{"report_id":"8eb33905-b348-446f-b4c0-0fae0f6929f8","version":6,"status":"done","tags":[],"date":"2024-06-24T04:39:58Z","url":{"schema":"http","addr":"gors56xaf.cc","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"104.21.30.242","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gors56xaf.cc/enter/register","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"title":"t33n leak 5-17 age"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T12:16:45Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"gors56xaf.cc","ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":10,"request_count":10,"received_data":634610,"sent_data":5118,"comment":"","tags":null,"fingerprints":null},{"fqdn":"matrix-client.matrix.org","ip":{"addr":"104.20.77.252","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"1994-11-02","domain_rank":167763,"first_seen":"2019-10-18 17:57:30","last_seen":"2024-06-19 15:33:32","alert_count":0,"request_count":1,"received_data":2264492,"sent_data":541,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.sectigochina.com","ip":{"addr":"172.64.149.190","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2019-10-20","domain_rank":0,"first_seen":"2022-02-25 07:42:56","last_seen":"2024-06-12 14:18:51","alert_count":0,"request_count":1,"received_data":964,"sent_data":333,"comment":"","tags":null,"fingerprints":null},{"fqdn":"b.yzcdn.cn","ip":{"addr":"154.85.69.57","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"Singapore","country_code":"SG"},"domain_registered":"2014-12-08","domain_rank":425969,"first_seen":"2015-07-08 11:30:49","last_seen":"2023-10-23 14:59:32","alert_count":0,"request_count":1,"received_data":9755,"sent_data":428,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-06-23 18:17:21","alert_count":0,"request_count":5,"received_data":4436,"sent_data":1635,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gors56xaf.cc/js/chunk-vendors.ea790e22.js","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fee178f809d1b2a829099a8bb91c56c","sha1":"178b6322fdc40c08fcbda0c096c668855ad49b51","sha256":"c3580c9951b9554639c1404a246b3f27f818a99240c728f04cb964cd9e50b73d","sha512":"965985bffe1e9a2254888c7eadb7e896a0e78581ac728ca8c0d38fb673ceb302205573a9bff914acd7c1cb7bc6da32ed4cb5409dbf6e3eecc98fb359c28e8cdc","ssdeep":"6144:SCUOs30tR08Fg3iLLbQdqyWwEZwYLGX4yZI9Go/IudP0Pz+CNdQKKbqmM9wszi1I:SmsEtR08F7eRE2+UFPS3KKMhsgAPFDy9","tlshash":"c8151a89b281b075439770a4806f110ab2376d5ca40ad198f67df4e9af7ca8d6137f3e","size":949174,"data":"","first_seen":"2023-03-07T01:35:40Z","last_seen":"2024-08-21T09:33:17.508651Z","times_seen":1004,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gors56xaf.cc/js/app.6aa56b14.js","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d14db566306fb0b94721eceaed5b85f","sha1":"8e315a0b4dea8769b752ad4ec00702fc12d4b9a9","sha256":"3e14c9fa0f8bd2ad9b00cd147968e59f02a9a3880d7e44e2875477071a5bca13","sha512":"cb28bed2ad3c0924c77ebb473ea84ca0a166c5ea07cadb69fcdc3404f88745d8858c425b12af3e79162b36d79c6250dc02c279513cfa9eb67c0aa614ba41d2aa","ssdeep":"1536:eTQ/PnNy7O4fEwwoaTYTmhGT+uT57THTzNYfZ:eTGoy43woaTYTLT+uT57THTzgZ","tlshash":"bef3fbb7de45a90c0e154506397911c1b3b33f59da6780c6f3b4ea982be1cb4362a78f","size":170725,"data":"","first_seen":"2024-06-22T20:54:31Z","last_seen":"2024-08-19T19:10:30.125744Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-24T04:39:31.496508173Z","timestamp":1719203971496,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F661A4C5B81EDB82EC095D2D50B655E19536630577352B6ABBFC3962ADF3454C\"\r\nLast-Modified: Sun, 23 Jun 2024 01:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=16323\r\nExpires: Mon, 24 Jun 2024 09:11:34 GMT\r\nDate: Mon, 24 Jun 2024 04:39:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"116d4d1edb43ea3783c92812f245f108","sha1":"02c09fc6450c50f5d2f7f6162fed01cf2c4bf6b8","sha256":"f661a4c5b81edb82ec095d2d50b655e19536630577352b6abbfc3962adf3454c","sha512":"f0a634e57794959630347a12281aea2ee67104b5287a3c468e491da7421b1deb933a82170f98525872fe67647b70b9536ed0249204107c19e10188bbdf38a37f","ssdeep":"","tlshash":"79f0057d017a7751f224151529e8d6645e40de953d0517a1b56010d3b026ffd4190089","first_seen":"2024-06-23T05:49:43Z","last_seen":"2024-08-19T19:08:18.438208Z","times_seen":25208,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.27","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-24T04:39:31.96386169Z","timestamp":1719203971963,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"6E8DE7454DF9B981F3C2BD8746558F3EB5C48599C66FC0F5301169C0ED42C8FE\"\r\nLast-Modified: Sat, 22 Jun 2024 11:47:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=6215\r\nExpires: Mon, 24 Jun 2024 06:23:06 GMT\r\nDate: Mon, 24 Jun 2024 04:39:31 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"31c219b3ac9b4615f1a78cd882995e6c","sha1":"1bb1aedb59500ceabd4f44ae9b7317c544084afd","sha256":"6e8de7454df9b981f3c2bd8746558f3eb5c48599c66fc0f5301169c0ed42c8fe","sha512":"1ee09ddd8d0e35c822038657fb1d3f3de92a41ef658502fc0f4125e1f77504b72d487c41b51cbe9dea2cff2e07226ca4a96baa6be0a37c924038384d74f6052b","ssdeep":"","tlshash":"acf0c06636a57251a73029126afbe7085cad7efd3195b5f624e480e0e861bf45384084","first_seen":"2024-06-22T18:01:34Z","last_seen":"2024-08-19T19:11:24.979839Z","times_seen":34747,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gors56xaf.cc/js/chunk-vendors.ea790e22.js","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gors56xaf.cc/","date":"2024-06-24T04:39:32.553Z","timestamp":1719203972553,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gors56xaf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Jun 2024 13:41:06 GMT","end":"Thu, 19 Sep 2024 13:41:05 GMT"},"fingerprint":{"sha1":"73:1E:D2:85:40:D0:EB:7B:6A:FA:EE:84:DA:FA:D0:73:0C:F9:04:C5","sha256":"42:F6:94:50:D8:CC:F0:C6:40:FF:72:05:80:EE:96:77:07:77:73:BF:4C:5A:06:ED:90:32:9C:12:FA:13:7A:BB"}}},"request":{"raw":"GET /js/chunk-vendors.ea790e22.js HTTP/1.1\r\nHost: gors56xaf.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gors56xaf.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 24 Jun 2024 04:39:32 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nlast-modified: Sat, 22 Jun 2024 12:59:29 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1183\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=uI3I28rVEjcBuknQpiPTkuz%2FnZqVP7R%2BnBKDTlvYqxiXie%2FQL%2Fc7bhwK5LskHmKvroeTmLDjH%2FkeKvWzSbvPmdJmbdxkUSKODtHsQeUTkEs050UaDeAiYkvMlbZCcf4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 898a08dc6c695693-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":268196,"size_decoded":949174,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (51759)","md5":"4fee178f809d1b2a829099a8bb91c56c","sha1":"178b6322fdc40c08fcbda0c096c668855ad49b51","sha256":"c3580c9951b9554639c1404a246b3f27f818a99240c728f04cb964cd9e50b73d","sha512":"965985bffe1e9a2254888c7eadb7e896a0e78581ac728ca8c0d38fb673ceb302205573a9bff914acd7c1cb7bc6da32ed4cb5409dbf6e3eecc98fb359c28e8cdc","ssdeep":"6144:SCUOs30tR08Fg3iLLbQdqyWwEZwYLGX4yZI9Go/IudP0Pz+CNdQKKbqmM9wszi1I:SmsEtR08F7eRE2+UFPS3KKMhsgAPFDy9","tlshash":"c8151a89b281b075439770a4806f110ab2376d5ca40ad198f67df4e9af7ca8d6137f3e","first_seen":"2023-03-07T01:35:40Z","last_seen":"2024-08-21T09:33:17.508651Z","times_seen":1004,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gors56xaf.cc/socket.io/?EIO=3\u0026transport=websocket","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-24T04:39:33.259432032Z","timestamp":1719203973259,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gors56xaf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Jun 2024 13:41:06 GMT","end":"Thu, 19 Sep 2024 13:41:05 GMT"},"fingerprint":{"sha1":"73:1E:D2:85:40:D0:EB:7B:6A:FA:EE:84:DA:FA:D0:73:0C:F9:04:C5","sha256":"42:F6:94:50:D8:CC:F0:C6:40:FF:72:05:80:EE:96:77:07:77:73:BF:4C:5A:06:ED:90:32:9C:12:FA:13:7A:BB"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=websocket HTTP/1.1\r\nHost: gors56xaf.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://gors56xaf.cc\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: C/AaahM4Q+Q6zEs/iWCnAg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Mon, 24 Jun 2024 04:39:33 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: 1eVsH6s+sexP0ZjoWhkZR2ksKHU=\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=xRvGK0IPfp3AU2yA7qgD8ujXfRk0CCVJ1aLv9RIdg2U6JBgxsWkm58BxPFxIiHkS7YdMxzcEleUNIhOAvupAIBX%2FJiAG5DT4rxyXVlWb0HABtdF40buPudHXKQmMaBQ%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 898a08dffa801c16-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"matrix-client.matrix.org/_matrix/media/r0/download/matrix.org/NNVvsoPfuaVUEeMNjvsPXyFb","fqdn":"matrix-client.matrix.org","domain":"matrix.org","tld":"org"},"ip":{"addr":"104.20.77.252","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gors56xaf.cc/","date":"2024-06-24T04:39:33.141Z","timestamp":1719203973141,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"matrix.org","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 31 May 2024 05:08:05 GMT","end":"Thu, 29 Aug 2024 05:08:04 GMT"},"fingerprint":{"sha1":"95:53:E2:B9:11:52:CA:D3:E5:8C:B6:CC:4B:C2:49:BA:AA:23:50:96","sha256":"D6:90:3B:E3:CD:DE:E0:E8:DF:6D:6F:E0:A3:F2:6D:F4:7D:2D:B6:E9:0D:18:90:07:E7:D6:43:6C:4F:44:DD:5A"}}},"request":{"raw":"GET /_matrix/media/r0/download/matrix.org/NNVvsoPfuaVUEeMNjvsPXyFb HTTP/1.1\r\nHost: matrix-client.matrix.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gors56xaf.cc/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Mon, 24 Jun 2024 04:39:33 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 2263409\r\nsynapse-trace-id: ad117eb2872b0a7e\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: X-Requested-With, Content-Type, Authorization, Date\r\naccess-control-expose-headers: Synapse-Trace-Id, Server\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy: sandbox; default-src 'none'; script-src 'none'; plugin-types application/pdf; style-src 'unsafe-inline'; media-src 'self'; object-src 'self';\r\nx-content-security-policy: sandbox;\r\nreferrer-policy: no-referrer\r\ncontent-disposition: inline; filename=gor.mp4\r\ncache-control: public, max-age=86400, s-maxage=86400\r\nx-robots-tag: noindex, nofollow, noarchive, noimageindex\r\npermissions-policy: interest-cohort=()\r\ncf-cache-status: HIT\r\nage: 53968\r\nlast-modified: Sun, 23 Jun 2024 13:40:05 GMT\r\ncontent-range: bytes 0-2263408/2263409\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 898a08e049a11c12-OSL\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":2263409,"size_decoded":2263409,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"35234950be6ba1d22cba8b21e75c9700","sha1":"daafcbc48d97d851fde1f26ef52e92575f43c8c5","sha256":"74bc4064e7ce90ba0d31627f06231211f1812bb4e158309ef38913f4f27d5ac5","sha512":"78d1916234f7669a374398ce761234429894f562a4a2ab41eb6ed9c4ed39af21f7379fd9f8dfdd3dabd4737a09def3618b05ff291d10f11a0cf8c2e440e40bf2","ssdeep":"49152:UHW5U5ZFA2NnLUXGKJw7o9NxMm9FMiLdsCRENMHh95EBUiOaXPGgYYj:UQCTFLHKisjxriWtHmBUngYYj","tlshash":"76a523af5d9206b0ff1cfe7e58e2c42ac5e95514c8caca9fb11c292143bd64417af07a","first_seen":"2024-06-22T20:54:32Z","last_seen":"2024-08-19T19:10:30.128187Z","times_seen":8,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":23,"dns":2,"connect":1,"send":0,"wait":10,"receive":210,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gors56xaf.cc/img/icons/apple-touch-icon-152x152.png","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gors56xaf.cc/","date":"2024-06-24T04:39:33.488Z","timestamp":1719203973488,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gors56xaf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Jun 2024 13:41:06 GMT","end":"Thu, 19 Sep 2024 13:41:05 GMT"},"fingerprint":{"sha1":"73:1E:D2:85:40:D0:EB:7B:6A:FA:EE:84:DA:FA:D0:73:0C:F9:04:C5","sha256":"42:F6:94:50:D8:CC:F0:C6:40:FF:72:05:80:EE:96:77:07:77:73:BF:4C:5A:06:ED:90:32:9C:12:FA:13:7A:BB"}}},"request":{"raw":"GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1\r\nHost: gors56xaf.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gors56xaf.cc/\r\nCookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 24 Jun 2024 04:39:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 4046\r\nlast-modified: Sat, 22 Jun 2024 12:55:53 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 5831\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=n7soXRvEWd8utBQl16jo1UhxdEOCRnaq%2FxuBS%2FuGlUgpGDoolPe4qZoo8HQveCwYobIEquUxTbV0B%2FAOn%2FaGY8PQpac55bzkhNJCQpIa82TMK%2FxjdByoObWYKNkR3MI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 898a08e248575693-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4046,"size_decoded":4046,"mime_type":"image/png","magic":"PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced","md5":"1a034e64d80905128113e5272a5ab95e","sha1":"92328e60f63d690f33cd4961b9934a539dc29b82","sha256":"4d9685d610c4411caadd8d36ce94d3303cf5b05c8e04d67fc232c16a4469a135","sha512":"663dccaa2273e1b381f202d9a47c850565289c7e663c511c3936e5609de51fcb61e1d088660ea9befce2609dbcd3ad6f815d043a87631b31fc596d0b14dfce86","ssdeep":"","tlshash":"e1816eddfa9cc6df85131d9b016f6185f83da0565efc3d06a4bb8d0a6822a601b017d5","first_seen":"2023-04-13T00:26:43Z","last_seen":"2026-06-08T20:58:07.859767Z","times_seen":1625,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-24T04:39:34.554507328Z","timestamp":1719203974554,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"BD791E8F44B990A0091FEBC3CC3B24799EB26B87FE5AA381AD98AE4662F7F802\"\r\nLast-Modified: Sun, 23 Jun 2024 05:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8877\r\nExpires: Mon, 24 Jun 2024 07:07:31 GMT\r\nDate: Mon, 24 Jun 2024 04:39:34 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"fe36e270c1ecfa3891cc7b505e7894b6","sha1":"ce43401e7146eb139a1e3caf7db957e6b9531dc3","sha256":"bd791e8f44b990a0091febc3cc3b24799eb26b87fe5aa381ad98ae4662f7f802","sha512":"5bb88dae1dd0ff26edac7aa9a96c18bed64736dc1f2b635f7148df70940faee6f770cdb67519169140253bebe537e8f0b361cbc7eaa5495477ca3cbbf34aabf5","ssdeep":"","tlshash":"ebf07e2a61fa7e62b6f024262e48a9334e210e7d34000d82307052d2b863fdc1bc404c","first_seen":"2024-06-23T11:25:10Z","last_seen":"2024-08-19T19:07:05.736639Z","times_seen":25848,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-24T04:39:34.556351208Z","timestamp":1719203974556,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"BD791E8F44B990A0091FEBC3CC3B24799EB26B87FE5AA381AD98AE4662F7F802\"\r\nLast-Modified: Sun, 23 Jun 2024 05:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8877\r\nExpires: Mon, 24 Jun 2024 07:07:31 GMT\r\nDate: Mon, 24 Jun 2024 04:39:34 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"fe36e270c1ecfa3891cc7b505e7894b6","sha1":"ce43401e7146eb139a1e3caf7db957e6b9531dc3","sha256":"bd791e8f44b990a0091febc3cc3b24799eb26b87fe5aa381ad98ae4662f7f802","sha512":"5bb88dae1dd0ff26edac7aa9a96c18bed64736dc1f2b635f7148df70940faee6f770cdb67519169140253bebe537e8f0b361cbc7eaa5495477ca3cbbf34aabf5","ssdeep":"","tlshash":"ebf07e2a61fa7e62b6f024262e48a9334e210e7d34000d82307052d2b863fdc1bc404c","first_seen":"2024-06-23T11:25:10Z","last_seen":"2024-08-19T19:07:05.736639Z","times_seen":25848,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-24T04:39:34.557558758Z","timestamp":1719203974557,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"BD791E8F44B990A0091FEBC3CC3B24799EB26B87FE5AA381AD98AE4662F7F802\"\r\nLast-Modified: Sun, 23 Jun 2024 05:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8877\r\nExpires: Mon, 24 Jun 2024 07:07:31 GMT\r\nDate: Mon, 24 Jun 2024 04:39:34 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"fe36e270c1ecfa3891cc7b505e7894b6","sha1":"ce43401e7146eb139a1e3caf7db957e6b9531dc3","sha256":"bd791e8f44b990a0091febc3cc3b24799eb26b87fe5aa381ad98ae4662f7f802","sha512":"5bb88dae1dd0ff26edac7aa9a96c18bed64736dc1f2b635f7148df70940faee6f770cdb67519169140253bebe537e8f0b361cbc7eaa5495477ca3cbbf34aabf5","ssdeep":"","tlshash":"ebf07e2a61fa7e62b6f024262e48a9334e210e7d34000d82307052d2b863fdc1bc404c","first_seen":"2024-06-23T11:25:10Z","last_seen":"2024-08-19T19:07:05.736639Z","times_seen":25848,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.sectigochina.com/","fqdn":"ocsp.sectigochina.com","domain":"sectigochina.com","tld":"com"},"ip":{"addr":"172.64.149.190","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-24T04:39:35.835809302Z","timestamp":1719203975835,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.sectigochina.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 24 Jun 2024 04:39:35 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 472\r\nConnection: keep-alive\r\nLast-Modified: Sun, 23 Jun 2024 02:04:18 GMT\r\nExpires: Sun, 30 Jun 2024 02:04:17 GMT\r\nEtag: \"ed470be07eb6c0a09b8f4b99925c094af2b7da24\"\r\nCache-Control: max-age=509376,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb1\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nServer: cloudflare\r\nCF-RAY: 898a08f0adf356c6-OSL\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"8d47ced29029bdf9e89fdbdd70acfa27","sha1":"ed470be07eb6c0a09b8f4b99925c094af2b7da24","sha256":"ea6402a6fd2a5777a23c9793792fbe7c01f86938f39415ec5c5e14fece01e851","sha512":"9322d173cb582dbad80510117a784784b1cd5d60adfd97f6f249199a54fa8fad3f1d52a4442709b2f4aaed947682fd676e406faf87ccc03d769103ed9d343add","ssdeep":"","tlshash":"f1f0d4091da710445c457c9d5e9455555580b3840c017687b8b0e27fce5a775065eda1","first_seen":"2024-06-23T08:26:18Z","last_seen":"2024-08-19T19:07:45.949027Z","times_seen":6,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gors56xaf.cc/css/app.6b4c07ad.css","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gors56xaf.cc/","date":"2024-06-24T04:39:32.560Z","timestamp":1719203972560,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gors56xaf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Jun 2024 13:41:06 GMT","end":"Thu, 19 Sep 2024 13:41:05 GMT"},"fingerprint":{"sha1":"73:1E:D2:85:40:D0:EB:7B:6A:FA:EE:84:DA:FA:D0:73:0C:F9:04:C5","sha256":"42:F6:94:50:D8:CC:F0:C6:40:FF:72:05:80:EE:96:77:07:77:73:BF:4C:5A:06:ED:90:32:9C:12:FA:13:7A:BB"}}},"request":{"raw":"GET /css/app.6b4c07ad.css HTTP/1.1\r\nHost: gors56xaf.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gors56xaf.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 24 Jun 2024 04:39:32 GMT\r\ncontent-type: text/css; charset=utf-8\r\nlast-modified: Sat, 22 Jun 2024 12:55:39 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 5830\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=lCMmZlE5dEouEpP50ckhr5AXxGwbeK2L4IGBU96oHrOe2ndqGlVWkILeahYTydeJVoX%2FRSD0C7Hqr%2BNsIav5bUFyMzH3oiFI2BVMuwdvWsaqiwdOG59k3xusBwzfRVU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 898a08dc6c725693-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11450,"size_decoded":14103,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (14103), with no line terminators","md5":"c7180b1ede7907715e07584edfd1e167","sha1":"6197c521aa97a095125e7e196fe8bc027b6f2f26","sha256":"3c86809c6de968ef4ae10ed816a08fab2677d40a87c0017932908f02fec038da","sha512":"4db590119128fd4192c6dc2a87b9b7dd4f068613f1d3e1b7ccda00981976ba34496809ba88148f279d5751e27d9858e60737c2c5034a94e172683f41c9fb5c1c","ssdeep":"384:wVxfI8KKKF0l0V53BX3T8iFBi6lz14671Vud8lzDq90FlzP:wXf3KKKF0l033BX3T8iFBi6l54671Vu+","tlshash":"18526626fa8d2114fa3bc8a67ce5a78de214bf53e2434a55684397720ddb1b3373c285","first_seen":"2024-06-22T20:54:32Z","last_seen":"2024-08-19T19:10:30.137554Z","times_seen":2,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gors56xaf.cc/js/app.6aa56b14.js","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gors56xaf.cc/","date":"2024-06-24T04:39:32.556Z","timestamp":1719203972556,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gors56xaf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Jun 2024 13:41:06 GMT","end":"Thu, 19 Sep 2024 13:41:05 GMT"},"fingerprint":{"sha1":"73:1E:D2:85:40:D0:EB:7B:6A:FA:EE:84:DA:FA:D0:73:0C:F9:04:C5","sha256":"42:F6:94:50:D8:CC:F0:C6:40:FF:72:05:80:EE:96:77:07:77:73:BF:4C:5A:06:ED:90:32:9C:12:FA:13:7A:BB"}}},"request":{"raw":"GET /js/app.6aa56b14.js HTTP/1.1\r\nHost: gors56xaf.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gors56xaf.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 24 Jun 2024 04:39:32 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nlast-modified: Sat, 22 Jun 2024 12:57:54 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1183\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=qMnH%2FEaSOgVnm9DuJTUuvZ5VnsT0Co1SMuwY%2FC33olspCtWG%2BEPFzakALPpItD0fpzvbh%2Bqr7LPAhrNarbLBZ%2BGWZgoND3YIykM35nM1%2BcJ4OkTTxob%2BKfBsnIEiczQ%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 898a08dc6c6e5693-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":170725,"size_decoded":170725,"mime_type":"text/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gors56xaf.cc/css/chunk-vendors.c57533e1.css","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gors56xaf.cc/","date":"2024-06-24T04:39:32.558Z","timestamp":1719203972558,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gors56xaf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Jun 2024 13:41:06 GMT","end":"Thu, 19 Sep 2024 13:41:05 GMT"},"fingerprint":{"sha1":"73:1E:D2:85:40:D0:EB:7B:6A:FA:EE:84:DA:FA:D0:73:0C:F9:04:C5","sha256":"42:F6:94:50:D8:CC:F0:C6:40:FF:72:05:80:EE:96:77:07:77:73:BF:4C:5A:06:ED:90:32:9C:12:FA:13:7A:BB"}}},"request":{"raw":"GET /css/chunk-vendors.c57533e1.css HTTP/1.1\r\nHost: gors56xaf.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gors56xaf.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 24 Jun 2024 04:39:32 GMT\r\ncontent-type: text/css; charset=utf-8\r\nlast-modified: Sat, 22 Jun 2024 12:55:49 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 5830\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=5DZ2jRSbVPsdHBNLeEXafziv5IEAzXvToy%2FYu7kODSIl1NDmrOWMQ1cGL0g%2F988NepI5Z1nqiTTINfXLTayolOkkmsbT6jdFuC2xnoSmNcEqlMxgp9g85u3ecUvn18Q%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 898a08dc6c6f5693-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":156544,"size_decoded":156544,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ebfffebc1f62c3be51082e6595a0a005","sha1":"e278fbd6fd48150b3f366b50ed388983d934978c","sha256":"f5ce9e73e1f7cea326eedd4f39d9b2d703ba4ccb31a6078cdc1fb16481298a32","sha512":"ec1ffe3ba3da9f1db52f5bee312f94d09389d7f518234ca14712e2a7533f640264307382d3b2816e5c258b77581f6a4fc856895095067b83f5c4cd3c9d57219d","ssdeep":"1536:PeN5J+jOkiHcZiNEBVcZH5NHMja4drYEXfh1tRdsVAlWE:PgeVc5HMjajUfjXvlWE","tlshash":"ece3e92b8ac0235cb217ce615fc4a7d8c228c571e5920ef9f21376298fcbb86159675b","first_seen":"2023-04-05T23:34:09Z","last_seen":"2024-08-21T09:33:17.50638Z","times_seen":1144,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"gors56xaf.cc/socket.io/?EIO=3\u0026transport=websocket","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://gors56xaf.cc/","date":"2024-06-24T04:39:33.071Z","timestamp":1719203973071,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gors56xaf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Jun 2024 13:41:06 GMT","end":"Thu, 19 Sep 2024 13:41:05 GMT"},"fingerprint":{"sha1":"73:1E:D2:85:40:D0:EB:7B:6A:FA:EE:84:DA:FA:D0:73:0C:F9:04:C5","sha256":"42:F6:94:50:D8:CC:F0:C6:40:FF:72:05:80:EE:96:77:07:77:73:BF:4C:5A:06:ED:90:32:9C:12:FA:13:7A:BB"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=websocket HTTP/1.1\r\nHost: gors56xaf.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://gors56xaf.cc\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: C/AaahM4Q+Q6zEs/iWCnAg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Mon, 24 Jun 2024 04:39:33 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: 1eVsH6s+sexP0ZjoWhkZR2ksKHU=\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=xRvGK0IPfp3AU2yA7qgD8ujXfRk0CCVJ1aLv9RIdg2U6JBgxsWkm58BxPFxIiHkS7YdMxzcEleUNIhOAvupAIBX%2FJiAG5DT4rxyXVlWb0HABtdF40buPudHXKQmMaBQ%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 898a08dffa801c16-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":0,"dns":30,"connect":30,"send":0,"wait":137,"receive":3,"ssl":47},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gors56xaf.cc/getlog","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gors56xaf.cc/","date":"2024-06-24T04:39:33.077Z","timestamp":1719203973077,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gors56xaf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Jun 2024 13:41:06 GMT","end":"Thu, 19 Sep 2024 13:41:05 GMT"},"fingerprint":{"sha1":"73:1E:D2:85:40:D0:EB:7B:6A:FA:EE:84:DA:FA:D0:73:0C:F9:04:C5","sha256":"42:F6:94:50:D8:CC:F0:C6:40:FF:72:05:80:EE:96:77:07:77:73:BF:4C:5A:06:ED:90:32:9C:12:FA:13:7A:BB"}}},"request":{"raw":"GET /getlog HTTP/1.1\r\nHost: gors56xaf.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gors56xaf.cc/enter/register\r\nCookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 24 Jun 2024 04:39:33 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=hZMG5sHvfkCHmbIM5A4UcMXfdrAHNsEFyOE1VuucLxZVQMKZIR4NEsgyM4XdLUYa2AzkV5AHVmsi0LK0JabEizBU6g2kuHfcYtdsCpSXXI1W6MizWfbaxRtc1bMiESo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 898a08dfbe5f5693-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11993,"size_decoded":11993,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d4b969a93359bb947ddda0c45be026c1","sha1":"7006406d489cc8d9e9ba8b69c0ecd35b3f5fab07","sha256":"3e256c4c817da0cc35949ca898bbb6601ed9b2894615166e361061e8a7657cb6","sha512":"06b675eab36a029fdb328e89911f285bb203ab1e1d629f9c06afb43abbdc9f96766d22a14b155c564798b168ba23f504cacfaec88e102cd96b0a92a2c22d4572","ssdeep":"192:sTZYDqv6LOfThIc6PzJw/745Ka9S/ElA+68gN:aZYDqv6LsThIjdw/7C9S/ElAnnN","tlshash":"f932b3b81bf1357c11391894eef13ccb1aca612dc9818b92efcb5f5e34554a6198f3a2","first_seen":"2024-08-19T19:04:09.476478Z","last_seen":"2024-08-19T19:04:09.476478Z","times_seen":1,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gors56xaf.cc/","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-24T04:39:32.010Z","timestamp":1719203972010,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gors56xaf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Jun 2024 13:41:06 GMT","end":"Thu, 19 Sep 2024 13:41:05 GMT"},"fingerprint":{"sha1":"73:1E:D2:85:40:D0:EB:7B:6A:FA:EE:84:DA:FA:D0:73:0C:F9:04:C5","sha256":"42:F6:94:50:D8:CC:F0:C6:40:FF:72:05:80:EE:96:77:07:77:73:BF:4C:5A:06:ED:90:32:9C:12:FA:13:7A:BB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gors56xaf.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Jun 2024 04:39:32 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Sat, 22 Jun 2024 12:55:50 GMT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=GeA5sAbCOb6n7nPrs6SztQwYucwB77TclpIsn%2Byvq4rMGLbmpgueLlunmFmK5iL3BZrSA%2BCC5Bmwtuzv5iwCtpaJvOLIaw76nNJGsOBk07flCBPuX9R1XbRysRb3Rc0%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 898a08d95dc456ca-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2705,"size_decoded":2705,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2871), with no line terminators","md5":"12a3c73ddbec47e87c45a898855b415f","sha1":"dbe0418b7ea7b0955f8c31a978e2b5f331c7817b","sha256":"f8fc940a39f463fee503c9cfdf95ba4a682d7e136f955e8acbccbe476004241f","sha512":"bea59efe399d78e934e8e18b593bfebececcbcc2f23459cb939ea39e4eac49894d26f19e39b3425723c3b5dba02d91245952709b74f03093ff431fc97792f20d","ssdeep":"","tlshash":"65511c6b8938e14f2700e93ba822707d847af84e8d50c85535c9a1ee58f4ff28463b71","first_seen":"2024-08-19T19:04:09.477134Z","last_seen":"2024-08-19T19:04:09.477134Z","times_seen":1,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":49,"dns":5,"connect":1,"send":0,"wait":129,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gors56xaf.cc/img/icons/favicon.svg","fqdn":"gors56xaf.cc","domain":"gors56xaf.cc","tld":"cc"},"ip":{"addr":"172.67.174.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gors56xaf.cc/","date":"2024-06-24T04:39:33.491Z","timestamp":1719203973491,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gors56xaf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 21 Jun 2024 13:41:06 GMT","end":"Thu, 19 Sep 2024 13:41:05 GMT"},"fingerprint":{"sha1":"73:1E:D2:85:40:D0:EB:7B:6A:FA:EE:84:DA:FA:D0:73:0C:F9:04:C5","sha256":"42:F6:94:50:D8:CC:F0:C6:40:FF:72:05:80:EE:96:77:07:77:73:BF:4C:5A:06:ED:90:32:9C:12:FA:13:7A:BB"}}},"request":{"raw":"GET /img/icons/favicon.svg HTTP/1.1\r\nHost: gors56xaf.cc\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gors56xaf.cc/\r\nCookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 24 Jun 2024 04:39:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 4831\r\nlast-modified: Mon, 24 Jun 2024 03:19:02 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Ukowt6e7sD3t6ltKxVXCkoIWpPjgKzIIvgURp%2BHg%2BH2%2BtO9OfhvUcYxrI8rrXnRxDVfTLRfNv%2BKho0Rb235PHnwyNoGOQS0kpwvINgkZd0TKZxXjWCGnffWMmX9BAU8%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 898a08e248595693-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2705,"size_decoded":2705,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2871), with no line terminators","md5":"12a3c73ddbec47e87c45a898855b415f","sha1":"dbe0418b7ea7b0955f8c31a978e2b5f331c7817b","sha256":"f8fc940a39f463fee503c9cfdf95ba4a682d7e136f955e8acbccbe476004241f","sha512":"bea59efe399d78e934e8e18b593bfebececcbcc2f23459cb939ea39e4eac49894d26f19e39b3425723c3b5dba02d91245952709b74f03093ff431fc97792f20d","ssdeep":"","tlshash":"65511c6b8938e14f2700e93ba822707d847af84e8d50c85535c9a1ee58f4ff28463b71","first_seen":"2024-08-19T19:04:09.477134Z","last_seen":"2024-08-19T19:04:09.477134Z","times_seen":1,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-24","alert":"Sinkholed","trigger":"gors56xaf.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"b.yzcdn.cn/vant/icon-demo-1126.png","fqdn":"b.yzcdn.cn","domain":"yzcdn.cn","tld":"cn"},"ip":{"addr":"154.85.69.57","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gors56xaf.cc/","date":"2024-06-24T04:39:32.985Z","timestamp":1719203972985,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.yzcdn.cn","organization":""},"issuer":{"commonName":"sslTrus (RSA) DV CA","organization":"sslTrus"},"validity":{"start":"Thu, 09 Nov 2023 00:00:00 GMT","end":"Mon, 09 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"6A:A8:BA:7C:D4:B4:86:0B:74:EB:E6:19:C8:69:2E:8B:13:6C:1E:1B","sha256":"8F:82:6E:D5:B3:3D:E4:86:5D:DF:2C:53:25:66:11:24:E4:90:98:24:8E:7F:82:F6:93:07:A1:AD:ED:96:2D:C4"}}},"request":{"raw":"GET /vant/icon-demo-1126.png HTTP/1.1\r\nHost: b.yzcdn.cn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gors56xaf.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 24 Jun 2024 04:39:35 GMT\r\ncontent-type: image/png\r\ncontent-length: 8886\r\nserver: openresty\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\ncache-control: public, max-age=2592000\r\ncontent-disposition: inline; filename=\"icon-demo-1126.png\"; filename*=utf-8''icon-demo-1126.png\r\ncontent-md5: +HxG80alVIIkzL4La9dd9Q==\r\ncontent-transfer-encoding: binary\r\netag: \"Fo6Li9S6PmtshVfZSnJgYf3WJJL9\"\r\nlast-modified: Mon, 26 Nov 2018 11:08:05 GMT\r\nx-reqid: YyIAAAASg9geDiAX\r\nx-svr: IO\r\nx-qiniu-zone: 0\r\nx-log: X-Log\r\nx-ser: BC5_dx-lt-yd-zhejiang-huzhou-3-cache-7, BC165_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, BC46_DE-Frankfurt-Frankfurt-11-cache-4\r\nx-cache: HIT from BC46_DE-Frankfurt-Frankfurt-11-cache-4(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8886,"size_decoded":8886,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f87c46f346a5548224ccbe0b6bd75df5","sha1":"8e8b8bd4ba3e6b6c8557d94a726061fdd62492fd","sha256":"b6304eb9b754d38d3ad74d0acce42c156536840351368ed3e4895a6b50cd9370","sha512":"4852e453726de2f2c4481aaa661df24d111ce49e8f57e1fd8d23bd7db93ff78561a31d894ff6148ddbdd7ef9d99dafe0d7371b567aa7112a770e18ed17ab41dc","ssdeep":"192:T1ejBaEeCInIUI6F3BGA7sHrx6c+IYJY3mgE039sK/oeNo/vc7ga/:T1eFF+I+3A0U7E+9sKpkvcd/","tlshash":"5402aec508505081342287a9d818707d2a9aa626da7e0787ea6c3650ceb09f6f85bff0","first_seen":"2023-04-30T23:44:28Z","last_seen":"2026-03-19T20:01:49.172817Z","times_seen":1192,"resource_available":false,"data":null}},"time_used":5745,"timings":{"blocked":2851,"dns":2730,"connect":30,"send":0,"wait":28,"receive":15,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}