977d07e5525b6dc39f820869efe9dbb63e0c3bd1a6e5485","ssdeep":"1536:/aK8rCTwBZP3ZPU4H8WrMgBwgQ8X8wM2tR1BOaxR2kJ/LVmiqLNQaHBsPWXbZUIw:CKk3ZPU4ciBwUX8w1tR1BOaxRoW0en9","tlshash":"b054e7559a6351ac3c13a56d1bf649173338a023bc05ee2d3fdc95a88f4f1e88993f29","first_seen":"2026-03-20T18:39:27.921736Z","last_seen":"2026-03-20T19:01:15.294549Z","times_seen":2,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":80,"dns":49,"connect":8,"send":0,"wait":90,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/A3sLm15Y.php?s=%2Fipfs%2F7Gc6p9UQ5JqaOMMS_fY_pg0702b396044cd339a8cd438d2bd10030%3Ft%3D1774031941176","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /A3sLm15Y.php?s=%2Fipfs%2F7Gc6p9UQ5JqaOMMS_fY_pg0702b396044cd339a8cd438d2bd10030%3Ft%3D1774031941176 HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:02 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uFkpuMHETVVgqbOEVzkuBgmgcshaQEnU5J26KsgFqODMxg2A1dmoRBv7VW6LFdGIVyQlD3sIlAAgJThP6l71%2B4askGhLTvuyYrATN9HN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d6507dccc124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":634305,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ca4ed5828659229182cdc6a3d22ebc19","sha1":"3609a32b43b32b33fd0fe901447739ca23dda525","sha256":"627ca94110cfa37489e284ef9b5d17545163683a64921c90128474b8138f996e","sha512":"146d74c9c5eb60e7a81614bee3eaf67dd955a193667c372e5c3fef1dbe5489b6637e2c95780fcc27a824d26db11c50be4308da4223498d049d69d4e3f96d9285","ssdeep":"6144:qh5gDu6Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qsuZunzvlzSWP8p0Q+Bz","tlshash":"f2d499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd09ca5e379b8351e5998","first_seen":"2026-03-20T18:39:27.924569Z","last_seen":"2026-03-20T18:39:27.924569Z","times_seen":1,"resource_available":true,"data":null}},"time_used":990,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":902,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/index_1.html","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Thu, 12 Mar 2026 18:14:19 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8a1XXxC6lgsZNcNs2u9624OeR%2Bc6Fa9A%2Fi67recmzv1cpBw48FGn8gYcCYWbYnJ4CjGwINpe7OOiPOphtnDn2WMJggRj8ywVsbvVMQBl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9df6d6509e3dc124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with no line terminators","md5":"292f74c92c97c686c723a291030cfa93","sha1":"ff7ce2a278d64bb71b8a15797fd10276ea6f0df2","sha256":"baf0572ea402de47c8c0c44f67fe0b4af40bd7bc06f5733bac13f51bb4ac4d08","sha512":"4f34b0d47baba42b1c93958d291540f76e16fb3f67405fec9d87d0d8d57bf4ae454b63e8462a3b238ff1f6306323f7af84e182781658961d0acac1e55b70d953","ssdeep":"","tlshash":"54c02b22dc04480f3d009fd1cb8af1c4c003dc3ce8315c00b867b544e9ac131c012548","first_seen":"2024-08-19T15:34:07.77924Z","last_seen":"2026-06-13T12:25:58.336514Z","times_seen":455,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/gyByhwUxId8gMEwcGFWNPoTcZY4.woff2","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /gyByhwUxId8gMEwcGFWNPoTcZY4.woff2 HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/css2-1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 28412\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:20 GMT\r\npriority: u=4,i=?0\r\netag: \"69b3027c-6efc\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RS9Jm%2BHBN6NFrkEnaTdDr%2F7vY6r11Fdlz7suDy34HjfqScdpWFVoCYj5UqljbYLqPZIsKpAoQlu6IhBV%2Bm%2FZ4chOui4l0XTYpCctGE%2FK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d650cec6c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28412,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28412, version 1.0","md5":"a0f13f916a5805019879dd56b29bc098","sha1":"90af3a05ac9d34850f01f503e1a2582306d9245b","sha256":"04f13c87d9e172ebee6a520fe0d8cb187d1ed1f1eef505d47dd041467e36c6ec","sha512":"15993875861a0b439c76848f3bd7200a8296f917af470a53c0c058880090eb6ce325b2c12295d504b2b6fabe7a5647bfa4804c103b4c41bff4b1741bb27924db","ssdeep":"384:vOg2tlly1HTH0ZTk9hbQe3O4KGVTtRgKJMgJnynWeWkBuNyg3Bv0I5Y4hf/CGYEY:vLQlwH05kbQ+Ttvi+yskBuNFxRPHC2+","tlshash":"30d2e1a67a98b5976d61a4bb6150b00881cf7cb6230d03f21a24d561fd69fe603d373b","first_seen":"2025-09-11T19:57:45.123641Z","last_seen":"2026-06-05T16:17:46.219817Z","times_seen":1396,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":88,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/style.css","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:20 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M4CpsaMKSJpqkXjZjPcB4y3vl1Mq%2Bcs6wGq%2F12RdPsaQhc4LhUC5GD4vyTdLcQRfXDCe%2BEXi%2BvFVHQZWmzZKQpM6cfEAUK3RHKF1EBwf\"}]}\r\netag: W/\"69b3027c-2eb\"\r\ncontent-encoding: br\r\ncf-ray: 9df6d64f9b99c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":747,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d22658124da1ae6bfd60ded350d5b2ba","sha1":"eefe7a626fc0e54bc31bda2dab317432bfdec445","sha256":"04604c695d889012dc70b090563811d359aeda0a807ae210521d692224811b86","sha512":"05b2f3f29b152e9a27ed4e854812c706067911f9a8b1e8adc649df27785ad7cd7bd4741da8506b50bf20a59b3019484da2a76f3e9c2bbe799a81f2f4466569b8","ssdeep":"","tlshash":"3601c81b6af09b0c31032d58075f76b52bb4509253098ef8b584f62caf837e61171dc6","first_seen":"2026-03-20T18:39:27.929729Z","last_seen":"2026-03-20T19:01:15.286114Z","times_seen":2,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/solana.svg","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vote-surge.xyz/index_2.html","date":"2026-03-20T18:39:01.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /solana.svg HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/index_2.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:21 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PUJiprli7aGB3Dx05XET5JJcP%2B9zDNq5ySGyiPGzuFyCk%2B31YcLUvA3cONduBD1OTnmIKft5ynzpjV%2BeTtxXmDoEm%2B%2FpT8e8WG4hrkNZ\"}]}\r\netag: W/\"69b3027d-81a\"\r\ncontent-encoding: br\r\ncf-ray: 9df6d65178a1c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2074,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"dd21bc4ad1d5172b7f3fb1ce5ae74d29","sha1":"c9ca05eee6625567af656027dda7cefb5ee2e3f0","sha256":"bda79016a64ff82c32ba783bac38856ae18cc2fa96b670085ec6394ab1693b91","sha512":"87d8ab7e070bbbfc9abdbb5e22d1f055652a0d6bbc7b8dfac29ddcc6936680587411b6a03269f70ce837ce36e43c58e6d3e295b6a942eba3eae4980bffe2575e","ssdeep":"","tlshash":"a941f0b288fdd5d6f260e344ea146870691a39f76b85c244b388eb461f384e30e4fed5","first_seen":"2026-02-13T01:58:27.885154Z","last_seen":"2026-03-20T19:01:15.303282Z","times_seen":4,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/css2.css","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:19 GMT\r\npriority: u=2,i=?0\r\netag: W/\"69b3027b-1dcc\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WY0tP8TE3hGstIcxLVWYqpUgAoStOvXb%2FGwUlprAfSiNnfVfzKwACQKQj6PixMrM3tNyiO%2B2fz6xrtYNZALLGkDFMkI0wNjd%2FnSJvgDO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d64f9ba8c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7628,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a945690afba190bdf35bdbc8dca91152","sha1":"d93d79ba5c4ff541fb62d683c5d6b488b9f53ba8","sha256":"e3588f89e8f3d36d7befdcd1ad777d37963acce98132704f84f1d7ab2d5e1b4b","sha512":"72a22e14d311d595ee72e60b3ae2692c0cf6745594fab8f6f60c522f0f91a227d67e0dbbbc34e4fdfae78e152a29498981398ad2f56e511e7abe26664268a393","ssdeep":"192:9/NAPt34yaDD/OnIt3/ha8G/rKht3iIall/E5yt3RPaGc:JwSfyGKVm","tlshash":"ebf14490046b9400eb872cd277cf7f376d9da148a045c9795ffd1898acded2613a1b4d","first_seen":"2024-12-17T11:31:53.647668Z","last_seen":"2026-06-13T00:36:02.593288Z","times_seen":516,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/gyByhwUxId8gMEwcGFWNPoTcZY4.woff2","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /gyByhwUxId8gMEwcGFWNPoTcZY4.woff2 HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/css2-1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 28412\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:20 GMT\r\npriority: u=4,i=?0\r\netag: \"69b3027c-6efc\"\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HSQP4Q22qo2PZ%2FjE7wfa0%2Bl6t0BrzeamX%2FWm7tYWtPv0pX5t%2FS8p9iw9vD%2BEXpyXn89iuVll9TmnFjNYersMf5GB9wHdkXJt87Mj%2Fh33\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d650cef5c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28412,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28412, version 1.0","md5":"a0f13f916a5805019879dd56b29bc098","sha1":"90af3a05ac9d34850f01f503e1a2582306d9245b","sha256":"04f13c87d9e172ebee6a520fe0d8cb187d1ed1f1eef505d47dd041467e36c6ec","sha512":"15993875861a0b439c76848f3bd7200a8296f917af470a53c0c058880090eb6ce325b2c12295d504b2b6fabe7a5647bfa4804c103b4c41bff4b1741bb27924db","ssdeep":"384:vOg2tlly1HTH0ZTk9hbQe3O4KGVTtRgKJMgJnynWeWkBuNyg3Bv0I5Y4hf/CGYEY:vLQlwH05kbQ+Ttvi+yskBuNFxRPHC2+","tlshash":"30d2e1a67a98b5976d61a4bb6150b00881cf7cb6230d03f21a24d561fd69fe603d373b","first_seen":"2025-09-11T19:57:45.123641Z","last_seen":"2026-06-05T16:17:46.219817Z","times_seen":1396,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":83,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/banner.png","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /banner.png HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:20 GMT\r\npriority: u=4,i=?0\r\netag: \"69b3027c-28714\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q3HOof4yVwBNqCpv2ZrRfw8g4vjs%2FWWI80mfzI%2Bq54uKo9YemXF2Qj%2B9tYRYCA81jsFSRHY2EVSAEPzBjd4d%2FARZPKBHcPGkzafQBj5a\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d650be7cc124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":165652,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1507 x 727, 8-bit colormap, non-interlaced","md5":"f8910d5f2ff190bdd2eebd5feeed246f","sha1":"38578928913eb61b0cf2856144ed4e83c43434de","sha256":"ee738939088d7059e7637080d2a2a3ba92304be8db492392f01e323e9439eb8f","sha512":"eac499db23fbb859547c77cc6f9086e8004a088d89102cf7de3dd76ab7def76f154e995c144aa4a27431239361d1118b63f877f2832fbe6cd9b9c5c1a496b654","ssdeep":"3072:vdRaAM7zGn66Bcsv4FiugtXExqn1Et3QSfB9tdus0eSTwcT9gQ44FW6TqAf:vdRaAM7ocG4a00w3rfBHks0e7AeHuqAf","tlshash":"9ef32222ff8d02739c8b65ba5c730b269e1b437273245b4ba86490d19ccccb1969ded2","first_seen":"2026-03-20T18:39:27.938242Z","last_seen":"2026-03-20T19:01:15.316928Z","times_seen":2,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":77,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/3895f45fb355bebc.css","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vote-surge.xyz/index_5.html","date":"2026-03-20T18:39:01.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /3895f45fb355bebc.css HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/index_5.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:21 GMT\r\npriority: u=2,i=?0\r\netag: W/\"69b3027d-1a10c\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=25rhGXRN4AZYQiF1SYMD%2BG7yt0Eyh0lICrt6VK%2F7CNyJ72KUNK7MN7C%2FBiPtaZiYEfvWQ4uGyd4nFzmTlZyj95Q%2BLHyt9c6z78hlvezl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d651585dc124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106764,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65472)","md5":"840dc34b759dc66612c11a308e93b86e","sha1":"a1b32bee232fd465250fa7160ea3af5ec935ebfe","sha256":"4a9d6a66b65aee566739cd1e5c4955c96457f327c11f384b82c6c234c141de6a","sha512":"c780d586509dae5554263dbe91fe75359d37738284cee922ffa846b78fbcf5e773fd554e2ac63f89dbc580b700ae0030a67dd7eb20b9d9a028e65640b5aa152d","ssdeep":"3072:MGPhfV9hHBCmUU8isHsQ2wTtybjrSWxDhbvgD0:MGPhfV9hHEmU3/tybjrSWxDhbvgD0","tlshash":"3ea3711df652113f3c2780f9d25cedada116b1c0ee2a6be7be4221118ac67e35de3254","first_seen":"2026-03-20T18:39:27.940527Z","last_seen":"2026-04-26T13:44:10.143656Z","times_seen":6,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/base.svg","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vote-surge.xyz/index_2.html","date":"2026-03-20T18:39:01.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /base.svg HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/index_2.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:21 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iuOoxP6V1gdNmdIFS9AGnxuDtFcBhW0Coeu88Yen80%2B66yVtAVW0MJ7IX4A7c64ezMr3SfDq8b33nJJN29N6Tp8s7m8G6S3GcfagcEtM\"}]}\r\netag: W/\"69b3027d-14a\"\r\ncontent-encoding: br\r\ncf-ray: 9df6d65178a3c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":330,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"85e4aec2ee88ee9bf6eea0067e8b5b26","sha1":"ea5e90cf2f53fde0697ba84572e11e78fea3f675","sha256":"eb58860c218c52de73271bf5d82f97c75de4b39c3564676476261ef553083d05","sha512":"bc350b3d89b3666e19da86c249372b734bf721be82f7895656ce1e068837f9f462abbe0efb90cbaa6720ccee3d020709c1ed188180e060d5f131cfb120634e97","ssdeep":"","tlshash":"27e026d5890caac84a05c338973d24b5762b70e4300a04eed640de227a0c5be6518f6c","first_seen":"2026-03-20T18:39:27.942677Z","last_seen":"2026-03-20T19:01:15.310503Z","times_seen":2,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/favicon-16x16.png","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /favicon-16x16.png HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 294\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:19 GMT\r\npriority: u=6,i=?0\r\netag: \"69b3027b-126\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wUD3SAdxHZ%2BbdFw%2BIK%2Fm8v%2BejdW5a9qprDK0ofJ%2Fdytv7yFaEqRs5864bmGXXn%2F2xdns%2BFgfhvXsnONjsIPuKBvIs0n7mceND4N%2BQc3I\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d6526aaac124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"58f0bab6632bfdc56a53e5e5b588665e","sha1":"c1f9aa0a356870be1ab8625efba17c7a5afc9dda","sha256":"d6009fe695466ee1648dca1eb4b3b984c2736b912e056a698c70c917e4dde2f1","sha512":"da5596ee1d571b51e1c628eaa16cabce8f89ed5cf46c9ea46978542089a83ae519944b5a655b877a48913193e66f1e0d197edd88f6fda8ff826d4f8ec458f314","ssdeep":"","tlshash":"11e02b8392801879d469123b06a44ec15c221734395b1107928499fe1814e0263fef49","first_seen":"2026-03-20T18:39:27.944832Z","last_seen":"2026-03-20T19:01:15.304236Z","times_seen":2,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/App-DljxPzMl.css","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /App-DljxPzMl.css HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:19 GMT\r\npriority: u=2,i=?0\r\netag: W/\"69b3027b-15537\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EdiMfk3r1Gf6oriyRFt%2BiE8P%2Fn%2B1Izuvk10ilJWTv5WfdNhJV73itK5E%2Fqe43vw%2Fd%2FlOXxLGNrkuR0l4RpTY%2BFfVvh0gxKlqBLIvQwER\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d64f9ba1c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87351,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (64122)","md5":"222a33ee29bebf33d72905e7db65988b","sha1":"edb866755d6afbef0b6c35d49a0f1662d0ed2e43","sha256":"fd9da8e80f781c3fab9696a24a2ea60ab179c72e91871d801323869f8d618b92","sha512":"bf0c8c50c64097ea824c04e8bc47d5945b241659e0091239fd67dd8a3ff109f3a622c7d9ff5680599b58e4ad5333356284aae4d42cd6471a4fc2f93dfabfb3a5","ssdeep":"1536:buHnmBe9QtJ4Nu5M5Xf+1MDvNJ88T4tQkunxIxSu7QPkaCBjCgte:buHm89QtDyDvUe","tlshash":"1c839a13f62724637017843fb48297e823d87c40b6735fd6f48c9a9098db46b976eba4","first_seen":"2026-03-20T18:39:27.946788Z","last_seen":"2026-03-20T19:01:15.277216Z","times_seen":2,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/icomoon.ttf","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://vote-surge.xyz/index_2.html","date":"2026-03-20T18:39:01.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /icomoon.ttf HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/styles-GA26BFBD.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 31436\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:21 GMT\r\npriority: u=4,i=?0\r\netag: \"69b3027d-7acc\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=clFYWvIBVu%2FQrAwKm9vLn7%2BG3ENgj1opAEIoqAud64EfPBygeh7sESrD%2FuTKMoV1DHM7jsu6qh9aWFW%2BvzIpiewJ3eus1N9Cae%2FVgbTq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d652db8fc124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31436,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, icomoon    ","md5":"3cbc061e53d5f831970d70d6c443400b","sha1":"02e534dbe825b06a2eb15f4eb0802217c3b384da","sha256":"ef0e8252360753f15c651fce4fd9efec0e7e8a92e84904d3de185ab37cf9b6cf","sha512":"add0f7bc3fa38f569f09a5a601d11affa6d8ca878278835f651259066648dbaef6b3c6509d4093433e996fb66fd39e3e02368057c84962266def5fdbe6cd3585","ssdeep":"768:mBqJ29OxsDfOTthBMaNTOK96Y7H5Yle7+lIBU5cUjjN9jjjzu0UjjNvjjjzu7:zmOxfTHBMITOmXrse7UjjN9jjjzu0UjI","tlshash":"d8e2190b5b4adb4fc456b6f24c09a4234ce3da11a33be76758864d4496488f08d78bff","first_seen":"2026-03-19T09:50:29.143872Z","last_seen":"2026-03-20T19:01:15.29902Z","times_seen":3,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":73,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/wallet.svg","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /wallet.svg HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:20 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LprLlwYwxTkssoacTcyCJaiFuPl1%2BFfqAyYg3DAfBubnhUn%2BSKj7czrKl5FiulZhA5k3iYhBLtSIrEI5c8D4hCgdl8DK9OKV1rhkqU1r\"}]}\r\netag: W/\"69b3027c-572\"\r\ncontent-encoding: br\r\ncf-ray: 9df6d64f9bb5c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1394,"size_decoded":0,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (594)","md5":"711729495702cb27e6830475dc4e99d2","sha1":"ac4b18a63168ecc22a83a32f6f7beec8437b7574","sha256":"e8f0aea80a06e3afc291dbcd41be45f24c3f9e75f78f186033f3f890f8e4a72c","sha512":"d999d7cc450ddc8550e103f32bd18de41310b426614ba66b2e57bc3e4c1a8a4eb5886b6c1a7b2dcd57f7ca386e1882eb7e14ee62387775de0ed034318010a8d5","ssdeep":"","tlshash":"d8219af463c8a2c4d509c33054267028172e39bf17894a4cf68d7791bb2859a6a15da4","first_seen":"2026-03-20T18:39:27.95165Z","last_seen":"2026-03-20T19:01:15.315598Z","times_seen":2,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/index_2.html","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /index_2.html HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Thu, 12 Mar 2026 18:14:20 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K7qq3hcZTZC22YoFb7529C%2BSxLEQ3v80R%2BdpJhODkJNH%2FX7B0asYu1k3vsboXx1exhdfFaGFGlxnwWVSWvXWjs%2FInYUuAvqwf4PfaThF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9df6d6509e20c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82081,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (54402)","md5":"990d17027995ea31a9760568696ade55","sha1":"83936268a2ea038dc3309fc840726418c2086ecc","sha256":"23a9bc8691de27740ba1754e02b833bc38fb9bae219704236e972ad48c2ef1de","sha512":"6c1b5efd09184cef5f2176ff7029730620110d115a6889ef93dd117d71bf329a631157fdc30a25872a8e67547c4b1f517937260b81a53c9c4a26a3b002fe1df9","ssdeep":"768:Ph/LwuRAHMAZTsZ3avqF0U7aMNACbkPi3G/xZBxOoy/L9xJ/5ACn6PmRMopAPUG:au+Hb1sZeGJ/XJ/5ACn6++opAPUG","tlshash":"2f8393f31600d6b96da3c44951f1394d11a5dce2da0a0ff872d09c990ecebeb64a7b8d","first_seen":"2026-03-20T18:39:27.953607Z","last_seen":"2026-03-20T19:01:15.308819Z","times_seen":2,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/gyByhwUxId8gMEwcGFWNPoTcZY4.woff2","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /gyByhwUxId8gMEwcGFWNPoTcZY4.woff2 HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/css2-1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 28412\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:20 GMT\r\npriority: u=4,i=?0\r\netag: \"69b3027c-6efc\"\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qxewMkOpsYtKILGJlj%2FAlWtO1vuvRetwfVzG0UiAggyXL2z7Eu8w74pokCoa962GbUejcUYWxfSoctQ%2BsJeQXv1sv8dp6YhbSxwuHmq3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d650ced7c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28412,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28412, version 1.0","md5":"a0f13f916a5805019879dd56b29bc098","sha1":"90af3a05ac9d34850f01f503e1a2582306d9245b","sha256":"04f13c87d9e172ebee6a520fe0d8cb187d1ed1f1eef505d47dd041467e36c6ec","sha512":"15993875861a0b439c76848f3bd7200a8296f917af470a53c0c058880090eb6ce325b2c12295d504b2b6fabe7a5647bfa4804c103b4c41bff4b1741bb27924db","ssdeep":"384:vOg2tlly1HTH0ZTk9hbQe3O4KGVTtRgKJMgJnynWeWkBuNyg3Bv0I5Y4hf/CGYEY:vLQlwH05kbQ+Ttvi+yskBuNFxRPHC2+","tlshash":"30d2e1a67a98b5976d61a4bb6150b00881cf7cb6230d03f21a24d561fd69fe603d373b","first_seen":"2025-09-11T19:57:45.123641Z","last_seen":"2026-06-05T16:17:46.219817Z","times_seen":1396,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":86,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/token-logo-1.png","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vote-surge.xyz/index_2.html","date":"2026-03-20T18:39:01.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /token-logo-1.png HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/index_2.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:21 GMT\r\npriority: u=4,i=?0\r\netag: W/\"69b3027d-7a8\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aeXR6Iuc1ZX4gbC%2BpkqasnFg%2F3GB4igpA9LO9qjWZcNNWmZnnudXfsQjXCuYps7%2Fm8tqU75L1TSon1n3Iyy8U3Kba9yLsM%2BQNUTFqccn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d651688ac124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1960,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit grayscale, non-interlaced","md5":"d3894e9169df40cdf8bcc5a480ce7d00","sha1":"6ea2c551b18971a1353aeadd5e13680d1273b7dd","sha256":"870518b59d8efe9e3e9884ef1acc070274dc8e37b93e8c6c6dff93d01eb29c81","sha512":"6cf96ceca5e89a4d6dec1c87caefb802bf9eff5e588ee5fb0b79adbafc420bc8959c5527b1402e2e7fade242975eff9dd9f6f88c1a5d874f563bc9cd83325b2f","ssdeep":"","tlshash":"a2412aebc822635760d558308852759ceb331dbf1173bc264d29529133bc086c5b2d78","first_seen":"2026-03-20T18:39:27.919041Z","last_seen":"2026-03-20T19:01:15.292656Z","times_seen":2,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/A3sLm15Y.php?s=%2Fjmpd%2F","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:03.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"POST /A3sLm15Y.php?s=%2Fjmpd%2F HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vote-surge.xyz/\r\ncontent-type: application/json\r\nContent-Length: 1400\r\nOrigin: https://vote-surge.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1400,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QBrgLrAhUAEwD-AhgDKADWAhoAAQACIgMAAO8nhn2XtsKCAabLOgCpT1COAcDeumUCAABdncQ2N0Bu2Sp00ZEiRQp6kVLfnouWZ7HjsxsG-vsYAH4uzuX02Bhhx4jePrSSC42-E-aiG9K__PyUcJzBjS5qLr6EtFmB9qGgAtYc9koxLuy9KHbl0-lE6FGj2C4R8pdNPzqLru7W6L0s509NY0Sspf3sV_V6gEMU5o7NUo-izsDa4curmWv77TcUhJHAbNHOvq4GEyprRgXr2bAsb0cx12gi_QY7u8ywluOj8_0PEZV92-xbipJ9VIxCBNbZRf28CCTDQTn3ZCDMob9wGxzXBQw4AtCBHbBOvuDs5EDdrplGZzeAWODYv7tNWy3_1TySub-JsZOsSAS1zGQ6yVK4BnfRQshD8sRGlTcnZagZD12a8kykzYj8rHeOS3lEze-jOJNEbCG0Du61P0f6AhODpMJXTM8RDI1FhizZZklHEP2SXNUCy0IWmHKO4veNwrG27if2-JmaDmXicYJDmttv8l4p36BOPBv8u5Ish6RZ8tyRMzfDvPb3JHRu6-gfmx7SytMCCwQ3g0PmUjFza9XqcBbfygP1N3T5P6nuzImaKBsavfFn02sEO8PtAY7PnKXtGrfQiOEYZN_SOcgG4qJMWgV3WU5k2FDF-7oiFyjDu2lQL3vcUs3SlLd2mWCPEp5reEcp0WqCOD9IZUxmrkv0vS2JvDUhK_gyVFKNOIPTZrM9JCn6GtSonJP4bt-nh05Qe0fLvpXZ-8JKhEh7wveMsrnB5AcFwvMIy6GXQW3fQ50nkrRPuRRRemmNRaE93dfSJm5p09b3E0_R4T5mJ9MZ3gN2i91d_u72ZbAJ313nFAHJFNC6DwLoa_0WIwLnM9i5u5HQJ7kkNdKhWoREVhbnW5TPVjmNG8GjQ_7OQsaEufiJtcnUh11I0-RHh_KrLbRaHiNZDIm8JjWTIqakvp08hipOPpccKZq1JLt7z7UdG6aZdnXBWjtXl_y3xDBNss1Lx5eFgUlL6a6u7vv8LbKzsfHUG_x-qVDzuR08fKRIjOacALvk8lGh8w7a-k4e0ekhv7j3icfupniDJf2JQpnD45s-TQmmu55D6MseqkVKKiulN5MxzNqXs1ZTR3JVkOe90fr_lez6988Q\",\"challenge\":\"eyJpZCI6ImU3V2JpRlZDUDNES3JtaEtyXzNIZ1EiLCJub25jZSI6MjIsImhhc2giOiIwMGNiODAyMmZmYmYzYTY5YTc5MmYxMTYzYWEzNmFmNzU2NGJlNTczNjkzN2U3ZjhmNmIxNjZjMWFlMjdkNjhiIn0=\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Fri, 20 Mar 2026 18:39:03 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l%2BHWIZbK%2F4heEeVFepB25831AD6Als98jfn90umNi3CXtqvyRajhnGYMJM%2FgtkjIP68B6ScTkn787YYJ54MPKHwfKfz9Y6LBHOO3tlub\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9df6d65c6c0cc124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":681,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":681,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/index-rCC5GF5f.css","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /index-rCC5GF5f.css HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:19 GMT\r\npriority: u=2,i=?0\r\netag: W/\"69b3027b-1bab\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8umJJk%2Fk1467zaQebuqCNUr32PRRHRhFmWQwWzLIm326i9L4LULb4nD%2FXL9lRyiQAmJm6mNG2beb2ZeIW8%2FUyq38XphzJ5hNXrqdFzg6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d64f9b9ec124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7083,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7082)","md5":"0d6a1ef532f49b6d5a7ce39f07e32c4b","sha1":"7c75b67817c31c4a1163f4653c780d0a605b5d15","sha256":"a6cf150eeb9e9e977f03dd6d8fef02523540e0b2039024ed7c1945dd03c1176e","sha512":"a51d411aef47b801cc32a51c2983c3c886ec9e820289a5a6ba207d4617302916ff1a0cc2e3471a483fd455f52a6808c939011fba79df0c30a927b36165850288","ssdeep":"192:8p8cvY7AvIG62qdcuW77DziIMdvnMBLbPNMzmMrg1jf4mi++6ddF/niqLA:2Q7AvIG62qdcuW77DziI/7KSWg1jfHxm","tlshash":"43e1ff9088aa402ef377d3fab0ec7a48583c5683db270e7eb07a6c9d85045da2377175","first_seen":"2026-03-20T18:39:27.95713Z","last_seen":"2026-03-20T19:01:15.307186Z","times_seen":2,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/Home-DOSk8nKM.css","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /Home-DOSk8nKM.css HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:19 GMT\r\npriority: u=2,i=?0\r\netag: W/\"69b3027b-eb5\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Nc15hY97S5XQJxWa8mP0z6xwsvGtO1Sy1ONzq6FEonvaj0fdYwru5657Nw8jd0P3oC3wLEAWq7%2FbJkn6ZJ8IIw065fZktfeuGC8eD%2B9w\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d64f9ba2c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3765,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3764)","md5":"d235c0d783775717672389d23feadf6a","sha1":"fdd2583f99804d671bac9c12b2ddf441a95a7907","sha256":"f714dc1c888c8d620d36011604554bc019606684b63643b21d00c85561264f3c","sha512":"374971886b19bcedf0f7908cd474dd9ae2a4251575eb46f6d1613a859d7e203945df3d08f78aeab0d0fa6d11904bfc85256adc4592d604d39e7f28f332b26a35","ssdeep":"","tlshash":"f771242063102c27d1338f2d92c4ebbc6764a5218fe3856ee695ae2cd3fd9f4065e6c1","first_seen":"2026-01-26T17:30:40.156145Z","last_seen":"2026-03-20T19:01:15.314809Z","times_seen":7,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/img_launch@2x.png","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /img_launch@2x.png HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:19 GMT\r\npriority: u=4,i=?0\r\netag: W/\"69b3027b-1540\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aoPN0sbHXHEGyiZvvQZt1yQrN26g%2BqWiQXfwZpno%2FALbsESrhUzaiVStVLTH4VPbrJMzzuWIQy7zVhHgq8yvQrtodfs3dXWTvK2n2otc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d64f9babc124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5440,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit colormap, non-interlaced","md5":"d66210e4bcc8f4f0f7b4474de540b962","sha1":"244f35c9c7fcd6ceddf85f72af1745f77f3bc71a","sha256":"ff0ff525f4b56ca78111a4aba32aa99cabec82c8c2937dde442d50512fd1cec1","sha512":"29395b13261946392427459d89c2e855da1825a288d289e87f9fe568691ad12eccfffbc6196a10ce51f0a93521cba092bc838e2fe48936f58ce01afb0f4b2c43","ssdeep":"96:D+XnvbJYjVp02Y+qLCwRLJ8xyuX6WK9f4tmVCoUj+BUZNYFg34z:D+Xngp02YjLSKvCoUjtZ2Fg34z","tlshash":"1bb17c3514f8b3d0e6b3b33ed9288a7b7be1aed6182d21e3408f0ca1351d9c151b6ac1","first_seen":"2026-03-20T18:39:27.961178Z","last_seen":"2026-03-20T19:01:15.288105Z","times_seen":2,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/logo.svg","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /logo.svg HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:19 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4R%2FEQLFghEwS6zQ302Wl6XkiXWoFFJ%2BGvjrNnbCXFobgzFnOhLBJZs9vFevZriEnUlsmXd%2FYudKqrYeI9vG7MQuaw3VNZ1Ny0JwaE8it\"}]}\r\netag: W/\"69b3027b-b7f\"\r\ncontent-encoding: br\r\ncf-ray: 9df6d64f9bb0c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2943,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c068003642baacea89dceb414ce7ffc7","sha1":"6c33ed4ff74e0b46b9a130570c7a8b27f6e8bcb2","sha256":"b3a0f51c53e3d853e62aabd827b21e2c0389cab5bae7fec4c86533399013da75","sha512":"430eb7dd39bdf040d5649b8c95d0d8368b10a8009572b1bda529251c5755457f6ec00afe440c16f30a626e6e72110e60e807581dd60781b07815cc8d7d7a7520","ssdeep":"","tlshash":"ed5144fc9ba485c898888ac67f12955c1b57f1778e97c710c08c9ba474e7f1cce6ae41","first_seen":"2026-03-20T18:39:27.963102Z","last_seen":"2026-03-20T19:01:15.296242Z","times_seen":2,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/index_5.html","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /index_5.html HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Thu, 12 Mar 2026 18:14:21 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nfG1dqANTaB%2ByRlMBobkBpI87UX%2F4j3ASnqpwccx8twoPzWWFypOvXTM8XKZRiJ4D1DqiS6kf83x2Ags4P7LEUZ1fBPeY2rL9cTFxB0G\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9df6d6509e27c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1296,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1295), with no line terminators","md5":"f563829a824b6f4c635e589c7a8f2734","sha1":"fda8fd5673f763e50fd4079c29798083f3fe25ff","sha256":"113714218234f38020c6b66925cb7574665c0afd13fcde71afca2c0db09097e8","sha512":"c3c21518c598d306ee3a04f1c13dc76f12cdc4cfa15f0b59eaf8bde35e88eee2cad307e1effae12d1960be9022997a0d412b3682a77e632775943b0fb367acc7","ssdeep":"","tlshash":"da2165f17802ad15901773e5ecca904eb403fb1dd74058c8addea81fc9bae3d215988c","first_seen":"2026-03-20T18:39:27.96485Z","last_seen":"2026-03-20T19:01:15.290428Z","times_seen":2,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/styles-GA26BFBD.css","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vote-surge.xyz/index_2.html","date":"2026-03-20T18:39:01.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /styles-GA26BFBD.css HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/index_2.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:21 GMT\r\npriority: u=2,i=?0\r\netag: W/\"69b3027d-30a88\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kgD6ZY5gXyMc35MISlFNrjFoaYzkmIj70bGNSECryEsMARIdfzChjpnCyTe6roFROdLcN2DNWv55PYjRpVJzkaoSmMJ9%2BlAEbiyMAeEu\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d6515862c124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":199304,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b6e2ace957784fdbef98b47da7c4cbce","sha1":"7700384f5377d1a1562e005992cca6d0ad4280a4","sha256":"1430a4db3cd3b5537d423f3caa3109bc6b2e1da2f744e89f13673601ef668680","sha512":"9252073af80ba8c34427570bc7b90b5b69be88b7714a2e7096ee887ed476270a451b0652f43bb314f5323948d4655b92846dfb1d1584a7f04f10f1ee92553636","ssdeep":"6144:e+a9wtfXB715Hf5fdI2L7iT6d/XjBjnwPZDrLbFR:06d/XjBjnwPZrbFR","tlshash":"ff14b9d7f691203ca557c2a2a6d13bbc0a6fb481e6531df6f0036bfc46c97e602a254d","first_seen":"2026-03-20T18:39:27.96659Z","last_seen":"2026-03-20T19:01:15.301592Z","times_seen":2,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/index_6.html","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://vote-surge.xyz/index_5.html","date":"2026-03-20T18:39:01.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /index_6.html HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/index_5.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Thu, 12 Mar 2026 18:14:21 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K0kyW2qwPCPPG9NGry4Kqadj%2FXDsS7Mfd44MsvhUZ9F340aJVV7IAw8oNHpZiqRiHrUr9q5RbqTbhipHEPby0uYtkB8p0dTLL3uYC6PI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9df6d6526aafc124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":144,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with no line terminators","md5":"3762063e0643915fe267822ed73a3fdc","sha1":"7697ebe1c64f3751a8f9cecddb39e64378f07706","sha256":"1bf1c9d160ef57f69eef1dafb70d2248f30f6766db11e132efee53f789afb4fc","sha512":"e9ae2d73ae71a4c0f343a505cc09ab772c6f8c51cfdd3fada94e4a75a10da84412ff7dac616677ca0348698f1b40e0deef27327e6875ebff4757e24fb3ee9d31","ssdeep":"","tlshash":"06c02b22d8004c0f79509fd1cb8af1c4c043dd3ce8215d10b873b154e9ac131c012548","first_seen":"2024-12-16T05:11:29.836626Z","last_seen":"2026-05-04T09:50:27.582674Z","times_seen":13,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/index_4.html","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://vote-surge.xyz/index_2.html","date":"2026-03-20T18:39:01.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /index_4.html HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/index_2.html\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Thu, 12 Mar 2026 18:14:21 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=32j2X%2BnfJoWSTAOHfrTuS5%2BEfZD%2FjWrm0wzeDNPY4G%2FSJ%2FQaQ8EleeFPpDJDVVhcLW3IsheluM33ejkzS%2BmHl01D0rB2ReasquQbv3z0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9df6d652bb4fc124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2177,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (2138)","md5":"8d62b00b33cbf18ea1749758ddaf1bc6","sha1":"95951a397e21d1b871b6b8aaf909eae50469c3de","sha256":"cf1f8d680de45d5ae845baffbf49c30442915a44dd58c2e400e055bf24c9eaec","sha512":"84212af8dcf8630086ec0c3ec69cd954b0438661fe33e2a2e222fef214bb2c262cc14f3402c90b5197ab5baa05e0d850e6fb0f1f2aa1baf812af6e7670d71c98","ssdeep":"","tlshash":"854119a292114a283d5a9a33add2d0d982339ccf78c91018fdf4b7504233aef1162cfe","first_seen":"2026-03-20T18:39:27.970704Z","last_seen":"2026-03-20T19:01:15.313559Z","times_seen":2,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vote-surge.xyz/css2-1.css","fqdn":"vote-surge.xyz","domain":"vote-surge.xyz","tld":"xyz"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vote-surge.xyz/","date":"2026-03-20T18:39:01.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vote-surge.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 22:51:28 GMT","end":"Wed, 10 Jun 2026 22:51:27 GMT"},"fingerprint":{"sha1":"9F:FD:06:0A:AA:07:3E:77:AC:E0:A2:0D:66:9E:D3:43:28:6B:C2:3E","sha256":"EE:35:9C:C7:2B:F7:1A:7F:E7:FC:87:E2:2E:C5:11:94:00:C4:C2:CD:B8:FA:75:7E:CC:7B:80:06:A8:67:D3:E3"}}},"request":{"raw":"GET /css2-1.css HTTP/1.1\r\nHost: vote-surge.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vote-surge.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 20 Mar 2026 18:39:01 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 12 Mar 2026 18:14:19 GMT\r\npriority: u=2,i=?0\r\netag: W/\"69b3027b-241b\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4luTJ1QK1zVyJaSzxBmG4KkTBOdz5DnC5X8ffBXXcclS4HGdxVJjdWcWDp0pucv%2F%2FpnVMmImZ3ShyghVOjm20%2Fkdz6FoiOp87orbUwG5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df6d64f9b9dc124-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9243,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"cb9db6ffac8d4f73bc1367a11a17ddd4","sha1":"5d3e085abc3af81e06def7a1a4e6960987555734","sha256":"99d97a335fd4c5d02ef3602540d24cfd8dcfd25c565aeeae761847d1de07b72d","sha512":"d7b5d871e7a1d262cf7a284a3769d28983d70f0446918b26215e8cde9813f7db62f3a892270ebb15b1b98a951b382a59ea64cb73910686feec70aef28d5f9223","ssdeep":"192:Jgpbp2Sp+582L+KD2k+ri2Z+ER2q+N42H+O/2g+fu2l+Yt2G6:JgBjQWzg1yXsn","tlshash":"f5129880086ba400eb931cc127ce3f72af5d614164049a7a7ffe01adbcaac6953a675d","first_seen":"2026-03-20T18:39:27.972682Z","last_seen":"2026-03-20T19:01:15.282269Z","times_seen":2,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"vote-surge.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}