{"report_id":"a2adca6a-99d1-43da-83b9-c97651a2d112","version":6,"status":"done","tags":[],"date":"2026-04-28T18:23:34Z","url":{"schema":"http","addr":"goldpocket.click","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"104.21.92.99","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pc.goldpocket.click//#/?from=mobile","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"title":"Goldpocket: One-Stop Global Investment Platform | Forex | Commodities | Stocks | Indices | Cryptocurrencies | Gold | Oil","dom":{"size":55880,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48536)","md5":"528ef796f8ff55979d22af8b063e6a55","sha1":"c6d41b250bbdf6cc854a16c8f1e5eaac7e2fe936","sha256":"6d3f6a128bb9fe8380eccfd8ef0edd6e1d951b20d2a272ec23c18cc52331dcd0","sha512":"918af76d3772abbc6c14784c122f699def452b489388b758a4ee1c7a94f75e8d36d3ec42ba036fc82461b5e330c75529050b7333cfe80256572b91506c1ba813","ssdeep":"768:te2nbZbanbBbFb4b1IfmqVNvXycDfJtnucsTyngLolGZgys8zrBrwboG9LQSPga:te2n92ntZcvqVNP9mkg6","tlshash":"10435534a11052bb457394e8f065bf19bea2ab4fc35bce8637ec92912fcadb471211d4","dom_hash":"domhashbebc39c14c3eaf56687d4b639761f21a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"goldpocket.click","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"104.21.92.99","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T18:23:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":14,"urlquery":0,"analyzer":6}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55814,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.241654+0000\",\"flow_id\":805692832611602,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55814,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":807,\"bytes_toclient\":1634,\"start\":\"2026-04-28T18:23:17.720146+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55778,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.270778+0000\",\"flow_id\":1011743888633225,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55778,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":807,\"bytes_toclient\":3148,\"start\":\"2026-04-28T18:23:17.716169+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55794,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.275703+0000\",\"flow_id\":1019199951859412,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55794,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":6,\"bytes_toserver\":807,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:23:17.716500+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55810,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.280495+0000\",\"flow_id\":369354220106653,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55810,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":964,\"bytes_toclient\":1634,\"start\":\"2026-04-28T18:23:17.717725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55812,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.290916+0000\",\"flow_id\":59699962968070,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55812,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":964,\"bytes_toclient\":1634,\"start\":\"2026-04-28T18:23:17.718854+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55816,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.295065+0000\",\"flow_id\":875533295747922,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55816,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"UNDETERMINED\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":964,\"bytes_toclient\":1634,\"start\":\"2026-04-28T18:23:17.721746+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55836,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.486317+0000\",\"flow_id\":1114973427583048,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55836,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":910,\"bytes_toclient\":1634,\"start\":\"2026-04-28T18:23:17.968776+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55820,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.492230+0000\",\"flow_id\":411462079464195,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55820,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:23:17.967427+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55864,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.514908+0000\",\"flow_id\":1388549959438606,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55864,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":910,\"bytes_toclient\":1634,\"start\":\"2026-04-28T18:23:17.971022+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55852,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.522463+0000\",\"flow_id\":1536554532457571,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55852,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:23:17.969827+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55818,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.533968+0000\",\"flow_id\":2061094593348158,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55818,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:23:17.967230+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:18Z","timestamp":1777400598,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55874,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:18.543968+0000\",\"flow_id\":462748283951112,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55874,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:23:17.972808+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:21Z","timestamp":1777400601,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55888,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:21.178354+0000\",\"flow_id\":140612852033973,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55888,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:23:20.633269+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T18:23:21Z","timestamp":1777400601,"ip_dst":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":55900,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T18:23:21.417691+0000\",\"flow_id\":553286194737377,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.26\",\"src_port\":55900,\"dest_ip\":\"47.79.64.237\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-04-28T18:23:20.897249+0000\"}}"}],"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"pc.goldpocket.click","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-12","domain_rank":0,"first_seen":"2026-04-28T18:23:42.90079Z","last_seen":"2026-04-28T18:23:42.900791Z","alert_count":111,"request_count":37,"received_data":10608628,"sent_data":15562,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"goldpocket.click","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":75,"request_count":25,"received_data":3956622,"sent_data":10214,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"webapi.goldocket1688.vip","ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-12","domain_rank":0,"first_seen":"2025-09-04T00:18:38.222753Z","last_seen":"2026-04-28T18:10:21.917685Z","alert_count":0,"request_count":21,"received_data":478332,"sent_data":10894,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-02-12T08:38:00.929095Z","last_seen":"2026-04-23T16:03:14.168673Z","alert_count":0,"request_count":5,"received_data":2995943,"sent_data":2344,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"vip-cservice.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-13","domain_rank":0,"first_seen":"2026-04-15T20:16:59.760558Z","last_seen":"2026-04-23T16:03:13.922066Z","alert_count":0,"request_count":3,"received_data":67645,"sent_data":1249,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"afc8490e468f7b633e2c4221d6712d54","sha1":"b6efa8027a8b452305ca1d2fcaa32632cbd108ff","sha256":"38bc34c915b53e2444ae9e6c602d5010d370de127ec7c141a55d964a91ed7f96","sha512":"5158d9fda9d8c70eb8eedd8f75163df63e261a505f5c2e3b2f6627c24944f8c2bd3664d110d0d7fc10507a85672598fd87973f933544cf83edd9d22110b605e0","ssdeep":"","tlshash":"28c080c570c26e405b016510107f27f49038445771c91756ccd4dc453e220f08233f9c","size":159,"data":"","first_seen":"2025-07-19T00:50:04.724885Z","last_seen":"2026-04-28T19:45:58.11337Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/index-BOxpxY4i.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"65c4318471bb12ddeb9d16b1a0366025","sha1":"09711b498985e19952e5e7d2ba0b37ec8bc0da27","sha256":"d07b2b9b78ab968b1e3f6da830bf954f5b0a2e5167e3abe8066c4b4559c1ba6f","sha512":"13e866ec521bf470e1d4fdccd34eec370c5c517449818ab4d71f4f0760dfadecf4a8b1ba799e25bb5cfca7f687cbce5e2f75b9f3a2d6835cb68a90676578e027","ssdeep":"24576:6PyInRsAX7oM7cPXJn7MeTZZXX7ZTZJIbbfjMHbGXyq8GX:6PyInRsAX7oM7cPr3qzEbGXz8GX","tlshash":"10459facb9c6b46906f3c6a950e71104b2741e45f906c0e4f9fcc96a12e1e6df297f38","size":1250063,"data":"","first_seen":"2026-04-28T18:10:28.302534Z","last_seen":"2026-04-28T19:29:34.123301Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-cd0250ea.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b942ce5cec760a53bbf1229804f7a114","sha1":"a852c737627512fd27d421738a626d433dd05656","sha256":"07e48c77b28b0aa77f64f8fadd06c207a3ef7cce6cb582c0f81012deaf2eb50d","sha512":"ae5ca2c99aa950306ec79ba4ef72530b107d2fc36fe57ec0fb40f3bbde09c289bc3cd35d7247e410352122f58390f4587c69129864b663f6b953e68d74ee737c","ssdeep":"768:XkcN+dzmAiIZbeV29BJI2CUSeyzKVfkIxMpOt9gJFizWG6NGCNzcpEtUzGC+O0xC:XkcMzm7cI2Gey2xMpne6NGCNyzpDSXjc","tlshash":"07231602fa46c53ddfb2a151148e1110a6182f8ad04898e7b4bd691f37f7eb07b6a37d","size":45958,"data":"","first_seen":"2026-04-28T18:10:28.243835Z","last_seen":"2026-04-28T19:29:34.083997Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b278df981fcb78387c3848ae889c87e0","sha1":"b981f308e8430a10c0d0552a561c2367d3b90347","sha256":"0d3c1103f316cb04c462c59ca12a02937ae82958daaf8b63b2c34b5fe1969777","sha512":"cb0c64bc51d8e0d47f87ab0cfb30cef2b2c478aa2d726e6869450bbbfed9e4de2e30a429542c4722f14548b59db01eb4d6b2fdd7915a22b374784068054ddebc","ssdeep":"","tlshash":"78c08cc4b0c36e112b86695415bf2de490288026b44c1b139de8e8492e630f08333eac","size":154,"data":"","first_seen":"2024-12-26T23:29:40.161991Z","last_seen":"2026-04-28T19:45:58.108609Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"afd6dadb9533533d8514ac548303e331","sha1":"0b297795e161099658da59b3912482e86732e56d","sha256":"e378d3c8bb137aed4116bdd0c560231896d500f4edbb80088c14fd8fb220c3a9","sha512":"0df2fd8eb6e505ad35fff7e135feb15d50d1ae87d9990d9fa472fb834b7baf48ca73b3e8850042c74584e60de2daa8b9a4a981e5bef460ab48ad5f8ddb5d03e6","ssdeep":"","tlshash":"6cc08cc4a0c22d101602661014bf29e59024802671881b42cc94e8882e220f08233e98","size":140,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-04-28T19:45:58.125394Z","times_seen":796,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/index-Dp1yJBJw.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"862c178be327ef1d36516cc00906a70d","sha1":"6d8e2acf78c750392fba5a83a2a2499f12a3008f","sha256":"bcabdf9101e19e7a2a1e8ffc3ad90aeb22e66c7be8d3cf009ed255ef0581d1f7","sha512":"7f8a8acb8d78dacf467b7981e77cd291cb4516cd621a8d5006c07cb762fe0ec842d63f0d5721140221beffd341fceb6f222c7610a07e13cebae51bba08f41776","ssdeep":"768:K7Q8sElJTLHEHYXIH1LR5Tynv/Q/LoOmBzfAfKvrQtMK4qeV:QsElJTLHEHYXIVLRBkHQ/wVvK6","tlshash":"99f22a3d42129bbf6fb39625b8567114ee581f9fdb3489adfbf9b010fd808700596228","size":36043,"data":"","first_seen":"2026-04-28T18:10:28.234803Z","last_seen":"2026-04-28T19:29:34.073845Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e18503cc965f5cacb2f944e681422199","sha1":"e5c5c1d6e670e6126d578b06ceba270330a76095","sha256":"8037f722f9ceaae2e99df478aa531fb130753f6a5103b87e2bfb314b9079948d","sha512":"63253698754f87d781a34ddff94d661cfe02acf79f4ee5dcc771691eed20576e1d20e09506a2758e6cdc5053e7766d99f3977028fef2eebe458d67c52fb0e7b9","ssdeep":"","tlshash":"e1c08cc8a0c26e00160a641421af24e890244026b0482b128dd4d8882e220b48233e98","size":140,"data":"","first_seen":"2024-12-26T23:29:40.157725Z","last_seen":"2026-04-28T19:45:58.128123Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/en-4ce62150.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"642f52a034b3fc4e60a60af86cb30551","sha1":"80cf3bb2d30b1f8a74395e9f336f9d01fdbac45d","sha256":"1f7e1bc8fbecd8d476b42e181394abcea0388badee6cf03caaa61770fc527931","sha512":"78a1fab1c21e63584c8397fa9a37ff2b89bdc6601f892fd2e5fc9adf1503296b4431be93f1aa2466fc048e4148f1aaa3e05bd55475205b27790f927c8198dc61","ssdeep":"1536:tHDZiw1114lUlTm3Dj6TupoT1LnXIrdKV2Py2FX3W:1Zii140mzOCWVHoW","tlshash":"cd732a4e7e0a88a909f3032278ce2f6561f409c18356c85f4eecc5bc53e1b5ae767675","size":74987,"data":"","first_seen":"2026-04-28T00:27:39.160238Z","last_seen":"2026-04-28T19:45:58.099759Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c0e88513b499aae066f13f6f0edfedab","sha1":"12fd9320e7be26e9257e2a1a39a698a5e2706292","sha256":"3ffd5a1fea533c35c122aeb0a36f3d4a37022e0a14c83167faeaa819b3ee8cfd","sha512":"36b57e74aa71e21ec5489637f206796e8b9097db32c59e4ffbbdd7eb11ce35c2f754178f996bd6e11abc560cdddd3af7cde3fc1847c1a455120b5c26ee4fb838","ssdeep":"","tlshash":"17c08cc8b0c6ad001602e45111bf25e4a024802770481b128d98e8483e220f48233e9c","size":139,"data":"","first_seen":"2023-08-29T11:10:58Z","last_seen":"2026-04-28T19:45:58.105657Z","times_seen":815,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e76eb5064dc39e5a2b6a62342ae8703f","sha1":"046af428ba37b0afcd09551ec358126c7e5fb2f7","sha256":"9e2df5013aaf547c80e4c019eb5a4313788ceb2ad6e32c7934aa82160fea41dc","sha512":"3644c12ae07c497b666c72d28dabb67a2e874e249a10885adeb1d5d5e80e58ac8ad51e4993b9fcaa12393d69c816af8e2d87e331266c0fc2bf32084562cd8803","ssdeep":"","tlshash":"75c08cc4b0d22d006602641092af34e490288426b0482b028ca4dc682ea20b08233ea8","size":138,"data":"","first_seen":"2024-12-26T23:29:40.115592Z","last_seen":"2026-04-28T19:45:58.128674Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"2b56bd9ed17b7064960dfe1847e10c20","sha1":"4d4cc7e6ffe5518ab647c3644c441af701cfa69c","sha256":"a4b4cd1e6ee3d68f6fb5aa0e1b6d74cda904f6873e523e247e6aab44c45babac","sha512":"d861c4018a63e41545de7968638179721bde3cd6a5a294f3159923e72712fdaad1403764f21ca445a4e41cfc566f2f7e92e0122462324ab4bd72ee1eb4390bb7","ssdeep":"","tlshash":"bbc08cc4a0c32e001a02641020af28e49024402670481b02cc94d8882e230b08233e98","size":136,"data":"","first_seen":"2024-08-19T16:28:43.287038Z","last_seen":"2026-04-28T19:45:58.118738Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//#/?from=mobile","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4e5822d14017149879d725a801479398","sha1":"7a44d8452d23a04d4c33d456848a805b305fd28b","sha256":"c92649caa5e95db26501afe6738203e8423b192d2bde6acf705fb2b0f3c2fe83","sha512":"d44f83d3158255c575d0dbe4c0438cbe58fa523d6a2184c42949ad4029b62ae49f430e9f5574f6c87d0ea2d9eb9063dfa4a0c63601e7139da370645d020b256a","ssdeep":"","tlshash":"a741824a16ff75519123f079875ba304603299072d0aed94bf4d93403f6522b86f2bcd","size":2006,"data":"","first_seen":"2025-09-04T00:18:50.377384Z","last_seen":"2026-04-28T19:45:58.100328Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-04-28T19:45:58.104158Z","times_seen":3319,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5f3ab12d935926923cd234cc86c658f0","sha1":"4ceb77001ba466756e20d597568bb3fe1da01138","sha256":"0a207956f29d9546e41a4e3b8354ef52baeeb8ae4c8a5c82252e64f528425a4f","sha512":"1e822812677eac95e857a87c73cba93104bc07719a8144e63731529672933355451f9f0e38ca48254f749e7c8dedd76d149ad6feec1527523b08f069d1baa928","ssdeep":"","tlshash":"f1c08cc8a0ca2d001612745010af25e4a0248027744c1b128ce8d8582e230b08233e98","size":140,"data":"","first_seen":"2023-06-05T11:50:58Z","last_seen":"2026-04-28T19:45:58.125968Z","times_seen":147,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c51e92812024c4509b0b6b45c1b9b5ab","sha1":"1bc9d855f1f41e867d29634123b1f9be531c0e68","sha256":"8c2b197ea628d6a693b2a210d4b36df5dc482c485ac41cfad399e525666f6c19","sha512":"9cbd0534837b4b5574955a9af167a4c8c8732741368cdc3ce5f3cbfb827aff177fe0cba09142905f71ded2213dfe8fd8172fc0d25aaaebd82a5b4cefddb591c9","ssdeep":"","tlshash":"4dc08cc4a0c22d101602641120af26e4a024402a70889b128c94d8482e220b08237e98","size":137,"data":"","first_seen":"2024-12-02T16:36:01.409431Z","last_seen":"2026-04-28T19:45:58.103102Z","times_seen":164,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"4bdbb140ce1563e4b69697bfc87a22ed","sha1":"3d0bf1d707b71f8e08c64440b932b1313be97021","sha256":"80b1970f763f3e19389f0305389f079d22b077722a71eccede3d5133f3f5db89","sha512":"8d9ca42b5cf4816ea6845418284410fd1eb52a6375357986f67d0c5936536a2b53072c33f33511bd979ef5ed1d06977ae4220dce191b1b20352cda01ef12bddf","ssdeep":"","tlshash":"6ac08cc4a0c23e001602642011af24e49024402770482b128cd4d8582e220b48233ed8","size":137,"data":"","first_seen":"2024-12-26T23:29:40.159201Z","last_seen":"2026-04-28T19:45:58.114957Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7eac0ed17a41f6d3eb1e9e37f81d1e58","sha1":"2a940f5438b80e4f4e24f1d9d5faf65b9c436b79","sha256":"a1484e4f765eb72144c20920e693a14b9dd355378fb9d0310eab0b2d8b1bd2e7","sha512":"342365bca1287f0ec76d01cf96a3fab44b594f191b474a0697d8ba6d62f946acd9c7295b352bca633910de87f6946f0900de6761f4e60afe9a7a515ec5185c99","ssdeep":"","tlshash":"15c08cc4a0c32d042b26655815af25e590284026b04c1b129ce8e8882e230b48333ea8","size":151,"data":"","first_seen":"2024-12-26T23:29:40.186257Z","last_seen":"2026-04-28T19:45:58.124906Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"469b83f5443366670697e1de9c4e71bd","sha1":"2c41e85de84677e1c5c4fc55d7442e9d0fe4f8e1","sha256":"069dacf97027274f1b1765f516db119348cb36862bbc049128edfe933c287f71","sha512":"d1733b811c4aa1ef3be58f71b693848830e0d4c5f7cc99b0ce63dbef23f592a471950ae11fe8b930944ebf110a1580afa2e1cdf7677f94afcd322c26ce6a8835","ssdeep":"","tlshash":"80c08cc9b1d22d102a0a6414a4af35e4a02840a670481b138c94d8482e630b0923bea8","size":148,"data":"","first_seen":"2023-11-21T13:50:07Z","last_seen":"2026-04-28T19:45:58.102594Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"eeb56726cbf34d810994da710c825370","sha1":"5a8e98e25e5b551cb61c3514cad0082ab5df1e6c","sha256":"0f2c28dff2af647dcad6a3e78da83440015d8ea76c2a50401e534e2443b7d6ba","sha512":"2c0ace2e68f12a2cbf192565693fe887a23405c1e2cb3438d30712a744d9a8b89b060d993630b9e93dfbf66a7d1c8951d0d19562cfcccaa063473dfb716355f4","ssdeep":"","tlshash":"79d02bd890e73c0012095272f05e1ed0b0254026a445041aadd9f4883953074d37ff48","size":256,"data":"","first_seen":"2025-02-12T08:38:06.922046Z","last_seen":"2026-04-28T19:33:51.672159Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-a4b33414.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"f7282526b5e3d82eba72de24c7da8c64","sha1":"bdc069b0d2499fc376275b5a095e75647a1d710a","sha256":"bf0620a48dfb7acc4cfb8540f8e0d45b4de21555850068a9b4e9ab0387215cce","sha512":"791a45a401d57cf83643036fb5223d8e10d3630ccc3f6eb4820469255cc17b9147f245a152fe89ea60295678fd77a51f7bc54d8be0734e03a8e7bf3d60896142","ssdeep":"192:u+gZfYUKJk/TdOwd03vI40cmwwh5xNEBLyxmXhvA1tB9:ujAw/pHd0zlwh5xNEBLywp8F","tlshash":"a4220a06b40ac93acef6565ca0e90030718d2fc5a025a4a6f1fe791e17f9db463d6739","size":9920,"data":"","first_seen":"2026-04-28T18:10:28.272328Z","last_seen":"2026-04-28T19:29:34.089598Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"14de5bc5c0448e26749ac836c8b95e3d","sha1":"5dd499d81ca5227371ce787af044508451ebbb0b","sha256":"37fd774ea432838186ed26abf4b80cf5c3833550e7636e03f0d410bdb6711e30","sha512":"1dc6fef9de7238a9adc505ef6e618d28b704d2231c91a6d3ed282c33b61acf9270ce2f9af7f929390b46f97a562a915c1d03f207d4ca8cdbe55a4dcf308d37cb","ssdeep":"","tlshash":"c8c022c0a08a6e242e121850206f38d0502804a3b1081ac3cc88d80c2a620b4823bedc","size":176,"data":"","first_seen":"2024-12-26T23:29:40.149096Z","last_seen":"2026-04-28T19:45:58.1155Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"958713e9cfe5596854ed0b863f4d907b","sha1":"dac8755881013fc4078021ba1e551de0af8f6d94","sha256":"4eaeb0325b6bfce2510e1786f9cd8513dd1617a9f384725983745751cb6960dc","sha512":"9e713931d544f9a9b15a59606205b925ea5ca6dee61ab50ac01b9ed6459c92720c5c31c81939ee0a5a1caf3c414bb1ca5172af93f19afd79adf6045c68304b56","ssdeep":"","tlshash":"f9c08cc4a0c26d001a16649010bf25e4a024402af44c1b02cc94d8482e220b08233edc","size":141,"data":"","first_seen":"2024-08-20T15:10:19.411327Z","last_seen":"2026-04-28T19:45:58.129192Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"2b58db56244ebcfd6a85dcf916fffc69","sha1":"1c6fc921903930b2c592d55173139d7ac0b74f72","sha256":"cca7e23feff36a15e04cb272e18dab9759c807fd3f19e77b34f8b882b8943012","sha512":"c9eeeb6ea699d2bf16040ae078ba87aa5da85bcaf137cebda5f8969780b3031f707b5207f3b9f6568fbb43494bd39fc1d5bbac0352f513f570e40621e2bc82c5","ssdeep":"","tlshash":"ffc08cc4a0d36d101622681010bf24e490248027b25c2b028cd4d8892e630b08237e98","size":144,"data":"","first_seen":"2023-11-16T03:00:18Z","last_seen":"2026-04-28T19:33:51.669424Z","times_seen":95,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ca3441268092f5f3296cbc45c9be4124","sha1":"0348b172ebfe7aa5e649e4b31851f332677e931b","sha256":"3f6acc164a5d0712e643ce2f47cef3052906a5d16a7cf7fa4ca21e2586aa63f9","sha512":"2145bb9c3d1285de751bb3ea1b899569192793bc0b0f1e0a15b4c79d43fd7880005341ca82f25db4905b17d1f212c49794684f356fdbf0acde101baf05fe7d1a","ssdeep":"","tlshash":"5bc08cc4a0c23d201a02641010bf24e49028842770481b028d94d8582e220b08233e98","size":137,"data":"","first_seen":"2023-05-11T11:46:06Z","last_seen":"2026-04-28T20:32:35.73733Z","times_seen":390,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d8a0b36a3bb5359d82373fd74ab0a55b","sha1":"109fcd2e9501021577ad657d5701aa40e771b723","sha256":"26b23c11a596c1301030aaa5e72296226d0b2c601ff7b24694d413a401ac9826","sha512":"ebb5fb5d0b9ad70253bc33b31f5fab9fa0efb74a89eefd5b900d6b956970a52ef306b8e62a73b47775339624aef7daf7f4779743b84394f80591c0ea8182f9fe","ssdeep":"","tlshash":"d8c08cc4a0d22d001a02641060af34e49028442670481b028ca4d8482e620b48233e98","size":138,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-04-28T20:32:35.736796Z","times_seen":1218,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6ac9071d9932331d6f13c28662df3eaa","sha1":"f6eb1baa0bd1ae6f59ae6aceb867f897511aeee1","sha256":"b4c3e0db43ddfac91e82f4f458144da6e4066d57aa41fed04d86cd9b3c0e368d","sha512":"cefe8e65fa5d8690b53f96ad56320e72dba887c3ccd4df0d4eb9000a5bc903b77d1b7ae8b1ad7ec25ec0443e8fd41327e3deb9238f38884b08549579c918e3ca","ssdeep":"","tlshash":"25c08cc4a0c22d201606682014af24e490244026704c2b028dd4d8492ea34b48233e98","size":140,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-04-28T19:45:58.1036Z","times_seen":371,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e22d8bd688d257f7ea5c92b205e9d7fd","sha1":"f5df3e5272f05fcb05dac2a225541ac319109bd6","sha256":"f5d478f44ac485fb4eee6e4a365fa3e080288dfc331165b54110dae255b895aa","sha512":"76cfe7d07e02a113298a5d6222e71a301001912a52801ec9b16d3d088a9d94bf74cc2f4a0e92e3763c92b7729897b6d44d5e4234b2da54bfd872d5b07c6ced89","ssdeep":"","tlshash":"ebc080c870c32d141511641019bf64d55034541771499b528dd4dc542e120f44137edc","size":164,"data":"","first_seen":"2025-07-19T00:50:04.709856Z","last_seen":"2026-04-28T19:45:58.110919Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c02f76b8d173e1d0afc93a75753a8a9a","sha1":"5a3ff21341053a0ce6dec4cab0e4a8739bc8ef19","sha256":"e6dbb4df2b7605ab60ad69cc08ce5e7acbb99970e89f3e34e52bc5df7a19b3bf","sha512":"f1be22dcd1d064fc9038900bc3a7555b233735cdcda79b27c8cb0ccafbc58d4402ed5ac8189dba463b6b589aac7e4fe5324246c7d94b127d7dd8bd39f8773b3d","ssdeep":"","tlshash":"74c08cc5a0c22e101a02641419bf79e4903881a774481b138ca4e9692e220b09233e98","size":149,"data":"","first_seen":"2024-12-26T23:29:40.15335Z","last_seen":"2026-04-28T19:33:51.661682Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/PdfViewer-RWlLDR1n.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"91d6e1c3d215846bb2e5181e7f63797b","sha1":"97ff60bdd6170e5a3878597e9498ccbe1cd800f6","sha256":"c4f50a3db6543bef47f3643e6fb1f27053efaf10b78adc390d36e86578c978b8","sha512":"f6aa9d78bc57b0f728b66c5bad8b8568abd0815227d4bd2d9d57e70af178598194f42155f06008a3b99e321f451f7521dd9751ed447a5529d1ce85d134ad773b","ssdeep":"24576:r40pIoOWl6r3dqbOt7aFMz3FuEoYlOsp8yDpm0gLsC7Xlf:r40pIHWl6r38CFR+lf","tlshash":"18a5a072634372e96b79468671b91609437f154d34f3a2c8ed8e2ed9c52ad2b237c23c","size":2203497,"data":"","first_seen":"2026-04-28T18:10:28.307306Z","last_seen":"2026-04-28T19:29:34.115627Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6900701ff959494d30437499abeb8885","sha1":"7cb4c820fbf30caa6b50d6c2dc4aa7c0c4b644d8","sha256":"3be52a71ee1e4d668cceef779a9942298cef4d68e03183d10681c4aa945c83f5","sha512":"731bc35b44d92adfda91474163cba7cbfe8ebb8faeb76364becb6a0f87c8d62c68a560257759546c0c38da3d0ea220cbee60eed126f77194441f92786231135b","ssdeep":"","tlshash":"b5c08cc4a0c22d101642645420af26e4a028802a70485b128c94d8482e620b48233ea8","size":138,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-04-28T20:43:13.706908Z","times_seen":5785,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"43a144a646cd1c3aa47c6e97b8997f16","sha1":"751520d68e01030d76aaa27829bee42de57b33ae","sha256":"7400aff6408f23b72deadda0905ff4dc8eb4af368f7e8026063918149826a7d6","sha512":"85eff0527e8a86cde19b0e67070c8f71528670484865bafb4b88ee54f83b48f575275ed10cf343f0c84d4c0a425f6632b5b1bdfdfbfd75c6702ee856d28f512f","ssdeep":"","tlshash":"14c08cc8a0c22d101a02681414af24e49028442774481b068cd4e8882e230b08233ea8","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-04-28T19:45:58.107679Z","times_seen":3848,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a1161c3435dbb64633547fa555f68dae","sha1":"321b3b17aaee8ba598a7e8a550f51a4feb9a2bdd","sha256":"97e68db2fc8a0da179e8514910d515327fa981a336dec334a4587a5b2140b632","sha512":"35230123e5758b1e238b830069457699e1ba21f302b7ab4f5a9c706ec65487f1b415c9106ac9fc13bc451f4980ca3a908c17eadd85831d4ee794152cc873b168","ssdeep":"","tlshash":"9ac08cc4a0ca2d001602642420af24e89024402ab0485b428cd4d8482e220b08233ea8","size":139,"data":"","first_seen":"2024-12-26T23:29:40.133617Z","last_seen":"2026-04-28T19:45:58.119736Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"65b1eee05b03c762c85b0117b8c0b28f","sha1":"f07a5f6529dc94fd3768fa20011d0094d4667b9e","sha256":"e650356de3b5375b158a788269cb35895f67fd509d417c1d48108ea8cbdf4a9d","sha512":"e438b7e142d947961523882b8102b1501cf4b707a39e25269647d972be79470163d2264d3d9bd1e604bf463b6ae2982d8a884644df6306f87d25bafea5d9be4a","ssdeep":"","tlshash":"a5c08cc4a0c22d005602641052af24e4a038402670481b028c94d8982e620b08233e98","size":138,"data":"","first_seen":"2024-12-26T23:29:40.142823Z","last_seen":"2026-04-28T19:45:58.127118Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d0e88b4359f0189f87f4e970cc1566c0","sha1":"c53bd6aba8a4c20f8a63e7dddd84de5cf4da3874","sha256":"5a98ac47317bb264d96e04f3376a4c39b8c6a5199377a17eea157585ac3a3f76","sha512":"14dffbbd1c5bd10f79d5593c73278105b0cfc7b3c9989a506402c642fb9ee5dd8546e6ec17bb4903802a961b7189e5c0c2e948b3bdeaeacd089ea9b200af1bb5","ssdeep":"","tlshash":"d0c08cc8b0c36e201a42641150bf35e8d034402ab84c2b168ce4e8582e228b08233f9c","size":156,"data":"","first_seen":"2024-12-26T23:29:40.147455Z","last_seen":"2026-04-28T19:45:58.107215Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ad5d63c4f600679e0cdf14f7a15e9e51","sha1":"5794bb07fc89c9f3d0f290285949880d9823c986","sha256":"0aee5b78242ca1a6c056722e3936c438adce345b75a607dbab3f8c8d5053521d","sha512":"5d29325b67459a069e1e34ae7f6cd6bad228a75f5a260436d08665f8526d15201c3c5fb890b3f60fd7bf899518e5628f651b1ada50a4cadec011926fa3d21877","ssdeep":"","tlshash":"fdc08cc8b0e62d102622652166af25e890288426708c6b16add4d8483e720b08373ea8","size":151,"data":"","first_seen":"2024-04-05T15:11:11Z","last_seen":"2026-04-28T19:45:58.122823Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"80ebf24ffed33f82fa8f17c20de3c780","sha1":"46f063cfd46c723a874ae47f9db7bd88772331b1","sha256":"da5a2bc707f6c34ec090ff2172fbee95686256510f83f124b651a1ae9c438ddb","sha512":"588329cf40d05e0bbdee917e76f7f3159858be2a0604d84e98b0b1db5cac8242dded1aa9150d7128496757ef9b0a5303cc2b617962226a8b332abd4aea82b3db","ssdeep":"","tlshash":"ccc08cc9b0c22e241a1a686054af65e49038802b708c6b428dd8dc5a2e230b08237ed8","size":150,"data":"","first_seen":"2025-02-12T08:38:06.934018Z","last_seen":"2026-04-28T19:33:51.673842Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-04-28T20:27:01.636342Z","times_seen":4986,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_core.js?v=1777400600652","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f18eea0d33964edbd612d61f5713fd75","sha1":"93dd1f6594dcf0f7cbdb44813e4c1f2072961533","sha256":"1bc28f480d9acf22346a0cc22379fce4b7971d6e647a55de5919e641db5cc597","sha512":"5cb694ca839128e6683a513174761ccf1c4147b28d130dc1425112756d81ee61a2c65baa2272e8284264a53ba658a4f77c1753291163dcc4fc5745b0538c5931","ssdeep":"384:m+6aLTFONgSMQDbHer4p7JCA8GaHOdRUHYAnUjZpeZgy4F4Syec71gAQ77/ZMTtY:5xTFeMQDbHer4p7JCA8GMOgYAnUjZpeS","tlshash":"a48241abebbb10724457b4368b9f268435268013294cde203facded04f52a675317bf9","size":17618,"data":"","first_seen":"2025-11-30T14:17:39.769051Z","last_seen":"2026-04-28T19:45:58.085448Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/CookieConsent-C5CsXell.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"611399fa79721361ee53de777806ccb6","sha1":"5281848508486721ba7e6ef313fd78fcb3ec6537","sha256":"c4b7f64cbb9b200c9ec2e9894b15704b1dac42b6f697790475297a6ad7839f26","sha512":"35d2e55fd9d828847c6609bc4941499a570b01f9eb63906c87440830281332520171b78849e5c44f78b070bf82713d7d7a2743d9bbadec116e13bf25cbcddc98","ssdeep":"1536:pjxMkbZcbyEyNNBlxvHCfG6f6XbvSA6EkZLSCnYtgm+4g1GCt6iLnF:RxZNvSAfkpBiguanF","tlshash":"8ea33b88a120b57a46e356e652a88211b3b45d45f449c4f4b1fccc6b0daed9813feff8","size":101891,"data":"","first_seen":"2026-04-28T18:10:28.224443Z","last_seen":"2026-04-28T19:29:34.102287Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a77ffc8fcd5be8f12fb99bc8118151ea","sha1":"65c43d3029a382b86defc99c54613aa6a32ea375","sha256":"40516dd855287dd360d48125cb9de73ff1ac1d47f2faedbac5227338bf02948e","sha512":"3f80885ba525b9069484a79918215f8e3f8f830d5e81286b8772be124ed6928c6a994c91617a57d7558ac347bb079f660f65aeffebd15768b4e403210299d170","ssdeep":"","tlshash":"64c08cc4a0c66d101612652010bf25e89034402770581b068c94dc482e220b18233e9c","size":141,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-04-28T19:45:58.105119Z","times_seen":197,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e129ae180e9f42bd8fb792476a7bd80a","sha1":"2c533ecafe5fc62de12ee7c6390d2a710d755554","sha256":"3cab2efc0da1eb38ecca758bcc3dc3d9e1d3e520287715d8401cc5bd6b99b5a5","sha512":"def450ab91d82d748f72da131700c83c67309c51912be7d21ee8f58cc04bbd905b5b4a549ee51e72b9ff6047743077228ba1577f584ea9fd8267861c9e0a2559","ssdeep":"","tlshash":"7dc08cc4a0cb2d001a02646010ef29e4a028402670485b42dc94dc492e220b08237ed8","size":139,"data":"","first_seen":"2024-12-26T23:29:40.179271Z","last_seen":"2026-04-28T19:45:58.121816Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ad53bdca95253da3ed0339a52f219d8e","sha1":"1acba9622b6c70c03ce56310becd1d72226538e4","sha256":"3fecdc9cf7339d52588891d5d7b0c4b4ebfd82fe813b141fd5b81fdc70694f81","sha512":"d2bf6f0a88bbc044c6aab45f1f8795b3aafcf709a0a2b294f27062c0c34e1f34ec3964286f776c55a40a412cdf01c2ace59fdf7981fd69c6d8a63a6791ff8d3e","ssdeep":"","tlshash":"61c08cc4a0c22d001a02645014bf24e4a024802770481b02dcd8d8483e220b08233e98","size":137,"data":"","first_seen":"2023-05-08T20:49:31Z","last_seen":"2026-04-28T19:45:58.123863Z","times_seen":887,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"cf22cdb5c495761f76ab9992ebf13ad3","sha1":"b57aef5b20e486cdeeaa8034cd187d3f3f9bceff","sha256":"3e05e030f3d66bfe7ae10e6b050b45cf7eb3aa94f0d51883b1a8b0110999ceb2","sha512":"f8ad839258b9999fb5f167f325e1e3f2b27e15c3a544ddc0683f28e13f0d0820b1f151de63e4a450505073c33d8b44ba009b18f2aa1b1eeee25f443f6c2e67dd","ssdeep":"","tlshash":"afc08cc4a0ca2d002a03781020af24e49024402670c81f03cc94dc982e220b48233ea8","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-04-28T20:32:35.744314Z","times_seen":357,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7452cad6cd380a3feda6d7e3e0e7973a","sha1":"4e99e6b44a4132261c9a7b4c48f16ee983b7579a","sha256":"70b6c337aa9dd4949793ee338156d7f1dbea7a24d964b5a9e5566ac4c03c51a9","sha512":"ceab61fdd51aaf7a71ed5dede53940e8a9e3854d600a23e3ed6c38ef250a6209482842c207743e3f6bb4127b8cad653071015e302e311f734029b50350b9b230","ssdeep":"","tlshash":"b5c08cc8a0c7ae442a02751111ff34e8a024482774486f829ed4dc482e220f88337eac","size":156,"data":"","first_seen":"2025-07-19T00:50:04.712334Z","last_seen":"2026-04-28T19:45:58.098608Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d80fe4b7bbdcc84c4954304b7f65ab19","sha1":"91d3251c7e36145106999abaf130a3108e9da46b","sha256":"9e4fe10b1520f75266816a855536031d99b800c719f948f8c360c6775cbd1baa","sha512":"8c8dd0f47da79cf25188d9228f1b84df49eba05c702f32c078465d357387fc1729c81d77a822106c43383eb0809bbd1bd3f8114ef382dc8f508723cc3e86822e","ssdeep":"","tlshash":"9cc08cd4a0d22d002a06645419ef24e490284027b0481b129ce8e8482e230b08333ea8","size":145,"data":"","first_seen":"2024-12-26T23:29:40.190285Z","last_seen":"2026-04-28T19:45:58.118192Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/charting_library/charting_library.min.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","size":10859,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-04-28T19:45:58.069337Z","times_seen":915,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"94a8a0aafb9251852f4b5b9a62c8a990","sha1":"020af04f3ce6c017efae4efa1be13ed45ceb97d1","sha256":"b94645c98d1e5bd2aeec0b254793bf494cda8d4bd43ec7219b78a0b0ad29fda8","sha512":"453e9805e21e26347226630f2fbebba62eab7a8e498fbecf004135ceca9a5b3632df5fa26137c47231c93bf3487eef3e4ecb4d93f8e5a8b6a1c3cda722e50a42","ssdeep":"","tlshash":"5ac08cc4a0cb2e001602646010af25e4a028402670481b429c94dc592e620b08233ed8","size":139,"data":"","first_seen":"2024-12-26T23:29:40.145852Z","last_seen":"2026-04-28T19:45:58.127628Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"3ccc9492d79dab168d313d5ca7666639","sha1":"1bb3ef888fdb7ff45bf21645d21c6146c30e792d","sha256":"45814699f5f5994f5204db47a9cae8f1bd2e11810843cabab88abbe0c0176d82","sha512":"95eb3514a0a67bfd015a9123ba942f4d6d37180e495c9d43c305a990d9f16c088a4e48a8f887df67ca2e019c3b922351764068893a59c6dc1f9279e6815abf1a","ssdeep":"","tlshash":"d9c08cc4b0c62d001606686014af34e49034402b70881b128ca4d84c2e224b48233ea8","size":142,"data":"","first_seen":"2023-05-04T20:29:59Z","last_seen":"2026-04-28T19:45:58.112405Z","times_seen":175,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5948bc3b90afab1829ab7ee61269f24e","sha1":"517e29a82521418181f702543be8ae74a3bf68b3","sha256":"14fc83a84c91770211dc352186f8e87ddc85e87c2dba0c80a159b45897b9ae2d","sha512":"05c079bbf0389ad341941c3e837aca91dc9aff681cee8da0b4560551ba13e6bbb76b01213af6514e6991e3369062870866a41e67e6d67a37038ddba3ddee7d5f","ssdeep":"","tlshash":"a5c08cc4a0c26d002606691010af24e49028802670485b028c94e8592e264b08233ea8","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-04-28T19:45:58.121291Z","times_seen":927,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"64f2e3849b087e9673f4b45d5cd8eb84","sha1":"8800abc4045a71eee4b56ee83b315fee00f86c0e","sha256":"c4d98a40e5ab2373588a69ab39b105c4d3d6d85764e2e175b510fccc3eb2593c","sha512":"21685f613d84a093a68acb9de21f67a765d9be79916c0d839e5951cc965f176447dae3359c90eae275abd9e2577d80207fb7b84e290b6294e4c4fe402fbe4209","ssdeep":"","tlshash":"88a002914a0610503474140cdf5733006563803b844cd0013a0c91823f34737c30a1f5","size":72,"data":"","first_seen":"2025-07-19T00:50:04.711122Z","last_seen":"2026-04-28T19:45:58.104569Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-8fa0c13b.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"402f0c3debc0916816d9012d4a5bc3d7","sha1":"a7f2d86e1cff28f4884c25157927d06f25aa1d22","sha256":"1ff0526db48e356607d3e793b94ae54c89aa5baaba8cab8928fafc57a096e183","sha512":"12133c85932cd6156cff91488cd48a0800a56470dc7d0dbe6986223709c6b048dc7ff14ec6c815f6637a75d3c5a7f96d4679495a8c0da384ec07d2ef668c778d","ssdeep":"3072:vMEuQxARnjyBRy9hF0ZpFjsGEyuraHyB+/H7Av1wlsxJZSsp8eH:vMEun4AF0ZpFjsouGSg/H7Av1wlsfZSC","tlshash":"71048d4eaa8a0fbf9efe0c4c755a459021183f42a54cc893b2bc590937f7c94a36b75d","size":179721,"data":"","first_seen":"2026-04-28T18:10:28.273998Z","last_seen":"2026-04-28T19:29:34.097783Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"4258e14f9cef4db12cc722aab1da892c","sha1":"17e64549a586f1a87d0ad879f186d951ea5e67d9","sha256":"7ccdb567936df32382dea42f3a2a77e118864d8e4ee02d177d262126c528add4","sha512":"5b3ab295d3dde1a6bc72fcdf36376806bbbb0eb5bc166815e9533a3b702b90a8a1faa3b4631f388817e5c69e07b21b4ed24ede1d0a0a076a4deb0cf4abade81d","ssdeep":"","tlshash":"82c08cc4a0c22d101606641010bf25e89028402670485b428c94ec482e220b08233e98","size":137,"data":"","first_seen":"2023-05-25T00:15:57Z","last_seen":"2026-04-28T19:29:34.139878Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"84129e3e4c343b83986a3cdb1b047934","sha1":"1745827caa65dd7999d907cf6ed13703650299b1","sha256":"51ea04345450dcb2a5528153ee0cc51b52bd130fd509d78de22e86c3e740f989","sha512":"dbb1e22cdb4915dfc3a998d19eca085f33d19d1031d7732fe559b747956edc927afed2bef04e1245ba86898257b90255821800efd39e8e3b594e78b743f4a49c","ssdeep":"","tlshash":"c9c08cd4a0d36e001a02695114bf39e89024442674482b02ec94d8483e220b08237e98","size":143,"data":"","first_seen":"2024-04-05T15:11:07Z","last_seen":"2026-04-28T19:45:58.10618Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"2f10007f2371a0b5e0441b476377b959","sha1":"b8d3365dd0554b84bd9c28d233f1c0d6554d79e8","sha256":"5fcc6424818038cb977efbedac638cffaf1a6280506a2a79a1fa85f3bfffdf3f","sha512":"b6f68ebe712ed948804fc92d555518e1d636137582895e465419a2f699679fc79afb09fcab6e0140f3752e745538f72acc34adc8562eb5380d7e8041e5f447ff","ssdeep":"","tlshash":"40c08cc8a0c32d006612651164af24e89024402a74481b028c94d8482e220b08233e98","size":136,"data":"","first_seen":"2024-12-26T23:29:40.173962Z","last_seen":"2026-04-28T19:45:58.123327Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"0bdfbccbc6d898ee51eaa3b961c798a6","sha1":"c894c07aef0757480960b3686131f827f8ce3f50","sha256":"3a3185c3a7e53a7152a5e17ac9970a556b6fb332b13daca744c0f305ad32abc5","sha512":"3d9fdf087e9de100b08c2cb899fc211e30960fe4fbe7352afedf7ece185b4a275d1e2d1c53ebc7058cc9261edad1f2ec8481bacd15f1f2c6d62ed99d718b0df1","ssdeep":"","tlshash":"56c08cc4a0c23d001602661150af25e49034402a70481b02cc95d8482e220b08237ea8","size":138,"data":"","first_seen":"2024-12-26T23:29:40.150645Z","last_seen":"2026-04-28T19:45:58.117463Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ce2a497ed52d60984017d6c50050212f","sha1":"e5061d81325e8091799c99881264070b9ac648df","sha256":"87fe3ff7d869ecf3e942e21576e5622bea21282217409f77a14020c2160da30f","sha512":"88dbc2af0f09af280efe0b5ef7e7ba913e866c50c75aae5916ef6ffccb16a7a55ffc7b6c8158d18d17636845b7e139c2afd21b3dc1f030de36bf63136c7aa88d","ssdeep":"","tlshash":"34c08cc4a1c33d001a06661120bf39e4a0248026704c5b128cd4e8492e230b88237e9c","size":145,"data":"","first_seen":"2023-05-08T20:49:32Z","last_seen":"2026-04-28T19:45:58.112893Z","times_seen":177,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c902959c0dcc2dc19fd0514450604f1d","sha1":"d91f4b90edcbb316ada2ee101c33051f54b14df8","sha256":"ee4eed1084dd0deeb3af02b5eb977fa38bc27e5a0cc2715b3e4619908a9cf984","sha512":"df85b46a332ebd09e34eb800318dd951ae93ddd0a47ef8ce5e272b9d90988994ba501bbcaea01238fdee21c1aef4cefaee75147dbafbc178d53d4de9b3cd9552","ssdeep":"","tlshash":"56c08cc5a0c26e201606682014af25e49028402a704c2b028de4e84a3ea30b48233eac","size":147,"data":"","first_seen":"2024-12-26T23:29:40.110896Z","last_seen":"2026-04-28T19:33:51.668862Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-04-28T22:22:16.606528Z","times_seen":32320,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/vendor-57821abb.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"658509941945fdb219afb5ac750c3002","sha1":"7550c9bf2af1d1fc9b848a09cfc26a07d3b6e7fa","sha256":"491e6f9da6cb68089a6f3f4994e462183a300e760c39cdafefcce08085586d34","sha512":"bebecbf7dc8fae9046062649fa605b51e21c94cbc9364ed3ea06a7fb25b7cc552a110389021779d2145883d212fddcb56c3904c9e46f9f4e1dad55060b6b25f0","ssdeep":"24576:4hkc5sJMf4gOt8zP76Zt0JZt0qODOa2g2gWA8RnWH7SO:4hkc5sJMfZzP76Zt0JZt0qODIzguRnW9","tlshash":"b12529c57292f06147ab24e240bb0006f3396e59744d84a8f16dd8eb7d79d89a2b7f3c","size":984290,"data":"","first_seen":"2026-04-28T18:10:28.257679Z","last_seen":"2026-04-28T19:29:34.089001Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d07ac8293a895d5cd36ac4a1bb6ebe89","sha1":"ca073c02e761f0687cd428bbd5a5a4a739b3e809","sha256":"c632f36da8c1b069e2dfb84a059900f7587fbded33002ea457cb8a9982e8a21f","sha512":"fe08a6e9309462264fbb0b9b3cd5c0f7cd26ec73a2e11b52a3bb6cd40fbcfa083884e9e1bfb31837c39ee4c0e0ff76274ecf3def1a415ecb56af7b32d68d43ed","ssdeep":"","tlshash":"78c08cc5a0c23d101602642010bf24e8a024802770481b128d94d8483e220b48237e98","size":139,"data":"","first_seen":"2025-07-19T00:50:04.706874Z","last_seen":"2026-04-28T19:45:58.116986Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c4aca76fbb55660da06477dfb1213f16","sha1":"895f854d00dfb9255cfb0a63ed928240d4a0f405","sha256":"40f66a542a86eb29ef8fd2b55753fde24b809b1d7482e44db4d93c5a1c49aebc","sha512":"6323f61d40bff5d535e39cd7a021d17ab63311566098ffc9e1220a3625e73e1175ef7e6e14beabe17415ec5c43d69e51f10602e1ec231ac14f0834357e123beb","ssdeep":"","tlshash":"aac08cc8b0c3ad001602a4101aaf25e4a0644026b0882b128d94e8483e630b08233eac","size":147,"data":"","first_seen":"2023-04-13T07:41:42Z","last_seen":"2026-04-28T19:45:58.113904Z","times_seen":1757,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"754f1a92bcda7b7b70bcb4c84d6b90a2","sha1":"68dae7cea08fcdf789277cc378cb53d8c9540c8a","sha256":"bf00ce7899e0c4b35810c2cb7c550f0db913f7240ba6dbb7df0e374fa7c127a6","sha512":"741805a147e34ae9e3faab586312edf0097951d85015bf6d9dab655ff4dd2e968eb4beeb762544d19f6a8d357f12fa5c310f061359e21fb00d2906d4a9728a74","ssdeep":"","tlshash":"4fc08cc4a0cb6e001a02781010ef24e8a024802670481b43ddd4d8482e230b48233e98","size":146,"data":"","first_seen":"2024-12-26T23:29:40.208529Z","last_seen":"2026-04-28T19:45:58.124392Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-66a4ac22.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"3bdd1e99567a962c6e34d57fdb0e46c8","sha1":"ee1aa560d4f2a83f3feb3ecfa7c926fbe521aa89","sha256":"75970d7a7e6ae0e765e1a3e4733303eae9b2101302efcb944c772485fb71d860","sha512":"157ef557099662e6a1a7a544139ce58c87a59b8f501ca7161cb4aeb2b37f13d18140602e175498aaa82f300fb35939915bc6ad509b6f44d3ca552a94c5e97396","ssdeep":"","tlshash":"2ff0056fb47ec1f15fe3c45ca1630420991c1b453721c8d0ba0d072157384a6f27e656","size":569,"data":"","first_seen":"2026-04-28T18:10:28.227727Z","last_seen":"2026-04-28T19:29:34.070291Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-23067ed1.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"11000909e19162aa1edd6041b9111c8b","sha1":"a29d8d18eba11cde91a7c0e3029855666c0ce1c7","sha256":"2b154c00be6ca0b702ab5ca216df607027b9a5d07d36d8b7efa04f110675a519","sha512":"fa5292ddf45a6c3647a1dd25a051dd729218b47d67cb5d984fc6ba4ceeb126a8c7bba22925ec0fa2e4bc6a4df7e6606f3fcd2932916e2eb9750fb0d04518e33b","ssdeep":"","tlshash":"0501cef6f90cce7f0ea2455412902a4220090f9cf91118d6bc9f7a692bfa800c69e70d","size":836,"data":"","first_seen":"2026-04-28T18:10:28.239009Z","last_seen":"2026-04-28T19:29:34.090182Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/assets-63951985.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2215e8fdb2642c25e6c20dcf62d22df2","sha1":"6c8b943cca961987736ab7f7fe77791dc20dbdb2","sha256":"54d4bff28be6e2c087cc39aa22f849891d81cc84f1845c41a50eb41b6b1ae906","sha512":"c06267862e191ae6d22865e114195544ed09d96021ffeff3bac2f21909d316b63055ab478f76e6bdd63392a0e9103c78269a7c942ce32c8e371811c28765ed28","ssdeep":"","tlshash":"5e41b4742242313bc6f6408647405b91bb0dab9a4f19edb0bcee47b55f28ccad17e2e4","size":2245,"data":"","first_seen":"2026-04-28T18:10:28.226823Z","last_seen":"2026-04-28T19:29:34.072017Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b6bf1cfede1e63bdee0b6975b795108a","sha1":"2bb68d688a44094dd322348e4e176bfe765e8ff7","sha256":"7af90459ae36e3c183ad72d1689cc4041001092c3015e0ed344ac0311b915934","sha512":"17971ffaea8b3fd2c8a04ba74027226d76a47c69c22bb8623d8490c1f48c155a221e6bd785ed924c7d2802806e497a589df58bb7cd2a1545b12e75a452511fde","ssdeep":"","tlshash":"15c080d460d22e002705655425af35d4502c501a71485b569de4d8483e630f4d333dfc","size":167,"data":"","first_seen":"2024-12-26T23:29:40.167833Z","last_seen":"2026-04-28T19:45:58.122323Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"02b0d6f6fd6bafb529a8dd3a4a1e6852","sha1":"914f1241f7921c6be7ab7aa7dddffa9fd2d2431a","sha256":"bd5008e08c5e13916e0b7e2f6eb9c79397a28285e1fe0fdf2fd0c2835ee837db","sha512":"4bbe30ec966374b9a8e651d30e73aead81d973095412c5b1431599a7fe43f33442b27ea4f417c2426e27d1dcd35fe24003542e535914274f23b4d6a9158d6d4a","ssdeep":"","tlshash":"00c08cc5a0e3bd102a02641150af25e4a0244026b08c5b13cc94e8483f730f48237eac","size":150,"data":"","first_seen":"2024-12-26T23:29:40.182164Z","last_seen":"2026-04-28T19:45:58.119199Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"361e9d9b886c9f2b98f57c626c09b9d8","sha1":"01032a33013459a8de015112421c1a9e467f5d44","sha256":"b96071e372b614f6406f0b01ed200e24be43c5c21eac83934e41d7dd6f70ec38","sha512":"c3dc60f09e32481fa8a331627b2cd7911592847e3e0e82721694d14205de941a15ef18259c871c5957195b1ca8b3b63a8109390863f3f8d48e5e8a7d3f8b02dc","ssdeep":"","tlshash":"8bc08cc4a0c22e102602641010bf38e49024402774881b028cd4d8482e230b08233edc","size":140,"data":"","first_seen":"2023-12-19T15:12:13Z","last_seen":"2026-04-28T19:45:58.116503Z","times_seen":488,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/ArticleViewer-I1WW3dzM.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"dd3614aebd975aa30295782b89a5bb39","sha1":"1049b61fcf91cd2b3731c52f3c077a04bf80524b","sha256":"8cf3b833c6eed8870b7fe1c8b13e30465ea33e8aaf6933bb6672d31bd801a266","sha512":"d75df77418962feb8e2b4ee5ca7eb83c4dd6b9226e5c16543c3bbbd8c0cf1359dc438ded7cd501bcbf09a1267baaefbae39494050a0beeb8c707d686ffbfacc7","ssdeep":"","tlshash":"fa4175ad7471cfb982b3933165cfe25491447bdbd7608a86716d18393bc1ef06a1c308","size":2435,"data":"","first_seen":"2026-04-28T18:10:28.235729Z","last_seen":"2026-04-28T19:29:34.090748Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"527ccf0c9fea936f7220396c42116f9e","sha1":"bb83e06e63a61a2b078dbe2db49aea4136118615","sha256":"7a6d8de28f2908198b85042a943d78cc771a471342545d3a1c0d473156a2861b","sha512":"cb3690488d304aeb6011d6de928f189c4eeec9134ab6a8b269eae6879a36741cad69179e87582b70fe9ebad18db0faf0f90c54e88c45aa28df5e5634fe17a634","ssdeep":"","tlshash":"7ac08cc4b0c22e001602641010af28e490244026b4481b138cd4e8482e230b08233e98","size":136,"data":"","first_seen":"2023-08-02T21:25:38Z","last_seen":"2026-04-28T19:45:58.108147Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b80f31fc52f8be5c347edbab4f9e15a0","sha1":"0552aea41dfcab393a9ebf9edc3f69262ca22477","sha256":"10ecf23ed4ab90ff714aa13bc13c976cd1cc440bced982a5c23c38bd91b57586","sha512":"c0d447b400ac1748996b58bf9b234aa4b9efcc4258a89365ddceccd4294ca9202cd267f042df772d15ed4e2dddb6e1aa151bd6a30688d9ea0da422fd924e25e9","ssdeep":"","tlshash":"5ac023c9d0c17f1016912001506f64d55020405974045676dde0d9161fd60b04133dc4","size":181,"data":"","first_seen":"2025-07-19T00:50:04.700499Z","last_seen":"2026-04-28T19:45:58.1104Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/#/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d9b3e58c505cf8892432c31e8c6fa2ba","sha1":"be733b876fbbe88a80c372801ad5776d084f264a","sha256":"f1523f55ea2a38827e2aa0ca675f9f2cf4e71d232921d49628e4406e4761bc00","sha512":"2090d99bfd846dd0e66da78f8cdf44bbc025108adf6d5887931143638a65f210839f2504d620ce4ca0fa70b4785c723de4846650a758936e6029f5a9a17669ee","ssdeep":"","tlshash":"86c08cc8b0c32d003606681454af35e490398437708c1b028c94ec492e230f08233ea8","size":147,"data":"","first_seen":"2023-07-08T10:23:07Z","last_seen":"2026-04-28T19:33:51.664Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_diy_mw65cqqn.js?v=1761636780","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a6864c2640c8816b0c8390165067e54","sha1":"1edc9a1500fb4d16d65f0102095cdc52abaad7bc","sha256":"baa2fff7d8e9676e4724566522cb2ff942322afa8424502f8ed43c56d8bb25d5","sha512":"1c696cb84eb4a89f9560c2b3396d86bdc4d21ab144c9f950c3773ded815e54773c0dd369acfa7198effef71928c2eca0a15c8dbc430b4335c4cf408d80a00aca","ssdeep":"","tlshash":"9231ad515e99c5771933322a9b3ba228ff3117031901ee033efe57009f31e85aa65ed5","size":1818,"data":"","first_seen":"2026-04-28T18:10:28.273183Z","last_seen":"2026-04-28T19:29:34.093108Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-04-28T22:22:16.61094Z","times_seen":35634,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"pc.goldpocket.click//js/CookieConsent-C5CsXell.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //js/CookieConsent-C5CsXell.js HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-18e03\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SjBSBoDrIzseMKf2XaL947c%2FZBi97pKeGi1f6emas6CcZ9j6wLegxE1hoJFXnc%2F3p7mdMm9VdtlbTHRPIXXSYwcVL7ZhJ6hVvHlmWWDUTOTN8K%2FYu%2B%2BSsAnPj5d7J6GE3aLaKC0Z\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818f748c3b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":101891,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"611399fa79721361ee53de777806ccb6","sha1":"5281848508486721ba7e6ef313fd78fcb3ec6537","sha256":"c4b7f64cbb9b200c9ec2e9894b15704b1dac42b6f697790475297a6ad7839f26","sha512":"35d2e55fd9d828847c6609bc4941499a570b01f9eb63906c87440830281332520171b78849e5c44f78b070bf82713d7d7a2743d9bbadec116e13bf25cbcddc98","ssdeep":"1536:pjxMkbZcbyEyNNBlxvHCfG6f6XbvSA6EkZLSCnYtgm+4g1GCt6iLnF:RxZNvSAfkpBiguanF","tlshash":"8ea33b88a120b57a46e356e652a88211b3b45d45f449c4f4b1fccc6b0daed9813feff8","first_seen":"2026-04-28T18:10:28.224443Z","last_seen":"2026-04-28T19:29:34.102287Z","times_seen":6,"resource_available":true,"data":null}},"time_used":726,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":723,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Low_3-CZAdRCrv.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Low_3-CZAdRCrv.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-1476\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FzqvmgLobKtLNw08j1ZS6U1Brv6te2WbpiWLXX6ezyWkrAmyKDdfprJEKEqnwE6YkTqOmZ8IQDBP9%2BPbJCC6PxWDdewXS7emzQQTuwqC0HEqMZzfbC0bFbU36Ldbtzpffhvi%2FfNO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902ea11b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5238,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"44e1a5b762465a0eb365f3f6fcc1d60d","sha1":"0acc5c63c3660a7c702ae6957c4b827574ea07f5","sha256":"186abff8e623d5232e4d46a8719269905148ee6b8dbeb47ee45878568fe6bf36","sha512":"f61cde643eb6a175d0e0e4435503a05d0d982e475ef31704096a9767e1bd2bd91e830e056f702626a919e06f6277119f4cbb4f282e9b0b014958ef79eaac93ae","ssdeep":"96:NknS2ia5BOmDq6Q0bXWl/dLdt/mTzv+zIkPJcFciGB:NknJBOmG+w9dt/2VEJicP","tlshash":"bdb18e6a8641ed4039cb8fc274e58847c371e048a3f0972b19ddda5e47378a8dd694ea","first_seen":"2024-12-26T23:29:40.099933Z","last_seen":"2026-04-28T19:45:58.097344Z","times_seen":65,"resource_available":false,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":577,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-8fa0c13b.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:12.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-8fa0c13b.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-2be09\"\r\nexpires: Wed, 29 Apr 2026 06:23:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F9PhMEaqCYyD7TE2JYNRJQY%2Fc0AwC3gwnGPe0FBl9GfehskLZ7FzgjFc5xlpDqykkngJKScdbg7b6XoXU%2FqUm1izUoHdEAcrPZeQmWfyqPii%2Bn9cLiEX%2B3DrLsAQG5mjU%2Ban\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818c52c6bb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":179721,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65500), with no line terminators","md5":"402f0c3debc0916816d9012d4a5bc3d7","sha1":"a7f2d86e1cff28f4884c25157927d06f25aa1d22","sha256":"1ff0526db48e356607d3e793b94ae54c89aa5baaba8cab8928fafc57a096e183","sha512":"12133c85932cd6156cff91488cd48a0800a56470dc7d0dbe6986223709c6b048dc7ff14ec6c815f6637a75d3c5a7f96d4679495a8c0da384ec07d2ef668c778d","ssdeep":"3072:vMEuQxARnjyBRy9hF0ZpFjsGEyuraHyB+/H7Av1wlsxJZSsp8eH:vMEun4AF0ZpFjsouGSg/H7Av1wlsfZSC","tlshash":"71048d4eaa8a0fbf9efe0c4c755a459021183f42a54cc893b2bc590937f7c94a36b75d","first_seen":"2026-04-28T18:10:28.273998Z","last_seen":"2026-04-28T19:29:34.097783Z","times_seen":6,"resource_available":true,"data":null}},"time_used":923,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":740,"receive":183,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getAllSetting","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://goldpocket.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zjc705gSX25DaacYpt%2FtUNq%2F4MYbXBHnsGH%2BnopZ75tgxVrwfeBTIFZKvZjCKzmpEh%2FhCdF6BLdyn%2F41oeEzhn3k4388wdxV9a2IsS%2Fccsbyf6dF4z4ixpEkdNGsTiK0gSbxEAUvahrtpg4%3D\"}]}\r\ncf-ray: 9f3818d51ba2b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":700,"timings":{"blocked":41,"dns":1,"connect":1,"send":0,"wait":611,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/user/LoginLog","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"OPTIONS /api/user/LoginLog HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang\r\nOrigin: https://goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://goldpocket.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VJxev8BQz1B41nEX2tL7cg65J0D8ODQsbRqg9DDp6BjbQwd9ELPNA7OUoTvxTa0E6WlO%2FZ4oekLxSJvbrT9kn5Cimp%2FI2HD26D3%2FlnG59ua%2F5D2l7A9VByx1Kzjuqh8FD3FdD02ikJhYIwA%3D\"}]}\r\ncf-ray: 9f3818d53bc9b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":706,"timings":{"blocked":54,"dns":4,"connect":1,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-2ee7b3a8.css","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-2ee7b3a8.css HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-553\"\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T2Qg0%2ByuDx7NqxfJJC7lEHyjYqsjh3uTOzq75ynFk8jEZb3yYdrf1XxYkww4HhvueTqh1DCGPsTAkXqhCo%2BAoVpmmkGI9bfuTyMmp1g8TxHL236xlV4OYHnmyPKXWRICobB8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d52c10b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1363,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1362)","md5":"0f5f6fda477235a06349008a000d81c8","sha1":"2431f7ff7dfeac6f2ec44afeb4cd3480abb25990","sha256":"2ee7b3a8a0e1b31b163b33129d9d82b368716adfaadc9f632b97c05fe1937a26","sha512":"e962a30cc904c107b5800bbac6606585b6d74c1d7f0d61eb032bae0a30a77c60d11f232e231bf943f53ee88fa5d971a540ea18881cf1f4855ad5a2e2b7c52f02","ssdeep":"","tlshash":"aa21c478da5090397e12fde5d7d705daf23ca5614c1beb997a18e16083c37f41a13382","first_seen":"2025-07-06T21:44:04.062809Z","last_seen":"2026-04-28T19:45:58.074034Z","times_seen":237,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/index-Dp1yJBJw.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //js/index-Dp1yJBJw.js HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-8ccb\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zBGiDVPL4MkQkNA4aC8RybFN8a8rmo66mjbKPiHDS0mPPKl2IkRNZAW74ssHaNMkjCyXVHVUpr4CPeFl9owhdAdbLKg%2FMr%2BapznHT8wo%2BnwaDEddA9ANNv2CYv0IOudmcb0mum%2BQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818fb0e86b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36043,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (36026)","md5":"862c178be327ef1d36516cc00906a70d","sha1":"6d8e2acf78c750392fba5a83a2a2499f12a3008f","sha256":"bcabdf9101e19e7a2a1e8ffc3ad90aeb22e66c7be8d3cf009ed255ef0581d1f7","sha512":"7f8a8acb8d78dacf467b7981e77cd291cb4516cd621a8d5006c07cb762fe0ec842d63f0d5721140221beffd341fceb6f222c7610a07e13cebae51bba08f41776","ssdeep":"768:K7Q8sElJTLHEHYXIH1LR5Tynv/Q/LoOmBzfAfKvrQtMK4qeV:QsElJTLHEHYXIVLRBkHQ/wVvK6","tlshash":"99f22a3d42129bbf6fb39625b8567114ee581f9fdb3489adfbf9b010fd808700596228","first_seen":"2026-04-28T18:10:28.234803Z","last_seen":"2026-04-28T19:29:34.073845Z","times_seen":6,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/option/rules/getTeam","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"OPTIONS /api/option/rules/getTeam HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://pc.goldpocket.click\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DY7fwsWjLkn7rXxtHmEw5xy0q8JdL90kbhxESpo0%2Fb2oj5aasdjHN9ahMyr4GOCOXS6DG6cz6op1mF%2BC%2FPEGFqGHP7q%2F2cs7ntYr20cn%2Frk8AttEx7CUdIhnDvR2I7QCO69qSJdgYObjYyE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f381903bb290daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Low_6-BrdJwosH.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Low_6-BrdJwosH.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-26d4\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zcavEom7iOZvqDGlH9bdi%2Bod7Qk%2F2myaVZckeUTtbewjEuX1n6he1ocpFbeuQk7ZS06%2BqFkOITINfFLXLj9vnnFdGGjZvzVRB5x%2FQ4E4PCsy5sDV0IxdWHUY94cHYfTDVNxkdVlV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902ea28b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9940,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"f4e6adb95ea32bce12b23d17e5c0bead","sha1":"00ced7819afc7267f587e68ad7dfe84c7eec7261","sha256":"b13acac1bd74d72c21facafcd3dbf6bb44dbb271b23a0df6a228eb28b7e337c9","sha512":"30f9dc0634ab618910888f5b34671d727e6e853facbee428b3e0177cc0dc3defe2f26dbaf96997e6bc351c241335da5f320d8f97f034269987cb2e99b4a1c838","ssdeep":"192:fS71Xz65HFwfkYKFafIGQA0GIQuuUa3b5hevzXLOU/8Ea4FM5OCZ:KNzUHFwlyafIGQAx7Ua3b5hevzX0EXaJ","tlshash":"2922a04ab28e49fdfc8a605c80b78d78764c2831f333e6110480f6a653941f756f3217","first_seen":"2024-12-26T23:29:40.06096Z","last_seen":"2026-04-28T19:45:58.080706Z","times_seen":62,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.06f70e855e507453db74709d8f3fc8451.jpg","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:24.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.06f70e855e507453db74709d8f3fc8451.jpg HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:23:24 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 437898\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FB1C68F5793033E59774\r\nAccept-Ranges: bytes\r\nETag: \"61A1EB6B91FEF987F87A82431A97F32A\"\r\nLast-Modified: Tue, 11 Mar 2025 14:24:47 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 7433871154220718262\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: YaHra5H++Yf4eoJDGpfzKg==\r\nx-oss-server-time: 7\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":437898,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 1980x1318, components 3","md5":"61a1eb6b91fef987f87a82431a97f32a","sha1":"250606929f84d1920041751c30d14e850b726984","sha256":"576931b330dda52610362489dd790baa72fa15cee647e3c91f11f8a2c6ac70c0","sha512":"1a5617a2a496c60927e92dc1702ca93c375ff6bb74ef9ac49422854bc56ba0eb4b5c1196774f6900f0132ea2079c82c51618f386a4cb6cec92ae5ceb89e0e441","ssdeep":"6144:86/BLL9ck/rc22A31IfRf886D0+wfrn4ildqVtLaF1SoiKEPBt+74sC8hOZW3bH7://3cU31IfRU86D0lrFvhnEP/sp9HQY","tlshash":"79942324fdc1a597d1275ff7a85a39e94c3643d85a8002db78ccdf022b971ec66af211","first_seen":"2025-09-04T00:18:50.346046Z","last_seen":"2026-04-28T19:45:58.088579Z","times_seen":40,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":266,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/charting_library/charting_library.min.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:12.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:41:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed9791-2a6b\"\r\nexpires: Wed, 29 Apr 2026 06:23:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TNCL9wGhEeJu3CYEaIwtwJD8e580im1HagDmRqK0dO7pUb22lCUQHVdqCRVoYDDJOFXb5Hnlogpm%2FM2Jq4%2BowlT12ZeDL3icF%2FwlbfVxZcUMl5plIgJLiyownOUKvxTbAHtz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818c52c69b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10859,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857), with CRLF line terminators","md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-04-28T19:45:58.069337Z","times_seen":915,"resource_available":true,"data":null}},"time_used":547,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/option/rules/getVideo","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"OPTIONS /api/option/rules/getVideo HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://pc.goldpocket.click\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BRMZILgx0OxXGU0ZzpejA7Y2BWylKUtx8OyxVgVNBQFEugqF8zMxI%2B%2FGTgwUPen29TkbKgn07GZUNR0a8%2FiuN7JAMILH5KnKXRC%2BE0jp%2F8kJbruOP1BNUdX9eAqdzYz63lYT4n4%2B8AygWlM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f381903bb2a0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/assets-63951985.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:15.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/assets-63951985.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-8c5\"\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2%2B28l1EHeiMadXDoonB1B1kLRTGWtSedD2Ioevbot45qqybJq4uGPwopIAg3NnBeV1G40gCvKub4sIcddmEHmDneRBsToJWVVQ9Wr%2BnRH0ERdgBDrcXdsLBjF6T5%2FJOwA3CH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d99b6bb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2245,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2244)","md5":"2215e8fdb2642c25e6c20dcf62d22df2","sha1":"6c8b943cca961987736ab7f7fe77791dc20dbdb2","sha256":"54d4bff28be6e2c087cc39aa22f849891d81cc84f1845c41a50eb41b6b1ae906","sha512":"c06267862e191ae6d22865e114195544ed09d96021ffeff3bac2f21909d316b63055ab478f76e6bdd63392a0e9103c78269a7c942ce32c8e371811c28765ed28","ssdeep":"","tlshash":"5e41b4742242313bc6f6408647405b91bb0dab9a4f19edb0bcee47b55f28ccad17e2e4","first_seen":"2026-04-28T18:10:28.226823Z","last_seen":"2026-04-28T19:29:34.072017Z","times_seen":6,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getAllSetting","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://pc.goldpocket.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9cSejhX%2FjuX2buOsgw%2FkU0GSVoU8gPTjqIBPwGP5mpBXwbqFnet%2B%2BI2mI5FXzfV2IK2XKOdrTzxb8yohIHOJJoo38pnMw5Fe7X%2BjvYDka88pBsPD1Wl1ss9upQw5alCJRvBgSXE1tWdkByI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818f868990daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40518,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a5cc52e4cc316f15ad3794011a8b98d5","sha1":"b5effd82436ba306c6cb8099be7829525e4280da","sha256":"15af629bf941fd66b45e7ae5e39d2879aa91b7857795832ed8cf780b4b692383","sha512":"4645f4a539c18df7eecf9cc2838374ada138463bf3295f35fae5b6a448ddf1126c09d2b689493b9f6496431047ab4d1888532e01a807b197e58d72a306e29bde","ssdeep":"384:DqoS+ybVlZozqDOJlDYN3HMlWfj2Z3CETW7q:Dq2yhlZoz8KZW2","tlshash":"db03851a7068ecbdc6dbe8c604773a6a35ec39bbead55c54a0cd0e4c43e9471870b70a","first_seen":"2026-04-28T18:10:28.280853Z","last_seen":"2026-04-28T19:29:34.075291Z","times_seen":6,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_core.js?v=1777400600652","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vip-cservice.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 03:55:20 GMT","end":"Sun, 12 Jul 2026 03:55:19 GMT"},"fingerprint":{"sha1":"70:AD:9B:85:F7:23:F3:E9:2B:B9:45:E1:ED:B5:7F:59:66:D0:A8:3F","sha256":"56:74:48:8E:C8:62:AB:54:11:1A:5A:19:3B:69:28:EE:A0:49:7F:0E:30:DB:25:6C:9C:BC:38:2A:34:BD:BA:D0"}}},"request":{"raw":"GET /js/ai_service_core.js?v=1777400600652 HTTP/1.1\r\nHost: vip-cservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:21 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 07 Nov 2025 06:22:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690d9033-44d2\"\r\nexpires: Wed, 29 Apr 2026 06:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z%2BCbICjrj2jFE2PkzTxJ9fsd9Lw1k70%2BlZKcgdTe8oqLzFPdvrJ%2FcWpPmdfF9q%2B2mfnkAf5OgmydS1DGByZnP4GssiyKXgrqxTlaYNx8tq1Ky8cfho7mwkl6NIC5CsNVmEtb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818fa1e50b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17618,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (496)","md5":"f18eea0d33964edbd612d61f5713fd75","sha1":"93dd1f6594dcf0f7cbdb44813e4c1f2072961533","sha256":"1bc28f480d9acf22346a0cc22379fce4b7971d6e647a55de5919e641db5cc597","sha512":"5cb694ca839128e6683a513174761ccf1c4147b28d130dc1425112756d81ee61a2c65baa2272e8284264a53ba658a4f77c1753291163dcc4fc5745b0538c5931","ssdeep":"384:m+6aLTFONgSMQDbHer4p7JCA8GaHOdRUHYAnUjZpeZgy4F4Syec71gAQ77/ZMTtY:5xTFeMQDbHer4p7JCA8GMOgYAnUjZpeS","tlshash":"a48241abebbb10724457b4368b9f268435268013294cde203facded04f52a675317bf9","first_seen":"2025-11-30T14:17:39.769051Z","last_seen":"2026-04-28T19:45:58.085448Z","times_seen":80,"resource_available":true,"data":null}},"time_used":593,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":593,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/test-banner-2-BOzsBh0j.jpg","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/test-banner-2-BOzsBh0j.jpg HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-e17ca\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eCEJih43AWnlhRsp6u%2Be8ELl3B40bEz0VMX%2BcNejn%2B8RIYUXW3cUi1ycUF%2B%2Fl5WekwUDVz7yrF67L5MXN7ylEYnTpjjcnNmQFsluGnF8SBksANUi%2BpNstTHMJULLY3S6QJHt1aaV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3819028911b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":923594,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1238, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2200], baseline, precision 8, 2200x1238, components 3","md5":"65854a160ce21592b039f4f62751f730","sha1":"2a51b71b65a211dc93795a275e9827b48df7f088","sha256":"a4d9da7a3496c0dc89eb4f6799f84ed485fb81c74b85ee5ee798c329ff28d40d","sha512":"fbec9b5be0bf7430e64bc00c6a2ad74ed9734373cf3a6c165c9fce016eb2e2f47181bfae33c376e3c7b5290442bdfd2261d7582d3530c01a9bf70ffbba66f8ed","ssdeep":"12288:07IA3Y7wolBJn0eww8evl8Z9EUJCC9CNw+5WbhXzGYHmIu390/tdIg5coJPrdH0m:sBob8m8P0C9Cyr/sg5ccrSFHJQOsMgS8","tlshash":"281533eb1108dfa5cbf41eb151d5d78d4a22c4bb5beb088af58ef05b53bdbab8064140","first_seen":"2025-09-04T00:18:50.344416Z","last_seen":"2026-04-28T19:45:58.086756Z","times_seen":40,"resource_available":false,"data":null}},"time_used":1548,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":697,"receive":851,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Low_7-CXcIvExM.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Low_7-CXcIvExM.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-44f6\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PDzQd775YCn%2BeD1MC%2Fhv%2B1YtBk7sdIbAQp1jDlqcGMy1T%2Fl3Vpo8CBdC6YaTJKugQp63Sny9O4Ts%2B%2FygF%2BLNcUZBUhpJ%2BAmolrO9oo6kl%2FLvx9%2Fpw1hohOjGApZIcY8%2FqC9Hde6%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902ea2fb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17654,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"8fb38101b080f0069632af23879f5d08","sha1":"2264f6840d544cc320b59f9861361125ecbca8e3","sha256":"2894d936fe42d3f8357e682c477c6d515f04b78e5b6efced7eba1c03b68f2d68","sha512":"5c45290fa25cd3cc00b06a44a1e11802bcc17b3a39395ab1ca17eb1fef7451abbc47343736a36b4359a3801c1e32a4d872285f9c1bcf76bd8dea8a009a61c17c","ssdeep":"384:Anh3XfgBbzg7igsb8vd81SJE6W/TvVqF9wj2iLFRQeNj8t8:Ah/sgoUq1SJEzTVk9uLItq","tlshash":"8f82be80621318a0ae6c964452be75bba9bf098447e8b0b4ccef8537b4747f9cd245db","first_seen":"2025-02-12T08:38:06.875638Z","last_seen":"2026-04-28T19:45:58.090891Z","times_seen":64,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":861,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Low_12-C1QilreQ.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Low_12-C1QilreQ.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-1298\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3q%2Br3I3wmyXj083tnC%2BU4qJEB4ph8n4pEdmhFu6isihnpIZ8Hv%2FGvnbP0BAnpvAjFNg5HoSUuveq4J8tIemxz9TtDEaxzvSpOISzO58pF256C18IHpFrt1dylwF3ovmaHJBJSwt%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902fa47b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4760,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 87, 8-bit colormap, non-interlaced","md5":"96005bed58ee3407bddafa6c12707734","sha1":"c3220fb9384f290f2487bcca0acf38cb9dd90964","sha256":"53a0ff4b5ede57448da0e58c94ade19ef52a993015f4d06c556e5e1731c7edb8","sha512":"94d4d49ffaff9847318b6bdf7661dcabc080eee8fa4a033cb9fe7bccc2fa2235992f8cd3f42cb80e1e9d3520623d698183277577a7148739dbd2a3fd864e3eba","ssdeep":"96:z+5+dVokXu1S0zHAtRB73Hne4QDCvx65yOvOBkYK1+iL:z+5m+EoKNHne36x4yOkkJPL","tlshash":"bea16d969d8e8028e8e238b872d5f4edcd340134609bf20ab375ecb60cb50925d2fe42","first_seen":"2025-09-04T00:18:50.316456Z","last_seen":"2026-04-28T19:45:58.079573Z","times_seen":50,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/ArticleViewer-I1WW3dzM.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //js/ArticleViewer-I1WW3dzM.js HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-983\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DYRQnDrDqdRaUndCJ%2FievJAdj5NM5K%2FIqO4q8XLWWnR9IpOphB8vDdnSPhiIAELqA5%2FGrMr5uANssMaRrf4UDorboMeWNpxeim9MrTkyPfJ2VRsREcxd%2FfJwIToedJRMpEMiTDRo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818fba8f1b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2435,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2434)","md5":"dd3614aebd975aa30295782b89a5bb39","sha1":"1049b61fcf91cd2b3731c52f3c077a04bf80524b","sha256":"8cf3b833c6eed8870b7fe1c8b13e30465ea33e8aaf6933bb6672d31bd801a266","sha512":"d75df77418962feb8e2b4ee5ca7eb83c4dd6b9226e5c16543c3bbbd8c0cf1359dc438ded7cd501bcbf09a1267baaefbae39494050a0beeb8c707d686ffbfacc7","ssdeep":"","tlshash":"fa4175ad7471cfb982b3933165cfe25491447bdbd7608a86716d18393bc1ef06a1c308","first_seen":"2026-04-28T18:10:28.235729Z","last_seen":"2026-04-28T19:29:34.090748Z","times_seen":6,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/notice/GetBanner/2","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"OPTIONS /api/notice/GetBanner/2 HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://pc.goldpocket.click\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tJOt85%2BJnIQ%2F2sNPkOuRENEHygULUnwNBSlNgfZNfrzAgx9JE%2Fas8rLQKs4lvV6RJS0rIGUCYDI7pbXcqbguszEK1vHF316uM9w6nNbwCmm6cuSqY8Gt8nTKLLckQatbr3lCOxSS%2F0SP6Hc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f3819039b210daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":187,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getCoinSecondList","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"OPTIONS /api/common/getCoinSecondList HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://goldpocket.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K3hou9JTDTDasyGN%2FUJ%2BeGUo9RMgDm1bwEGa3zGJx%2FhZ4vs5lP%2FFT04aTRqheJr7m8QKQk5vtT32Gt0LyA0kYZEq5%2FYhIYFTQnkRn5ROVIOFENoqQdB7zdan9RX%2FuMynXZ01Qncw4NGlcWE%3D\"}]}\r\ncf-ray: 9f3818d53bc5b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":708,"timings":{"blocked":61,"dns":1,"connect":7,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-66a4ac22.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-66a4ac22.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AO133BsI8BBZmkKcMv691DPcipmCrwxJuXKFX65k%2Fo9m8y%2B6QCm7BUE%2ByZX2RefGA10f7jGaf8vEuNx4OyRu6lKBBNe8zC9RNf23pdEznZ4YdZM5Fy%2BQicTaG0dsxuns7cnB\"}]}\r\netag: W/\"69ed97bf-239\"\r\ncontent-encoding: br\r\ncf-ray: 9f3818d54cbcb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":569,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (568)","md5":"3bdd1e99567a962c6e34d57fdb0e46c8","sha1":"ee1aa560d4f2a83f3feb3ecfa7c926fbe521aa89","sha256":"75970d7a7e6ae0e765e1a3e4733303eae9b2101302efcb944c772485fb71d860","sha512":"157ef557099662e6a1a7a544139ce58c87a59b8f501ca7161cb4aeb2b37f13d18140602e175498aaa82f300fb35939915bc6ad509b6f44d3ca552a94c5e97396","ssdeep":"","tlshash":"2ff0056fb47ec1f15fe3c45ca1630420991c1b453721c8d0ba0d072157384a6f27e656","first_seen":"2026-04-28T18:10:28.227727Z","last_seen":"2026-04-28T19:29:34.070291Z","times_seen":6,"resource_available":true,"data":null}},"time_used":546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":546,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.02d7484b4f7ee48c6a62b7ce68d372be2.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.02d7484b4f7ee48c6a62b7ce68d372be2.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:23:21 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 10828\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FB19EE24003335014174\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST\r\nAccess-Control-Max-Age: 0\r\nAccept-Ranges: bytes\r\nETag: \"DE457A5909B3BC1F01DCAEAD427A3837\"\r\nLast-Modified: Sat, 12 Apr 2025 17:12:44 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16626352392200013147\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 3kV6WQmzvB8B3K6tQno4Nw==\r\nx-oss-server-time: 11\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":10828,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 243 x 225, 8-bit/color RGBA, non-interlaced","md5":"de457a5909b3bc1f01dcaead427a3837","sha1":"55d01a85163c0101ba9c8cfd2fab8a05b577d75c","sha256":"efdb48c1076a951f303b048c8bcfe70882e0e8cd4acfd39da46b18920fc55e63","sha512":"2a14eded43f3acfd54ea4a36fd265ac4f70a8c826036ba8910a7a4eebfd1cc464fc537a296810aae51ac3f1171ce756b30f7e2be69029c578e3dd310685f2f37","ssdeep":"192:c2SEQ052gnwnOAO+v6Og2jIXz3WOaxowg70eWHqXAk2lWe3UVMVJx96BF+JaCtB:cZH0MswK+v6O/03FLw/hHq+3Ui2XEl","tlshash":"3d22aea0136de5a7fcc530a0578248b5750c92e2d791ee48f1d3eef86ce5c90a9f0881","first_seen":"2025-09-04T00:18:50.347386Z","last_seen":"2026-04-28T19:29:34.082741Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1918,"timings":{"blocked":815,"dns":1,"connect":266,"send":0,"wait":283,"receive":5,"ssl":537},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"webapi.goldocket1688.vip/ws/9fb34919-ec19-413e-9545-0ad26293a0c3","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"GET /ws/9fb34919-ec19-413e-9545-0ad26293a0c3 HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://pc.goldpocket.click\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 6DCdVTBA+4n9LXEZTNuZOg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Tue, 28 Apr 2026 18:23:20 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://pc.goldpocket.click\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: 1lsnjD0Pe7rDEJYKRnZNqdHwcYA=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ONzZmBPjEhppDW48A9Y%2B6SeKUttDmgN2Q6D5GEmI5frjVXcnEq%2Bj4LhO2zmcOrDJb5vo%2FINEXGCK1GTFnXnkBg2YSo2BToa9BdH0Ybf6XMSlhsIqa3Ke%2F%2B%2BcY58CuboNR0QEstN9lyLjExY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9f3818f6ba715693-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=564\u0026min_rtt=449\u0026rtt_var=270\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3130\u0026recv_bytes=1209\u0026delivery_rate=5389578\u0026cwnd=53\u0026unsent_bytes=0\u0026cid=de32aece3c9d0a89\u0026ts=637\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":645,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":622,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Low_13-Dtre4Edb.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Low_13-Dtre4Edb.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-35c4\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fmo2KBIwEnM78QTI3yEu8lzvOZEXelap%2BgjN9D%2FPd8cjHM4vrng0M5SJ%2FFyZVhzvMfVyotb3%2FXAJYoyXdzvRTYOO4tjOCZPz0CRzNN3HB5veRff5plZVWIoOpGirtT2td%2B92j%2BMy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902fa4fb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13764,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 160, 8-bit/color RGBA, non-interlaced","md5":"2c6e67fc2e060d5be1cbe4adeee0101a","sha1":"47a256417b8b8c8f501e46f45201e4de3002f4f4","sha256":"1623e3d17213444597dfd17cf82b953938427487c41cebf5f8d24bcab6ff1045","sha512":"5926dca7f68517e2e11fb30da9538daaa83dd4f2c732443c077ea15717fc8a6dc1a5b86fd1d56f456eab45d9892f6c8a038d1f4f68e72128a08a3643eb27efff","ssdeep":"384:4RDnt7dGap/Krho5yWTenohUtYQZ+o96BJ:yDt7Hp1enMUtY29c","tlshash":"a252af2f7d000d622e049ba51dbf80d683b188d1c8d6b474e759dc12ba7e7bb15cee84","first_seen":"2025-09-04T00:18:50.331142Z","last_seen":"2026-04-28T19:45:58.068813Z","times_seen":52,"resource_available":false,"data":null}},"time_used":740,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":740,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/remixicon-BVvFtaex.woff2?t=1734404658139","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/remixicon-BVvFtaex.woff2?t=1734404658139 HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.goldpocket.click//assets/index-CoEUZTis.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 176812\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\netag: \"69edb295-2b2ac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oITTsnEfkwC04Fz8wXq6g9EDw%2BqxboReWM3x5aChgMudcGlWRGwno0J62azMDEUq3Mek0yEIYsRjv4FxnqjTYssTfsH%2FBGO47aGN6wKjbp22GOCgJQvlY4lrjpmb7UZhB17jDYvg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3819033b58b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":176812,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 176812, version 1.0","md5":"9f0118b43f57fc3ea9f55bbfb3a3b185","sha1":"f3ec7500bd2c615bba2de885d46bcaa91c20aa9b","sha256":"7ea90bbc7c505b98dd7d3a089a6fa32067e353150192951cedb05e26820936cf","sha512":"6a17cdb1c39d1638a2e69ac8c9cf15229d9f64ce9026965dd8e8878700994fd1db65f21be31e18a49ec36e0b0ca522d05ab7f3884b21a022d9ccde9795d0baab","ssdeep":"3072:8oI+omjEjOiEHbaa4yYDtZimTAj2QdJohF8EBGWXsL1u:8r+5baa4yYRTw2Q8C48g","tlshash":"300413f0eda0d72cd9c7fc12f48db606aa9c579475f790901bb0fef869ca4a8965c420","first_seen":"2024-12-20T14:28:38.376296Z","last_seen":"2026-04-28T22:27:05.485135Z","times_seen":1708,"resource_available":false,"data":null}},"time_used":1084,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":726,"receive":358,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getUserCoin","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:15.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"POST /api/common/getUserCoin HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://goldpocket.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vnMYkUetm3LeaVcg%2B7HUDWlG2VSb2Q0sFM0F6F8VPfdQUCyp8Zz19L4botdEgwblxVn0o74W%2B6S8nYewt26FMQiUI9Jpju9yjAGPeOJ1DxoUAooLZlWx5ZuCLNntl9o1%2BEQJhDxqLuMCNk4%3D\"}]}\r\ncf-ray: 9f3818d8f895b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":327077,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"51414fa7a8188ef6b53fed75002d0e7b","sha1":"3e170de5553818daea172dcdd4f8748c5df077f6","sha256":"6b82d9c25f58655325aa876b1d3720c71c6057f4a7ec13416d8f6b6bc235127b","sha512":"e92fbd3958dd35cb884f75cbdfd71f40619f8518563279d7e411aa803da21fba897a53387ca97d70954aae8e7d192967febd523595f74727ca2710adb08bfb5a","ssdeep":"6144:k35UR/AKEVEh1yQrE44CyTx/gvuou3pd2Xpd2t/2Ypd20pd25Sp3mpQu2GD1lsic:aOAKEVEh1yQrE44CyTxc1lsiNa","tlshash":"9b64c171cec8d1cad4b98cd25fcbaed12e5a33c367cf5cc215a91e011bc263191667aa","first_seen":"2026-04-28T18:23:48.409012Z","last_seen":"2026-04-28T18:23:48.409012Z","times_seen":1,"resource_available":false,"data":null}},"time_used":452,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":452,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-23067ed1.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:15.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-23067ed1.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aGyc14TCxDrxyoUykfJjl5Gnmplaa8%2FRu77HA7lSnXwpVIyI3Nmm4g1jR7TNrnjaCAve3u1eA7vw6zX1QrLZksWrRHTe8fLoe8Ve4JiuvoijZN5d7VnTatbXSu8awyB9wRXx\"}]}\r\netag: W/\"69ed97bf-344\"\r\ncontent-encoding: br\r\ncf-ray: 9f3818d99b73b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":836,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (835)","md5":"11000909e19162aa1edd6041b9111c8b","sha1":"a29d8d18eba11cde91a7c0e3029855666c0ce1c7","sha256":"2b154c00be6ca0b702ab5ca216df607027b9a5d07d36d8b7efa04f110675a519","sha512":"fa5292ddf45a6c3647a1dd25a051dd729218b47d67cb5d984fc6ba4ceeb126a8c7bba22925ec0fa2e4bc6a4df7e6606f3fcd2932916e2eb9750fb0d04518e33b","ssdeep":"","tlshash":"0501cef6f90cce7f0ea2455412902a4220090f9cf91118d6bc9f7a692bfa800c69e70d","first_seen":"2026-04-28T18:10:28.239009Z","last_seen":"2026-04-28T19:29:34.090182Z","times_seen":6,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getCoinContractList","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:15.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"OPTIONS /api/common/getCoinContractList HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:16 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://goldpocket.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RsB0UqsuMcbybH60djtuxAt1Xr1QfP6mMzWvjuGRE4csFkPkWV6dq4aKDrnSkdqU0GS1n%2BJkvcbu641ahpU%2F6vgMNFh4%2FpQ8licJ%2BWMbEzX2bYwjpXCIim5w5WTLGfEvhhaKULZOATF6tTA%3D\"}]}\r\ncf-ray: 9f3818db5b0ab4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/CookieConsent-C5CsXell.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //js/CookieConsent-C5CsXell.js HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-18e03\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MHznBnEzFbRYAx6A1lY43qPZ4m1pzwJUVdZ9o3kR%2FJk%2F8wm2K6mF9kOocMzi31bpSdCWbG1brY%2Bt4RmaaHDUm28JN%2FGl3MggZH%2BzUd1EtEiabTAB%2BTfSA13qRD8UFQItk3cA4vRn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818fb98abb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":101891,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"611399fa79721361ee53de777806ccb6","sha1":"5281848508486721ba7e6ef313fd78fcb3ec6537","sha256":"c4b7f64cbb9b200c9ec2e9894b15704b1dac42b6f697790475297a6ad7839f26","sha512":"35d2e55fd9d828847c6609bc4941499a570b01f9eb63906c87440830281332520171b78849e5c44f78b070bf82713d7d7a2743d9bbadec116e13bf25cbcddc98","ssdeep":"1536:pjxMkbZcbyEyNNBlxvHCfG6f6XbvSA6EkZLSCnYtgm+4g1GCt6iLnF:RxZNvSAfkpBiguanF","tlshash":"8ea33b88a120b57a46e356e652a88211b3b45d45f449c4f4b1fccc6b0daed9813feff8","first_seen":"2026-04-28T18:10:28.224443Z","last_seen":"2026-04-28T19:29:34.102287Z","times_seen":6,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Low_4-CZsCHZTt.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Low_4-CZsCHZTt.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-22f4\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KQeH7KCZYfikQyH53xmoUhU%2F788GOwTFgP9N1PSzjVET3UW%2FQJ46naJnUwITP%2FVLFxeVW6sr2aUo7xS7inEWqiHKJLsPXfaNnrliq%2BIjOCmmQ1KxY8zr28ZLuTGsK8UdZbMM3Es7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902ea16b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8948,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"5b3ee8976381978db00a5d83a5e8bb1d","sha1":"e4c03afd678536b2659f6115ce67e49bc6127f95","sha256":"d16314aa812455f4867fc9124af62e75ac962d48bebf068fb343e5b49c1f87c5","sha512":"2c4884ab65d9d3c62bd64ff25bd2ee709b6405f07e941e3c68ab28e82ff8fd91ba7a1c5a0b189599eda448e0a2f39b8b43a80878628b4afd95f9428e0e8e977c","ssdeep":"192:rknSAq+3Xq+g5TelZa+hXbDROtAir4cIPgi1QghQPkGadurVxKq:AnSAf3XfgBelZPN+DIYEQghOvrKq","tlshash":"40028f4599486e4165d6b294aceda00353a28fc0c782d8747cedcc291cf0bbfce86ad3","first_seen":"2024-12-26T23:29:40.048598Z","last_seen":"2026-04-28T19:45:58.07186Z","times_seen":63,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":546,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-e61add70.css","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:12.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-e61add70.css HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:12 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-7107a\"\r\nexpires: Wed, 29 Apr 2026 06:23:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1%2FU6KdN%2BGAkJef32rU97hlEdUFI07eAZH0dBwplnO%2FudEuz2rTE4dERPtiq6KVr%2Fj04lRFagKr5rZTl592CpVppFYRsYcinGpfYfeJ%2BXz2XFZLkUlmh5xehKGVcpnA8fw21W\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818c52c71b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":462970,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"076b43941ed16a7b849733b3cd5468e7","sha1":"d719c058020c3cf6fc414f174c0810df20d739c3","sha256":"e7ad6cd740cc877b7875bc1a3e2196e565150d45b0df9a9ea9e6102aa4669e1a","sha512":"8554d527b178fce4157755d73f7ed2055f940f51425ac4df8cd31d6f7aab87fea761db9f9018f3553a2cdfb015b02316595cb379f107aa4b6f7d17e14391c549","ssdeep":"12288:Rnj/12cjZ8w71ZACkFDS3vyf58rBeV05TNz:B/12cjZ8w71ZACkFDS3vyf58rBeV05Th","tlshash":"aba423ade68402f87b27dd66e7d967dca13cf671c8814d98f507100d8ec3bf51292a2a","first_seen":"2026-03-26T13:09:32.648694Z","last_seen":"2026-04-28T18:27:38.146997Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1002,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":668,"receive":334,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/Sparkline-fc5ba93c.css","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/Sparkline-fc5ba93c.css HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YrOeS%2BGxmD2cwR9SykiwxHQWouq1eHvOw%2BVQgrtxPlGttLM44VufQTJeVZNHnJswcPIU0GyyqLihuF%2FUuMfl1YE0YAuurAcVoUZVUe2XpfQephqlVom%2B82iWoi722xBlPVL0\"}]}\r\netag: W/\"69ed97bf-6b\"\r\ncontent-encoding: br\r\ncf-ray: 9f3818d53c62b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bf7c86c59f3e438384c2ad4be8dd0f09","sha1":"d0fb9993fb0afb3f88c3b7ed08541e2f42ea7836","sha256":"fc5ba93c24759a9e83f92a25a748d6122056df61faf0bf5d6fbe0b779aa9ae60","sha512":"04569a8a29762dc8038b8f0d16d8a9ca9c161d86e5ecb1b9e175a598b204f211b979a9045411d618a45a37fe9df2a50ceb2277a250276a3e0eab69b086a55844","ssdeep":"","tlshash":"d1b0122802003558d3224310b2f3178d9738cf8127934c4f950a7e2368513af1822dcc","first_seen":"2024-12-26T23:29:40.001098Z","last_seen":"2026-04-28T19:33:51.631119Z","times_seen":41,"resource_available":false,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getCoinSecondList","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:15.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"POST /api/common/getCoinSecondList HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://goldpocket.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rZ7scHBDbi7ZsoIsR9WvcbKrTz2RMPO91VAVnZgQjmDNXx8qghDciwJcjVjoPXwTyiVmn8Cgh4Nr04obXbhgX1B%2FlNv9JlK16x49c7LThzKTBzeAnopDBED2LP54Mqel%2Fu0qDIXDEJpaZY8%3D\"}]}\r\ncf-ray: 9f3818d8e881b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":49995,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"18507cd8576ca86e35e7644cc2686919","sha1":"8719745db5a1efa27eb5b1c971965c5fac097d2f","sha256":"f4faf1ffa13c75199966e79973d9e000416230d86a6d191ac6fb556e2d3f4843","sha512":"680b6feca104008e0fb632232fcba8bc9993d886e4b9ae3e7f3dd437c2a3d0078cdeaab3e1cd3f55de19411fb980da7c4659ea3b6da351d89f9091491a0601a6","ssdeep":"192:Pth1LrYea+OcuZBgwt/FB9qGi6ZrLvjKP7IvHu9CEkjOOKprceGfYdVAONHnloIa:W+BegTFOypVOoSz2T8+Rn7QQfT5xS3R","tlshash":"b723fe2db664843c865088df5d533a53d29e366fed8c8b2a8def899520ecf777103906","first_seen":"2026-04-28T18:23:48.414336Z","last_seen":"2026-04-28T18:23:48.414336Z","times_seen":1,"resource_available":false,"data":null}},"time_used":380,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":380,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-66a4ac22.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:15.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-66a4ac22.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jEQGckjHCldtlB5IRzGuxZEdnmeaza1YkVeGzrYv4riLKEF%2BTvz%2BvF8uvm6roJ0MEV529qQ8hyi4ocf8ss1furzaaz1N20vVKa%2Bz%2BNwubAqNdk0cKJOm18x%2FzIk3ZfFT0k%2Bf\"}]}\r\netag: W/\"69ed97bf-239\"\r\ncontent-encoding: br\r\ncf-ray: 9f3818d99b67b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":569,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (568)","md5":"3bdd1e99567a962c6e34d57fdb0e46c8","sha1":"ee1aa560d4f2a83f3feb3ecfa7c926fbe521aa89","sha256":"75970d7a7e6ae0e765e1a3e4733303eae9b2101302efcb944c772485fb71d860","sha512":"157ef557099662e6a1a7a544139ce58c87a59b8f501ca7161cb4aeb2b37f13d18140602e175498aaa82f300fb35939915bc6ad509b6f44d3ca552a94c5e97396","ssdeep":"","tlshash":"2ff0056fb47ec1f15fe3c45ca1630420991c1b453721c8d0ba0d072157384a6f27e656","first_seen":"2026-04-28T18:10:28.227727Z","last_seen":"2026-04-28T19:29:34.070291Z","times_seen":6,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-1024feff.css","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-1024feff.css HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-817d\"\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O9QkNO9RNTKmzSOmM0Rs6Gldgi1fR6%2FkRvFo2TMZvo270dtWtQJAFunvwAz0y1t3JRmOboQLyoDJup5VJEZ9FsA7kFYzXVEbGhpHJzx%2Bbsm8dZm39uUPvkw%2FVNPUO3JCz4YY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d53c82b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33149,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (33148)","md5":"f8caf2458f1961471b085d8893e95ca1","sha1":"b526eee5dac8ec5331f04268425da1900239705e","sha256":"1024feff3a714942340c236388eef99bd81eae00b13f59febcead3945b6a6b96","sha512":"7d830b71aa106686433657bc07817b39e7f5a324cc55693794e7b308db913bfa55fca7a9683f0411e5703b7cbe1d4e6354e29d65412b694ca9e0bd1ffe037c9b","ssdeep":"192:hF64YWePf+EYmO+AjPzegl1lVKJDJXSLEUwm2a7KLrO/C3Ke5YjBY/b8oe4:364YWXRlzlVKNiCeYKe5YjBYD8ot","tlshash":"00e2a425b6891038fc37d5557ec88acca21cfb22f583ce95e69378714cdb2e72932649","first_seen":"2026-01-02T01:29:05.214111Z","last_seen":"2026-04-28T19:33:51.629232Z","times_seen":37,"resource_available":false,"data":null}},"time_used":581,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":581,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/index-Dp1yJBJw.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //js/index-Dp1yJBJw.js HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-8ccb\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y22p7GKuo1UG68ds6nED5zVxy8oQxb99nCk5bwNhqbWvcEXdAeKaG4JOYeZSinXhER8Q6APmLL59piGFI2bISZrwAEJwOGWsFpf64kWAmQuQaNuwN8eKKT6LbVMACy8B6%2BxjH6do\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818f748b8b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36043,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (36026)","md5":"862c178be327ef1d36516cc00906a70d","sha1":"6d8e2acf78c750392fba5a83a2a2499f12a3008f","sha256":"bcabdf9101e19e7a2a1e8ffc3ad90aeb22e66c7be8d3cf009ed255ef0581d1f7","sha512":"7f8a8acb8d78dacf467b7981e77cd291cb4516cd621a8d5006c07cb762fe0ec842d63f0d5721140221beffd341fceb6f222c7610a07e13cebae51bba08f41776","ssdeep":"768:K7Q8sElJTLHEHYXIH1LR5Tynv/Q/LoOmBzfAfKvrQtMK4qeV:QsElJTLHEHYXIVLRBkHQ/wVvK6","tlshash":"99f22a3d42129bbf6fb39625b8567114ee581f9fdb3489adfbf9b010fd808700596228","first_seen":"2026-04-28T18:10:28.234803Z","last_seen":"2026-04-28T19:29:34.073845Z","times_seen":6,"resource_available":true,"data":null}},"time_used":669,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":669,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Low_8-8hE399Ma.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Low_8-8hE399Ma.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-1463\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zDQ7vIXkd%2ByZcYPfRM%2FNde6GJS3nu%2BARLH4pRZxc5KS36BZiLGfND5Stp4GkhVVMJhLOFm0nXZ9%2FTzk3DLkrK7j1jVC2xG%2Bow7i5CdVv8FRTN2P2M%2BwCFqK2A4Ki8M7miueRaR%2Fs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902ea43b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5219,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"6211d145652aa5683717095a2b8f3cb9","sha1":"e723a1eb0b976b950c7918554ca3e03b82517b2a","sha256":"4ffbb5844e062f2f9fc2a8d92fbb4e20eefda839538163f19cad9127a9882b5a","sha512":"c586421b8bab3f03423e22a99e4733fc6de0e8947fe5544cadd46d6f8cee89d2906504e34ed9a133a4e349be47d931ad936609fa19daa7e00b910b5d28d9a835","ssdeep":"96:rknmWq2iSs+x1Nfa9cNG0KGY+xqHZTHOHU+xLYTiuL+R83xrIN1KEVXDFQLsFnu8:rknK+3Xq+g5Tu0+ZuybZVXDFFtfQke9Q","tlshash":"b3b12a0abf406c114a9d66c067ee610767775bc086a4a560fce6cd175c306fdcd8e9c6","first_seen":"2024-12-26T23:29:40.093755Z","last_seen":"2026-04-28T19:45:58.098023Z","times_seen":65,"resource_available":false,"data":null}},"time_used":628,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":628,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/vendor-57821abb.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:13.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/vendor-57821abb.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-f04e2\"\r\nexpires: Wed, 29 Apr 2026 06:23:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2iTPh9EgGICu7tw70nrgMDVFy5xnUai%2BkMecDSneCBwd5HPwg%2FsvEXaUwMMzUy%2BPS%2BNxuTSUKN5DJCAUvIAIY4gGIaWqjd9ZuCzqlcqVQ9zv9KuNRTvW5XcvxiNoiPqifYLx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818cb189ab1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":984290,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"658509941945fdb219afb5ac750c3002","sha1":"7550c9bf2af1d1fc9b848a09cfc26a07d3b6e7fa","sha256":"491e6f9da6cb68089a6f3f4994e462183a300e760c39cdafefcce08085586d34","sha512":"bebecbf7dc8fae9046062649fa605b51e21c94cbc9364ed3ea06a7fb25b7cc552a110389021779d2145883d212fddcb56c3904c9e46f9f4e1dad55060b6b25f0","ssdeep":"24576:4hkc5sJMf4gOt8zP76Zt0JZt0qODOa2g2gWA8RnWH7SO:4hkc5sJMfZzP76Zt0JZt0qODIzguRnW9","tlshash":"b12529c57292f06147ab24e240bb0006f3396e59744d84a8f16dd8eb7d79d89a2b7f3c","first_seen":"2026-04-28T18:10:28.257679Z","last_seen":"2026-04-28T19:29:34.089001Z","times_seen":6,"resource_available":true,"data":null}},"time_used":1186,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":681,"receive":505,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/SparklineDataFetcher-e3b0c442.css","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/SparklineDataFetcher-e3b0c442.css HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:14 GMT\r\ncontent-type: text/css\r\ncontent-length: 0\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\netag: \"69ed97bf-0\"\r\nexpires: Wed, 29 Apr 2026 06:23:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lIXUw1SaRU15ZanlBc83FDfCJN9tUzG7opHJaNGVteEEQzhn5CagMvbB8JYUM%2Bc%2Fc5y6zdnw2mtehue1mcIiJ2LDmbiewi2b5opYzEzv0koHjoK5Ootvrk5YHrtz%2F1WXpsnz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d54c9ab1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Frame%204-qWkfDJjf.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Frame%204-qWkfDJjf.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-20dd\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FL3LuMT81RojauNN5B2TD%2Br2a6YMVgEK%2FpeMZRctb1E4lTn8p86qjwbqdW8tGDBmTmeXVSZUPMZfBSiOwDpooYPfNoPz5I2TORlGI%2BlGEF3VDwuoSfxFlTSb3RscdpSYmK0qkw83\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902c9d4b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8413,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"264df1bab5915017aa44a0e0b8743667","sha1":"bd97c7bd5c839e29446cded395805af0a08f9b8e","sha256":"841a45a62324a18518fb30f38f1c097827d6b9585c35dbd9856f94755bb15e0e","sha512":"483aa21467a4ae27ed9f2ac5a7b705e8483c6926a2c43ce8d116943faab02f1ed9943fbbb72926edd5d1a32ecca8ef00acee2e7b4c37714730ef88ebbe53af2d","ssdeep":"192:caJgBbRcbRgI/EZ+ZsoUSRZnVHdtda+gv6ah2:xgBbwxcKVdNdtb66I2","tlshash":"7802af77d5c6848c122ce2a7eb287950f21448011175d26cf6d81ed7e1bb93be937b0b","first_seen":"2024-12-26T23:29:40.054476Z","last_seen":"2026-04-28T19:45:58.076305Z","times_seen":65,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.09cca26b322c34bc8806cd8d4a48e1141.jpg","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:24.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.09cca26b322c34bc8806cd8d4a48e1141.jpg HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:23:24 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 923594\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FB1C68F57930335B9674\r\nAccept-Ranges: bytes\r\nETag: \"65854A160CE21592B039F4F62751F730\"\r\nLast-Modified: Tue, 11 Mar 2025 14:24:26 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1983646765410002933\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZYVKFgziFZKwOfT2J1H3MA==\r\nx-oss-server-time: 7\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":923594,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1238, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2200], baseline, precision 8, 2200x1238, components 3","md5":"65854a160ce21592b039f4f62751f730","sha1":"2a51b71b65a211dc93795a275e9827b48df7f088","sha256":"a4d9da7a3496c0dc89eb4f6799f84ed485fb81c74b85ee5ee798c329ff28d40d","sha512":"fbec9b5be0bf7430e64bc00c6a2ad74ed9734373cf3a6c165c9fce016eb2e2f47181bfae33c376e3c7b5290442bdfd2261d7582d3530c01a9bf70ffbba66f8ed","ssdeep":"12288:07IA3Y7wolBJn0eww8evl8Z9EUJCC9CNw+5WbhXzGYHmIu390/tdIg5coJPrdH0m:sBob8m8P0C9Cyr/sg5ccrSFHJQOsMgS8","tlshash":"281533eb1108dfa5cbf41eb151d5d78d4a22c4bb5beb088af58ef05b53bdbab8064140","first_seen":"2025-09-04T00:18:50.344416Z","last_seen":"2026-04-28T19:45:58.086756Z","times_seen":40,"resource_available":false,"data":null}},"time_used":392,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":266,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-def9fec0.css","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-def9fec0.css HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-112d\"\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k3tejTuQTmlbud%2FwV37I8U%2BGMqFwkP3By7L9V%2Fng6W4hXMIiJpmYkh2NN12bny8SVEdJ5gunlo7iGPCBq1ec9IeGtM%2FX8%2B1q13L%2B0N%2FB0WTgXShIpBP4AfeItB0Z4MK15%2B8X\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d53c4db1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4397,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4396)","md5":"3a3292f2ff9d3870e22a9a5661e73c30","sha1":"d0917ffd0a8e4461f37dce364525b92fd77ed4d0","sha256":"def9fec0098d5f715a2ca98d517ae777ef66384848bc983674a164600a169052","sha512":"8f0adf3135934d606579c0567fb7acbf51dbb6bdbb56e60322a3592a3e90cfac14a166e65268787508d7fd39c73b3fa88eb076afd8116655bba51b6490d6338d","ssdeep":"96:UZMxRZ0ZxZLZSZgZPZYfHgmzKxaCCXtld82:UgSzFEudufAmzCCXtld82","tlshash":"5f91242df38c2039297bc2897d4c9ecdc011be61d182abd1f947aba50acf6d3255455e","first_seen":"2025-09-04T00:18:50.349072Z","last_seen":"2026-04-28T19:45:58.075057Z","times_seen":40,"resource_available":false,"data":null}},"time_used":616,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":610,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/ArticleViewer-I1WW3dzM.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //js/ArticleViewer-I1WW3dzM.js HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-983\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VkjEXsR%2FwUbOgSP9g6Mf1rJqtarYCQbUPCAqKgXhtAAhYfkdevd6G8ieStBy9urryPSC7vkQXCtL0QVmgfzFBvGoBJnrEVI%2Ft0yrGUFB%2BVe1BlZc5BUHV%2FJBT14tDthFNeXZUno5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818f748d0b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2435,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2434)","md5":"dd3614aebd975aa30295782b89a5bb39","sha1":"1049b61fcf91cd2b3731c52f3c077a04bf80524b","sha256":"8cf3b833c6eed8870b7fe1c8b13e30465ea33e8aaf6933bb6672d31bd801a266","sha512":"d75df77418962feb8e2b4ee5ca7eb83c4dd6b9226e5c16543c3bbbd8c0cf1359dc438ded7cd501bcbf09a1267baaefbae39494050a0beeb8c707d686ffbfacc7","ssdeep":"","tlshash":"fa4175ad7471cfb982b3933165cfe25491447bdbd7608a86716d18393bc1ef06a1c308","first_seen":"2026-04-28T18:10:28.235729Z","last_seen":"2026-04-28T19:29:34.090748Z","times_seen":6,"resource_available":true,"data":null}},"time_used":617,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":617,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/PdfViewer-RWlLDR1n.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //js/PdfViewer-RWlLDR1n.js HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-219f69\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=90UJ1OnTRjdfkavrtMRa6O5qw1eTlz63E3dnoM8%2FmEHJzBQx746GKOgd3t5gKUMb0kF%2BhfrA9BGG7QsamjE8LkpunGNv1bv32JxljiAKrC4%2Bvns0gXsCJBht19smdtgUjAvFXV0g\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818fb98e9b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2203497,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"769a446e681e26b400a1910fdc2af2c6","sha1":"aee7c6b6494ed2d1edd30a9ceabe2a9b750562a8","sha256":"2fb3ee52b645183c6d58cbb631248673fdfc7f926b923cb3d2faa5ab09f4e603","sha512":"31cc033e3b9482f3e702b2dae07d18066325e97c10c02be3f74924450d30cd4cb5c36fdae67b7bb01b1dc263ead75af6eb0a74bcea92f4ee1fd38797ce532625","ssdeep":"12288:BkG40pIoOnW2O69x3fOqsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbX:r40pIoOWl6r3dqbOt7aFMzW","tlshash":"c9258d24735a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09633d734","first_seen":"2026-04-28T18:10:28.209773Z","last_seen":"2026-04-28T19:29:34.076039Z","times_seen":6,"resource_available":false,"data":null}},"time_used":848,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":774,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/notice/GetBanner/2","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"GET /api/notice/GetBanner/2 HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://pc.goldpocket.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AqR2TIX6yFDZPoCOJucSBTEoHZKWaHMVsOFPuaw%2BVIs5arvR8o48grcU7UFjscy2vfMUhedacM3JX1z8oBwlY91uS8W8EpFwma%2FcVdf5berWSz1bHypmapcl1EhF0rcQcg8QAf6dwtwyxXg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381904cb740daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":334,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6882daa178c1dc15640d4290e1f71368","sha1":"077e91cddb437af52cef6e1ce14067d08def40fb","sha256":"aa535dbab8dcfd3879b3479e76d7a942ae000993efd220611700f141b9405aae","sha512":"4c4c77158a1c3b8094321db719b5f9300901abb47227a8f4012685f9dec139b0faa0f49fc4af556bdc73ed9707b3d10a037deb4f9746689c793a57b2d64e4692","ssdeep":"","tlshash":"3ce02663ab0890b088b14ecce97b225df0fd3c7f569042c2ac218884ba89ff794019cd","first_seen":"2025-09-04T00:18:50.299963Z","last_seen":"2026-04-28T19:29:34.105787Z","times_seen":21,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/vendor-a26129ae.css","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:12.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/vendor-a26129ae.css HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:12 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-19f3f\"\r\nexpires: Wed, 29 Apr 2026 06:23:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uGF5IiytwQmwBv8v4inV8RH0f%2BJK6%2Fn%2FzDARJo3j9iugrJyJwglT8BwgqUYif1sUGbSWxRrfYBPIqWzLS48EVZqgSDsIpGMUEHQDwfumaA7DB3HfcCuY3eOsv8RS1I9TeG2y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818c52c6cb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106303,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"d98957f7dc66ebe08e7989195c922966","sha1":"5e64a3972f92b2399cc46ea9aa14f2fc56269d7b","sha256":"a26129ae541645a0121f9f6863d513bc1a8813dbc5ac9eb13b167ed4c7a8300f","sha512":"be20926b774b052879f74ac1af8a80c68f33c4a456fa8553b28945b00efcc27a606b2934b3c05594c447914d82597cc28289b1536bb90153958759072aaf7488","ssdeep":"1536:BtIyNBi3MFYaQj7FCwsBlDOFIxuVox8D/z/VX:BnNIClDsIxuVS8nR","tlshash":"f2a3f7a5a9c091fc6f2af265ab8b65dcf13cf671cd40daa4f105515c0ec7bf50223a2a","first_seen":"2026-01-02T01:29:05.251314Z","last_seen":"2026-04-28T19:45:58.066938Z","times_seen":39,"resource_available":false,"data":null}},"time_used":924,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":742,"receive":182,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getWhitePaperSetting","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"OPTIONS /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://pc.goldpocket.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4e1yWw9eqaj8Y6OMJX3eJ7oWMaCCzFrwuUdC%2FTA34lrU%2BiHIVwf%2FYK8wl1iNK91XLnMXqmZelHbunypPdh40AihireMkvOg7kd%2F1I7BGKkoueKbvXWzVl0hOU7XPj0TwqAva9BaIM%2F1h%2Fes%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f381903bb2c0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-cd0250ea.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-cd0250ea.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-b386\"\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QroEu53xBV8MXzq8oqQHA1fDU%2BAGIIK%2BUuKGbh%2BAtLTdHZbr319ljllUKKgUawiWDVYJE9kfTxBNZm7%2FXEEg2kZLuXlj3HONjHlQp9tYArel0OhXiha4JZMtNebrxd8sbes1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d54c9db1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45958,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (45953)","md5":"b942ce5cec760a53bbf1229804f7a114","sha1":"a852c737627512fd27d421738a626d433dd05656","sha256":"07e48c77b28b0aa77f64f8fadd06c207a3ef7cce6cb582c0f81012deaf2eb50d","sha512":"ae5ca2c99aa950306ec79ba4ef72530b107d2fc36fe57ec0fb40f3bbde09c289bc3cd35d7247e410352122f58390f4587c69129864b663f6b953e68d74ee737c","ssdeep":"768:XkcN+dzmAiIZbeV29BJI2CUSeyzKVfkIxMpOt9gJFizWG6NGCNzcpEtUzGC+O0xC:XkcMzm7cI2Gey2xMpne6NGCNyzpDSXjc","tlshash":"07231602fa46c53ddfb2a151148e1110a6182f8ad04898e7b4bd691f37f7eb07b6a37d","first_seen":"2026-04-28T18:10:28.243835Z","last_seen":"2026-04-28T19:29:34.083997Z","times_seen":6,"resource_available":true,"data":null}},"time_used":674,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":674,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/assets-63951985.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/assets-63951985.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-8c5\"\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i34Q5yu8%2FvZBHXP4mQenvmPNmCXOId0Wrqko53VeOyukCXuqVPJfoywSA6c9aEgezAP8vE8JnGlbCZBfJZEnCs0pbAtY8ccournRMNWEmomTdX9rTzkpa9A3QZp97r6xcQ4m\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d54cc1b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2245,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2244)","md5":"2215e8fdb2642c25e6c20dcf62d22df2","sha1":"6c8b943cca961987736ab7f7fe77791dc20dbdb2","sha256":"54d4bff28be6e2c087cc39aa22f849891d81cc84f1845c41a50eb41b6b1ae906","sha512":"c06267862e191ae6d22865e114195544ed09d96021ffeff3bac2f21909d316b63055ab478f76e6bdd63392a0e9103c78269a7c942ce32c8e371811c28765ed28","ssdeep":"","tlshash":"5e41b4742242313bc6f6408647405b91bb0dab9a4f19edb0bcee47b55f28ccad17e2e4","first_seen":"2026-04-28T18:10:28.226823Z","last_seen":"2026-04-28T19:29:34.072017Z","times_seen":6,"resource_available":true,"data":null}},"time_used":610,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":610,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/low-fee-ByNYPW5l.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/low-fee-ByNYPW5l.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-64408\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TdBH%2FUiFcgJvglX5992SxV0T6mfmSGNC%2FDEWvzZKmBRFwrQwjFk8QtF3ES8%2BRsECStfOrTjNLyOxpiUk1NjYi3XJQ0avahxSCj2frCdPyBnxuFMMOrmCyewy22q%2FXC4GkJA5K1x6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902992cb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":410632,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1560 x 1345, 8-bit/color RGBA, non-interlaced","md5":"4904db96fba13ac0e2a1c402c5b7b337","sha1":"a685f21e35a89536be7c6bb1b81925d761fc8749","sha256":"8bc07dbafbe213a3bebafb929b95a9c44aae9156abeb7392147779181bb509ce","sha512":"1c8f59b84b36d285ac7a9c2072d5cf757ca584b90343a92b00f5fd2f82e7bdc0db2a2cea3739c78a6e6389f0f0a0ab0ff22e330d8cbb8dd282e0c21e84047045","ssdeep":"6144:RLAC7dJu4FFzg5UgoJJ9dz6Te4FzRMX2kad6uhe0WrsT12f5WpgNFDk1d:RAC7d04FFk5LonP14I2kUw0WLBWKNZEd","tlshash":"5a941248c0582700fcfa75b9e2caae37d99477325987966833e3317103a638e5b917db","first_seen":"2025-09-04T00:18:50.3611Z","last_seen":"2026-04-28T19:45:58.07698Z","times_seen":38,"resource_available":false,"data":null}},"time_used":2009,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":736,"receive":1273,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/test-banner-BQxVGhys.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/test-banner-BQxVGhys.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-189055\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V3CkKgujpFajpOwRCJKizI49rM3SyMlZUQp83fTDJdkknuM%2B3bzaeE%2Fh2E6riTOrRS%2FhVpOf5PbRYZLcOiRIO7JO%2Fhb2f92xycj3Whx2AYmhQXf3aSBopCk7XTxw0%2Bg%2FCkzJ1dsA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902890db1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1609813,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5760 x 1410, 8-bit/color RGBA, non-interlaced","md5":"068ffefed26b5a72168f158658b9a2f4","sha1":"2ce2db9abcb1feedddd98d5b53ad607a5b0df748","sha256":"9bbbecbbbdaa2afa4d2412b9208bc080d3c13597cb38dc80069dfea2317a14e9","sha512":"c741fff5018559eab2f1e2a738ede90b3ee6c15fefedbcf6d3126190fee129e61bf8a03eab11bd44aa1f904fa0bc0d99d152a1cfcc08b0cd811c295fd5cf3b2c","ssdeep":"24576:DcSET7hb2PQJj5R158yzygpkVNYCtmD8zm95p9pi:QDlb2PQJj5R15rXtb8zm95Zi","tlshash":"5b2523ee5475dd14fcbb09b867a33f37a287109184f8c265d62ab09e748bed818c54cb","first_seen":"2025-09-04T00:18:50.351314Z","last_seen":"2026-04-28T19:45:58.084333Z","times_seen":48,"resource_available":false,"data":null}},"time_used":4027,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":740,"receive":3287,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getWhitePaperSetting","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"POST /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://pc.goldpocket.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QWIKhai4SUapFeNH0KOkLDN56CwfXUwmA3zm5jdO8d%2Fw9tq8NcjUvTe19RA4RvtFu6Kr5Rhr5uilaerGxTqpkik4%2FjLYfHYB%2F2A2A43WVzdiS3Y%2FcOjvm9cE8nYT%2FZsWn4EGWfXOVR0JXg0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381904eb7d0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b766b75d9537e8988b4a34181cbc262b","sha1":"5a310018167c8bd057c5fad5e5dc934cb8bcc37f","sha256":"23695d7d78e8c9371240ab8dcace281a40287e67db710dca64606248ae3bcefe","sha512":"dff876adaa66bd79207d994226e339cb72858784988e0949e301408eb7b839d702f8b75e057dceec14f4b04867cff0da19ff38a0f1e1a8db370ef0096cc4c1f1","ssdeep":"","tlshash":"6dc08c332948c1d248a16acd410a2e6af0d878a722182280c8649f58a44cafa9649888","first_seen":"2025-09-04T00:18:50.369292Z","last_seen":"2026-04-28T19:29:34.068688Z","times_seen":7,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.069d83fe03b7e4581b7cb7ccddae1b617.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.069d83fe03b7e4581b7cb7ccddae1b617.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:23:22 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1609813\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FB1A68F5793033FD8F74\r\nAccept-Ranges: bytes\r\nETag: \"BE0849BC722AD880BCBFBC2CF0E69801\"\r\nLast-Modified: Tue, 11 Mar 2025 14:24:02 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1605986791831193932\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: vghJvHIq2IC8v7ws8OaYAQ==\r\nx-oss-server-time: 8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1609813,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5760 x 1410, 8-bit/color RGBA, non-interlaced","md5":"068ffefed26b5a72168f158658b9a2f4","sha1":"2ce2db9abcb1feedddd98d5b53ad607a5b0df748","sha256":"9bbbecbbbdaa2afa4d2412b9208bc080d3c13597cb38dc80069dfea2317a14e9","sha512":"c741fff5018559eab2f1e2a738ede90b3ee6c15fefedbcf6d3126190fee129e61bf8a03eab11bd44aa1f904fa0bc0d99d152a1cfcc08b0cd811c295fd5cf3b2c","ssdeep":"24576:DcSET7hb2PQJj5R158yzygpkVNYCtmD8zm95p9pi:QDlb2PQJj5R15rXtb8zm95Zi","tlshash":"5b2523ee5475dd14fcbb09b867a33f37a287109184f8c265d62ab09e748bed818c54cb","first_seen":"2025-09-04T00:18:50.351314Z","last_seen":"2026-04-28T19:45:58.084333Z","times_seen":48,"resource_available":false,"data":null}},"time_used":1607,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":275,"receive":1332,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Frame%202-c2RTuPRh.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Frame%202-c2RTuPRh.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-1904\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SISF7VP3IKVP5TstZi0pHU8STwdcS6xWfBbSwKEnpvalHGp4tEKrooB5wCL1ovROEVoK2xzXlGRAjcmxrCXsv6gmNTGWjOv%2F09W1q7mlaHKSdDYnowwYpDriZjGpcB3Ik8J1pMO8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902c9afb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6404,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"c5f6ce860b906f355bed0f55e2ae2a88","sha1":"044d4a88650ebbeb71b5ba01dae0993e64ea257d","sha256":"2e5a4148f2f24b69f934319ce6e397de373ccdb3744307d44a9ef747973b945b","sha512":"98b22901d2a1829c6d1953b0a3ff3306f939e2966c166f9971a3a29a95c27c844627c3edeabc4dc7148aeb0a47b8e685e7bcc9abf756f179e5dfe0f563a95fde","ssdeep":"192:MlfDJ/atKb4jNpdL9w9mjidVbFTC7E+XNS2:QM04jNXL9w9vdV6X02","tlshash":"8ed19ef7971026a7fa9855c615356cbacfd4a6034bc72608013a76053dd6728ff0ba86","first_seen":"2024-12-26T23:29:39.991003Z","last_seen":"2026-04-28T19:45:58.087349Z","times_seen":65,"resource_available":false,"data":null}},"time_used":604,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getAllSetting","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:15.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://goldpocket.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eKhpP8kStUZ%2FxLb%2Bd9wgA8P%2BxF4V0DFzUd0FaQ1sy4U6z5VXJtQGEiJJ4YOKKc3r1jBJnoyAS%2BTu%2FYN2LCf5rOqqRgSdO822L03gWE%2FL%2BGMZ0cUNGgPc4TfldB2ygvVHjWQX%2FtM9FMvdp7I%3D\"}]}\r\ncf-ray: 9f3818d8e882b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40518,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a5cc52e4cc316f15ad3794011a8b98d5","sha1":"b5effd82436ba306c6cb8099be7829525e4280da","sha256":"15af629bf941fd66b45e7ae5e39d2879aa91b7857795832ed8cf780b4b692383","sha512":"4645f4a539c18df7eecf9cc2838374ada138463bf3295f35fae5b6a448ddf1126c09d2b689493b9f6496431047ab4d1888532e01a807b197e58d72a306e29bde","ssdeep":"384:DqoS+ybVlZozqDOJlDYN3HMlWfj2Z3CETW7q:Dq2yhlZoz8KZW2","tlshash":"db03851a7068ecbdc6dbe8c604773a6a35ec39bbead55c54a0cd0e4c43e9471870b70a","first_seen":"2026-04-28T18:10:28.280853Z","last_seen":"2026-04-28T19:29:34.075291Z","times_seen":6,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getAllSetting","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://pc.goldpocket.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B9qO0iWgqsb6KVMZVDzyIkZyHJtehowfmo91dEWArLS0gFjq8rUiZvc7e68SRK9TVBY7upLAPOHMaMnAa0ycbQPkbr1jHFqyNLVVH%2FyzET%2FjRO6CK5zrDIgph4hOb%2BE5AvrdwalvsJ3g64E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f3818f7383b0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":187,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/capabilities-bg-Dwew3lpW.svg","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/capabilities-bg-Dwew3lpW.svg HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-70027\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QUHHWA83AnW3Qaf7o6lyGEe72gpIDjdWLEnFdZnhokRFzTC5qzadeMW438x0Kdm5YvuiHbmHAuGIzhY7NS5DNJUUk9a8eTxWS6BzOffb%2F70zSMVtWvY1oSNdSFId%2FkICrUES9AW6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902a962b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":458791,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d350326b7f8b8abbee3fcea058c7dfba","sha1":"257aa76de05ee37f42bf20da73bf6fb7016f0d20","sha256":"c17a5adeea08cbe690d9a0aaecabfd265b55e29d69890bb816d0c72cad1cfa0a","sha512":"abec84d75420c9b294aabfe14635c6239d16a984219c2951d66a859fcc7e6054e0ca07b73f03cee801609f787d5f1e67e1d866860d858ba695f8a9a16557f75f","ssdeep":"6144:Q8y2HtFP8Opu+2JaO8bTLvXXLAo2XULHs22l1OkbGKA9UadGwLDrSOO2LyQpH/rw:+2HtFP8OILDMnv32kLsr1gTSOOkrBlU","tlshash":"c9a422e1b1e87fdb69f4a65d449d4c936c2409c4a118d0c9df9a9fb603daa306c0fd3a","first_seen":"2025-08-30T18:06:20.953547Z","last_seen":"2026-04-28T19:45:58.081238Z","times_seen":33,"resource_available":false,"data":null}},"time_used":1325,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":760,"receive":565,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Low_10-oM9rJNnh.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Low_10-oM9rJNnh.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-1e85\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rrcRhqBOjWKBh7p%2FKjmuQEu0cShmHkwz%2B8uDGQ2lLwIm0bKyllge%2FQPWZS1HDbEJeYKnVVxDiPEc%2Bb6C0UDICFAPfiuxf7%2FuogZCB4vlmuKVtHi3%2BUi8%2BUNDUiMYybVYrU32UVWq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902fa45b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7813,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"ee91dd1f10c738a951cdd6d6f56c6d2a","sha1":"0f18b1339f62b322f0ca87bba04d7274d9cd6327","sha256":"66bca87cc8e292cc6a136f92fc1cf68f613195bc9b393aa90de3688565521bc7","sha512":"f6c643c252ea556ee6eeea30c1fec6bcb34682601d0dc99435acfd70ef1e48987c5b01a83d327343ba59a0f4ebcd5a49d3cd3b61db9a0c54faaaddc8c9a493e1","ssdeep":"192:fStX5dARBEEYxJg1L4f5aZzsPhY9706OTHEL:K5LEEEYxi1Uf6IPhko8L","tlshash":"7ef1bf40648a2e63661e7d48c2e0c5b557b655cf5338c35bad3210fd15e6281ee39ca7","first_seen":"2025-02-12T08:38:06.881528Z","last_seen":"2026-04-28T19:45:58.092885Z","times_seen":64,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-cd0250ea.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:15.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-cd0250ea.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-b386\"\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fcZ%2BrF0Viggqg%2FI1cfjPoSUQ76AE%2FbqJwUuCZwkj2VJaBXG9W%2BHPbLlBS8WQGyFGE4fSn0eglusxM3%2FtkOJkpOZE7jlHaq3Tf5DinQcmdKmTRHTcBkxsJNV8EUgog6n3SNxt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d909bbb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45958,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (45953)","md5":"b942ce5cec760a53bbf1229804f7a114","sha1":"a852c737627512fd27d421738a626d433dd05656","sha256":"07e48c77b28b0aa77f64f8fadd06c207a3ef7cce6cb582c0f81012deaf2eb50d","sha512":"ae5ca2c99aa950306ec79ba4ef72530b107d2fc36fe57ec0fb40f3bbde09c289bc3cd35d7247e410352122f58390f4587c69129864b663f6b953e68d74ee737c","ssdeep":"768:XkcN+dzmAiIZbeV29BJI2CUSeyzKVfkIxMpOt9gJFizWG6NGCNzcpEtUzGC+O0xC:XkcMzm7cI2Gey2xMpne6NGCNyzpDSXjc","tlshash":"07231602fa46c53ddfb2a151148e1110a6182f8ad04898e7b4bd691f37f7eb07b6a37d","first_seen":"2026-04-28T18:10:28.243835Z","last_seen":"2026-04-28T19:29:34.083997Z","times_seen":6,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":71,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/js/ai_service_diy_mw65cqqn.js?v=1761636780","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vip-cservice.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 03:55:20 GMT","end":"Sun, 12 Jul 2026 03:55:19 GMT"},"fingerprint":{"sha1":"70:AD:9B:85:F7:23:F3:E9:2B:B9:45:E1:ED:B5:7F:59:66:D0:A8:3F","sha256":"56:74:48:8E:C8:62:AB:54:11:1A:5A:19:3B:69:28:EE:A0:49:7F:0E:30:DB:25:6C:9C:BC:38:2A:34:BD:BA:D0"}}},"request":{"raw":"GET /js/ai_service_diy_mw65cqqn.js?v=1761636780 HTTP/1.1\r\nHost: vip-cservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 13 Apr 2026 05:10:25 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dc7ac1-71a\"\r\nexpires: Wed, 29 Apr 2026 06:09:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 805\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5%2Byh%2BRaA2Y0SomjY9UrnX0EcRjMAqsdl2zIMSJ3yIWWrfXMOGCZDCc1vlY5NAZ1w6OKCKr7XxbuXkDq0Kfg2fqxI%2BRJEd3JDAuJ9lbe4CLPpvl7zNVbjnPpHPHDcSbAwXgrG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818fa0e38b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1818,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"9a6864c2640c8816b0c8390165067e54","sha1":"1edc9a1500fb4d16d65f0102095cdc52abaad7bc","sha256":"baa2fff7d8e9676e4724566522cb2ff942322afa8424502f8ed43c56d8bb25d5","sha512":"1c696cb84eb4a89f9560c2b3396d86bdc4d21ab144c9f950c3773ded815e54773c0dd369acfa7198effef71928c2eca0a15c8dbc430b4335c4cf408d80a00aca","ssdeep":"","tlshash":"9231ad515e99c5771933322a9b3ba228ff3117031901ee033efe57009f31e85aa65ed5","first_seen":"2026-04-28T18:10:28.273183Z","last_seen":"2026-04-28T19:29:34.093108Z","times_seen":6,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/option/rules/getTeam","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"GET /api/option/rules/getTeam HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://pc.goldpocket.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vmB6mHMT%2FoxmsJXC5BTRAqdjP9Xfnw3PNR4Y%2FmhCE7i4HLfGDw36iucxNjox51uR1HPAyMseS2gPhs5kUW4EKw%2FKEOSpWDQx9KOvhJDBOVlTegNQ7HJqCYKqCYBaccbIXLU9nHs7TGA9Lmg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381904eb7a0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6799a56f357e2db219241accbe6bed09","sha1":"2aebefc6f66a5ea206d6d721b13ee41644bb1e54","sha256":"45cd83f3d99b0527145fa4bc41694853be069eb203c3194c2b26a6db4ca4db07","sha512":"bf4ce72e43adab23eaf00a532171108e3f3754f238f189532dda6c074e7276c2bb8c93a10ae3fa36272ea68ba3f1485bcebe2b55706241e0614639f4e0d79e64","ssdeep":"","tlshash":"3680003b080ce88338033888000a0b0020e82080ab200300cc2c02388a08288a082880","first_seen":"2023-11-15T10:07:01Z","last_seen":"2026-04-28T19:45:58.094515Z","times_seen":50,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":335,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/vendor-57821abb.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/vendor-57821abb.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:14 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-f04e2\"\r\nexpires: Wed, 29 Apr 2026 06:23:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wroYX3b72lnMRa1PmeRcGw3Bsq4E0Zm04Up%2BnDYrt6SCinI42dXoNEGlUUljnkeiwx04eNNe4QibL8J708cxn5eJe8VcK8qhXLirAiJM9Xnh8C5l1cC3xvTBxYaukrxTbnxC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d3ae63b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":984290,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"658509941945fdb219afb5ac750c3002","sha1":"7550c9bf2af1d1fc9b848a09cfc26a07d3b6e7fa","sha256":"491e6f9da6cb68089a6f3f4994e462183a300e760c39cdafefcce08085586d34","sha512":"bebecbf7dc8fae9046062649fa605b51e21c94cbc9364ed3ea06a7fb25b7cc552a110389021779d2145883d212fddcb56c3904c9e46f9f4e1dad55060b6b25f0","ssdeep":"24576:4hkc5sJMf4gOt8zP76Zt0JZt0qODOa2g2gWA8RnWH7SO:4hkc5sJMfZzP76Zt0JZt0qODIzguRnW9","tlshash":"b12529c57292f06147ab24e240bb0006f3396e59744d84a8f16dd8eb7d79d89a2b7f3c","first_seen":"2026-04-28T18:10:28.257679Z","last_seen":"2026-04-28T19:29:34.089001Z","times_seen":6,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/common/getUserCoin","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"OPTIONS /api/common/getUserCoin HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://goldpocket.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SuS3vOUtBNw4w1eqwpoCjYpnllszNHCSIN6IBwMbITuyTaXEHu6JKQNoAYLVKcLj8LCStId1dQbsZJEdFLTbRXXTIJMVahnVAlzDYTeLY1rYxUZoOgabIL92zkdUtk1CRvrHRQIoxUaKPh8%3D\"}]}\r\ncf-ray: 9f3818d53bc7b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":709,"timings":{"blocked":55,"dns":4,"connect":1,"send":0,"wait":600,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-08da20c1.css","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-08da20c1.css HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t0Fq1Xvu3r7NZbT0bS5fOBmPHYRmCAzj3pStNR2IyzUlMu4dwib5h0%2Fe8gjeHRtxji4x3IS41sOxqLLlFIDIHbXZ4AdTIlIJjLP8Ap6W0zB6MrpAApwCP7v9EaMe7y67LU5u\"}]}\r\netag: W/\"69ed97bf-3d\"\r\ncontent-encoding: br\r\ncf-ray: 9f3818d53c54b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"609f485085d6f3ef92dce77c2e34548c","sha1":"2dd32919b0aee69cbfd5cb4e62dfbdbb17e59194","sha256":"08da20c120666038eac1018e3293cfefd2376d01dab020ff5cdbf984b8364be8","sha512":"5c27a86cb38553461b4d36bd68878582c364a1f0ad1e04f18523757bda1597b47c931877f15ef1151426c4e90bd5c4a37f025dab2263c00b0fdb7853fc3a8ed9","ssdeep":"","tlshash":"c2a0023d61296404b2224341ff0ae98dce287913ead1a20453021cd536cbe0e276821b","first_seen":"2026-01-02T01:29:05.267325Z","last_seen":"2026-04-28T19:45:58.095216Z","times_seen":39,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":552,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-a4b33414.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:15.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-a4b33414.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-26c0\"\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8SgTjdq%2B68dbtdvYO2656UvvBcN%2BdpoM%2FXtMf93UhX6Sy2p9vlwAZ3UTEilxDu8SwQj%2BHl1eGRjxYdjZWGeStdkI%2Fu9evWzDnjiP0FGxfyEQpkCO0YoByCrvY65EgnDiovj9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d99b4bb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9920,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (9917)","md5":"f7282526b5e3d82eba72de24c7da8c64","sha1":"bdc069b0d2499fc376275b5a095e75647a1d710a","sha256":"bf0620a48dfb7acc4cfb8540f8e0d45b4de21555850068a9b4e9ab0387215cce","sha512":"791a45a401d57cf83643036fb5223d8e10d3630ccc3f6eb4820469255cc17b9147f245a152fe89ea60295678fd77a51f7bc54d8be0734e03a8e7bf3d60896142","ssdeep":"192:u+gZfYUKJk/TdOwd03vI40cmwwh5xNEBLyxmXhvA1tB9:ujAw/pHd0zlwh5xNEBLywp8F","tlshash":"a4220a06b40ac93acef6565ca0e90030718d2fc5a025a4a6f1fe791e17f9db463d6739","first_seen":"2026-04-28T18:10:28.272328Z","last_seen":"2026-04-28T19:29:34.089598Z","times_seen":6,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"vip-cservice.com/assets/style/css/chatStyle.css?v=1777400600652","fqdn":"vip-cservice.com","domain":"vip-cservice.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:21.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vip-cservice.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 03:55:20 GMT","end":"Sun, 12 Jul 2026 03:55:19 GMT"},"fingerprint":{"sha1":"70:AD:9B:85:F7:23:F3:E9:2B:B9:45:E1:ED:B5:7F:59:66:D0:A8:3F","sha256":"56:74:48:8E:C8:62:AB:54:11:1A:5A:19:3B:69:28:EE:A0:49:7F:0E:30:DB:25:6C:9C:BC:38:2A:34:BD:BA:D0"}}},"request":{"raw":"GET /assets/style/css/chatStyle.css?v=1777400600652 HTTP/1.1\r\nHost: vip-cservice.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 27 Oct 2025 16:46:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ffa1e0-b303\"\r\nexpires: Wed, 29 Apr 2026 06:23:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6U7T6Qf4NIIoDJiBVomRxgNHrTGMVyu5UEB9tgiNtu%2Fn4azfKmZzWbVSZcQwEXWII%2F9i98nIw0i2nwufk7IN%2Bs3A5f%2BcJZKK66JZqhq0aBG3rlfkZ369S6CuLPhKkx%2BrrcCs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818fddb76b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45827,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1414), with CRLF line terminators","md5":"7f04d716a07903513dd26bdc041cded9","sha1":"87cc4821c93b3691c2cc6ed6c07504f9c5030d5d","sha256":"eca5ab3a8577e84adaf245950a20cb525d5c762c14576671dbcdfc9a46de476d","sha512":"f4a86fb88cfef3906b7debb45e8d4d02a58f4afbb14ff8479e630c3f8c84f97be7d3996d3e399f29498f31066c28fb7a63d8a83e00bc151686e434bf796cd0a5","ssdeep":"768:b8hjh3T4m4G4/4y738BY8+kJYcJHJlxGSndLcR4xhQ14YYi631N8VNi3rdwLcKda:Izr9l","tlshash":"b423433ceb65218da123b4a9bff16be5af514013df0b06a5b5f17a38c2504bd39712d8","first_seen":"2025-11-30T14:17:39.779365Z","last_seen":"2026-04-28T19:45:58.072469Z","times_seen":80,"resource_available":false,"data":null}},"time_used":814,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":814,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/resource/fonts/Arial.ttf","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:13.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldpocket.click/assets/index-e61add70.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:13 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 1047012\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:41:53 GMT\r\netag: \"69ed9791-ff9e4\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u3VdVE0zN9TeoyDcBxuOoCVJQNwntbjOSX6efPKxHfnmlotFJZtGYJyoV1HaTuST9gXzo0XV7qECfttXiWzuAXj6pAUyptMWBO2R26gjHFiDT3w1aQANOnkhujX%2BrjWHpFxN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818cbeb56b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1047012,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-04-28T19:45:58.093724Z","times_seen":1217,"resource_available":false,"data":null}},"time_used":1683,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":563,"receive":1120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"webapi.goldocket1688.vip/ws/28857ba8-c836-4b69-bdb4-3decdd1288ac","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"GET /ws/28857ba8-c836-4b69-bdb4-3decdd1288ac HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://goldpocket.click\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 9iwugHg4mUPf2v3ByEb68w==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Tue, 28 Apr 2026 18:23:15 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://goldpocket.click\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: 3i6547/JPPWjA8kNKMYENQeF2Ck=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Flq9NbwnT6WEcjkp3XfG1%2F58GumewPhUQP2hNxMssDyGif2XCMENvIaMuqogNHoc8B7yfaxhHT3SmoI5DdA5%2B%2B7ndHQO5myqWXBxyRnYRXO36u0RyPdyMzW%2BqM2J9K6Sc%2BTNyKLWlTTgS9s%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9f3818d459f856c4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=586\u0026min_rtt=535\u0026rtt_var=192\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3130\u0026recv_bytes=1206\u0026delivery_rate=6170454\u0026cwnd=53\u0026unsent_bytes=0\u0026cid=7a5dea3ed4e5ce9f\u0026ts=602\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":653,"timings":{"blocked":0,"dns":23,"connect":23,"send":0,"wait":586,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/PdfViewer-RWlLDR1n.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //js/PdfViewer-RWlLDR1n.js HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-219f69\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IH76ZxajXcZB4dY14KfmRDthkDIRfEvkE0A7RAEm24jI67xARh21XUlenI21ZoKR3rU5wH%2FxfJZUQtlurkz9UgDEQ%2FnGn41hwajZl2Mz6NjAEdmRYSUO46dbqfY4yQdmH5Xm2rCJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818f748cab1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2203497,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"769a446e681e26b400a1910fdc2af2c6","sha1":"aee7c6b6494ed2d1edd30a9ceabe2a9b750562a8","sha256":"2fb3ee52b645183c6d58cbb631248673fdfc7f926b923cb3d2faa5ab09f4e603","sha512":"31cc033e3b9482f3e702b2dae07d18066325e97c10c02be3f74924450d30cd4cb5c36fdae67b7bb01b1dc263ead75af6eb0a74bcea92f4ee1fd38797ce532625","ssdeep":"12288:BkG40pIoOnW2O69x3fOqsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbX:r40pIoOWl6r3dqbOt7aFMzW","tlshash":"c9258d24735a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09633d734","first_seen":"2026-04-28T18:10:28.209773Z","last_seen":"2026-04-28T19:29:34.076039Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1543,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":764,"receive":779,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/test-banner-3-jU8dGHsT.jpg","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/test-banner-3-jU8dGHsT.jpg HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-6ae8a\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kwM2N1XhvNmli32DcnyFGEHDn6aoVhLshJ18DrBRmGAmlfTzK314nhoXyafAA0R4yveh5DKqZ5yY3LnKpA07uOiavlBDLdiVFDrD9cOK4jhtPjmMnmnFUOjGv8NyWSaapcZzQ%2BOn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902891cb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":437898,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 1980x1318, components 3","md5":"61a1eb6b91fef987f87a82431a97f32a","sha1":"250606929f84d1920041751c30d14e850b726984","sha256":"576931b330dda52610362489dd790baa72fa15cee647e3c91f11f8a2c6ac70c0","sha512":"1a5617a2a496c60927e92dc1702ca93c375ff6bb74ef9ac49422854bc56ba0eb4b5c1196774f6900f0132ea2079c82c51618f386a4cb6cec92ae5ceb89e0e441","ssdeep":"6144:86/BLL9ck/rc22A31IfRf886D0+wfrn4ildqVtLaF1SoiKEPBt+74sC8hOZW3bH7://3cU31IfRU86D0lrFvhnEP/sp9HQY","tlshash":"79942324fdc1a597d1275ff7a85a39e94c3643d85a8002db78ccdf022b971ec66af211","first_seen":"2025-09-04T00:18:50.346046Z","last_seen":"2026-04-28T19:45:58.088579Z","times_seen":40,"resource_available":false,"data":null}},"time_used":1468,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":742,"receive":726,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Low_5-C71n8onc.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Low_5-C71n8onc.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-4fb4\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SR1iZPk0sHfP93DWRwRcyNkEX1KEMkahKBaoNDs8oWpQxYNcviIZtdto%2F7tc2ni0ch8kxpha0KXKYbYkd6m0EoJbRUwtp3APVs%2Blt38wexgC%2BMAObp65Ftf9AhQvnTEjR9kFOcvo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902ea1cb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20404,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"92aebd9e0e41071377fcaa664328e73b","sha1":"bca41b209ccb35004a1d926c4f5219e4529331c2","sha256":"df48430fe13782354a476bfa43769b893312990feec6ca44148f705d637d31ee","sha512":"28572d96317587904072f3ba65dc957fe5193e88121c213557038150b43fe06ebfd14eae7c33a5725ce1b05466de57b85eadef136f5d6b146ebe1cdbccd48694","ssdeep":"384:Anr3XfgBsR36w0j9hFNbDNe34iPtNPtshDwG4EMpUxgbRafnDCtDJbeDfibINeuX:Ar/v3oTJCDPzuRDDqCff+nATvqc","tlshash":"6e92d01db90bb4215e1f6150a0e9d23bb69356d024a0d571efcbcab1a8614fecb0f4d7","first_seen":"2024-12-26T23:29:40.10144Z","last_seen":"2026-04-28T19:45:58.083431Z","times_seen":63,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":761,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/user/LoginLog","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:15.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"POST /api/user/LoginLog HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlang: en-US\r\nContent-Length: 2\r\nOrigin: https://goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://goldpocket.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zlRkYNg64abscJKBvU6oGbe17jkDPqIwGiqVzByi0TtOJLqmYNFcH4j5XB503xDEuhernj4Ig84NFeMDdK0NZ3%2FUImm04q1B7s46RwGTrsQANNISgKmlRHphTjgzLOxkvxx9KNxqTQlB1xI%3D\"}]}\r\ncf-ray: 9f3818d8f892b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"3d2e5fb53b8d5de1a79b1d919ff4955c","sha1":"a31977ae114dc5f40d8d3dcbf0bf8bdf872e4281","sha256":"6598c6c1e1c5ac9f379438c2fbc4f2846bb117d2b8820633cc50f6c213508b69","sha512":"bbfa0b4b980346bbd630660f20ea5f1b201cd397048713fcc8987cc032a8aa4d89320b6f26216efccaea32b33471c4eb58124615afc5655bbc90d2fe0fc270a3","ssdeep":"","tlshash":"9090025a94189582255701454156060455f4508d27545a09fe5e9274510466a6583444","first_seen":"2025-07-19T00:50:04.649347Z","last_seen":"2026-04-28T18:27:38.152497Z","times_seen":27,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/index-CoEUZTis.css","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:18.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/index-CoEUZTis.css HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:19 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-2f69d\"\r\nexpires: Wed, 29 Apr 2026 06:23:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BqfTbcjNlsivswUffA75MjSUDDYTiMOR3BKXRY7CQM11Rnfxyct2E6BdRDji0ZyB%2BX23nlxR5jsDF8Ml7zPxUxkrD2q08s4fbT18AZqg76t8gkBIeWXpWiLr5WpyMKsEKuKXSlVx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818ed9fd0b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":194205,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"eb3efb12e3df6254b747ab6cb04bbb36","sha1":"766555e303253aa0a42a32d9d1d7ffba746f31d1","sha256":"54551d4ea138de36fa0be0ced2a36734c73c22c6d98b4d719e8d6254c86ee996","sha512":"aabe7e66a6b890ccaff1e206331393dff7960398b256d7af4a2d820f1c73980352c76e2adb68612aa75316565feabfd301d74c0cba9ef6f27486b7cee11e7ac7","ssdeep":"3072:8KOExgAtraQe7jdCh2CfvkauNgIXPt9giyYam4okKv7b46VZ36:8/ExgAtraQe7jdCh2CfvkauNgYt9+Qkj","tlshash":"5a140cbde28804e53b36cca6d374778e6039f6b2c9951d95f91b801dafc37a106c1a78","first_seen":"2026-04-06T13:27:49.087292Z","last_seen":"2026-04-28T19:45:58.084901Z","times_seen":19,"resource_available":false,"data":null}},"time_used":689,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":687,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/index-tn0RQdqM.css","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/index-tn0RQdqM.css HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: text/css\r\ncontent-length: 0\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\netag: \"69edb295-0\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V%2B3dXEtVjX77ikGJjZBAWEdEHXePSpRtxp1j2QOv3oeKf%2FVjxHtLKQn%2BEgsQJ2l6YBLIiJIcte3foezWdMIJJY2kZwl5vFcgplLv8iO7hAEzBi%2FLCggFmyNrqT%2B%2BLWN1s0I2lCxQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818f73897b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T22:24:20.946542Z","times_seen":14345810,"resource_available":true,"data":null}},"time_used":562,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":562,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/investor-tools-mIchEutl.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/investor-tools-mIchEutl.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-44e75\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=arwQ1pCX69ot2nwza93xy57aOdXvFwWoc%2BBYdNnPwBFkVxDLcZqO%2BtowKhVLpEUz0JNoj7JpN0RWk826OwC5xYCNTY65oYO5y30k%2BCJzYmCPqM03kHHX1J3ApDAcx8oRx1jeRhBn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902a945b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":282229,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1041 x 1012, 8-bit/color RGBA, non-interlaced","md5":"9aed9e0adadd8090ff9340a30b10f11d","sha1":"abef31e250c31e193639efe81a3009a6def4b1fa","sha256":"e53565aaa497f6df7348bd39e7f8dd7a0254901d61c3bbbf7c84a27db6bbac07","sha512":"9273d1c788485714d79d74578ba79f7e32c54f5901831209f8955db96707868980a8d931b956966302db7793d8a069748a38a4f4686abdb7d6a2af65de800879","ssdeep":"6144:1/qcM5MbnWGbV0InJOcl7NuVYi2VD3D5xoEvWQn3v0y8d:1CB5CzV0IJOcl7QVYi2VDb38yC","tlshash":"575412c2cdf6ebe54da9a03972f0db231afd69236691407c4ce1521fa91cbe98975303","first_seen":"2025-09-04T00:18:50.313726Z","last_seen":"2026-04-28T19:45:58.089751Z","times_seen":48,"resource_available":false,"data":null}},"time_used":1404,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":829,"receive":575,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Low_2-DlfMR8Iv.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Low_2-DlfMR8Iv.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-1c70\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ji7IiOwWjvEAgg792rAjCy5PXgc3HjNDQsmx%2FW7AjnJkEMAbb1wqEGFxCRVcM8BFBz0FIJZ%2BjB6tFriEFILy2bYj77Nlnv1wdCF5HXwNqtGiLaLQJCjs0JaDjS6IKKPeKAd4VzHE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902ea0db1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7280,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"3bba6d7047f93b8079b6574966141522","sha1":"6315fa7577ca55f1ea3f1cbdbf1d8c92b88646ce","sha256":"45b87f2619cb785de2ea69042fbad87abecc7d73e6838f6e7e21bb7a4fc24dd9","sha512":"2460ada343603c0555e7015a28f8d72417166827be8e300a741f6557adc9e5aded4ef7d6294f234e777851afa3d39586a8bb61fe461727efda1a975b070b22f8","ssdeep":"96:fSo4ltvV8m5Zcw/IPgUW0Vc0BpNZJfqa6hnliuUxWNBgPe0pSipGDhreyCiK:fSo4rvqAZjiBzZJyaslNzNuPddkDhrV8","tlshash":"8ae1affd77d102087854606a154710309ad06f1beae4ffc689915b839a0b1fcad2e6a8","first_seen":"2025-02-12T08:38:06.871461Z","last_seen":"2026-04-28T19:45:58.077612Z","times_seen":64,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//#/?from=mobile","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T18:23:17.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET // HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:18 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=1,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aUrXD3IycrRxY8hGfu2n0saRoMSpWttbmmSM7W0tA9rQ2inA7ft2lgDTut4E3f2nCUDTUl4L2cg9aAsK%2FRRJgLrqiEFfuiWdFNmqqk%2BLamQDBwckGd4Uj3h32mIUGJRGYnz5iyuZ\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9f3818e9b984b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2502,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"b677ee38abab9ff39c9d6ecd968a43f1","sha1":"8b2992970bda74390398a1892fd748f154d371b9","sha256":"3c9de3f7f1d11e3d0b91f866c9778933a0c6b861237e9b34927fcf4353713404","sha512":"5c41c8bbd1577e2877b0968ad3e45fee671b665ab66694f1fef522a4d1a4ad623fa52b65d16398ebbeb7e0298bdaff417d4085b590285b41a955f5ba6ee5a631","ssdeep":"","tlshash":"eb51f24615fb6911a222b0794b9bb308613299031e09ed84bf8d93502f95317caf7bdd","first_seen":"2026-04-28T18:10:28.223537Z","last_seen":"2026-04-28T19:29:34.095462Z","times_seen":6,"resource_available":true,"data":null}},"time_used":660,"timings":{"blocked":-1,"dns":78,"connect":1,"send":0,"wait":581,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/CookieConsent-BFrl6Lu4.css","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/CookieConsent-BFrl6Lu4.css HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-3681\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=27hLWXPPyQsPASshX5%2FBT2XYjt7N%2FNMo3uBJPSJicL8z%2BNuTd9BPUTyyD5quI2JTWZj7TR%2FIq5vbxS5aGeDW470tiixiOGyhDSvD4ylBsXMlMgHlkDSQfwdlDgj%2BDM9m6loEVasW\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818f748a4b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13953,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13952)","md5":"8d6e7f229697288b0196643f78a317b8","sha1":"0a7cac950cdb468f22826d2152a8dcb5eca6f991","sha256":"e8548c6de265d2e5b9b17d234496c6ecf072761e3322cbb11bd14bf1d1bec9cf","sha512":"564de8d4ab06c49acaff403be20e89bccaf343c327dd97d31c4276be565e5c267f02b319854234c4b8a32b67e8cef9403ee8a324362a19fb3dc1bdba7e7f4ee9","ssdeep":"192:fmUJbiKnehJTJdKSme+jeH1Zpbwyfb6913ZvOvibuC:+UbehJFdKW+SVZpbZfOZmve9","tlshash":"e15232a86300282352134e3656b59bb4de74588387d38d7ea1c1ed94c6b7dbd233f6b8","first_seen":"2025-09-04T00:18:50.35281Z","last_seen":"2026-04-28T19:45:58.083937Z","times_seen":28,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":570,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.goldocket1688.vip/api/option/rules/getVideo","fqdn":"webapi.goldocket1688.vip","domain":"goldocket1688.vip","tld":"vip"},"ip":{"addr":"104.21.37.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldocket1688.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 06:05:00 GMT","end":"Sun, 05 Jul 2026 07:01:58 GMT"},"fingerprint":{"sha1":"A0:DA:F9:D7:5B:A7:AB:93:92:9B:A4:4A:97:38:3B:52:B4:7F:8E:3D","sha256":"3E:91:7A:6B:22:8C:28:D5:77:FF:43:09:B4:00:B7:7D:CD:B7:9A:A2:AC:7C:BA:13:01:77:42:AB:71:64:84:FC"}}},"request":{"raw":"GET /api/option/rules/getVideo HTTP/1.1\r\nHost: webapi.goldocket1688.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://pc.goldpocket.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://pc.goldpocket.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3b5AxYnMRzk7Ut6SLqX3itSSe926ras80S%2BHMM3%2BphJY%2F%2BrQIziwPgOikLsbp1uQvMmCcMhiGt7izGgNyCEhi5IPXr%2FrhAL7v%2Bbn2wWfaXnNjNRqzLd8E9ZPTaFy%2FHBFIKGs1VVTeN7MntQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381904eb7c0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"81ae7b078049a2219423ceba1954d734","sha1":"2cb328ea394c7763c33c127e3d5a03c2448b35d2","sha256":"3d08f73fd242a824c195d98c511c116d537c56670dccdcb6973f8e330d88bbf6","sha512":"098ba5c9515986f67bbec970e534f91f1d3d5270ae726eb215645bfbaf6c7337fe42aaa7c8c9b374740fbcbf22e4507122d44b6691f74f1c05447f9a2d6ef455","ssdeep":"","tlshash":"318004311c0cdc43740334cd4107474010d4305057300310cc5c5134c7041747441c54","first_seen":"2023-11-15T10:07:01Z","last_seen":"2026-04-28T19:45:58.082295Z","times_seen":60,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-23067ed1.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-23067ed1.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZK21vl3Zv1K%2FG40jzv%2BkJypljT3TeSklChQAyMKczsf%2Bp0LzJv8f4dXbBLasBgkN4TQat3JkDEeVOyvn2d%2B%2FGmicWdk7N2iUmFeSaqkWSVIr%2Fd1rza%2FR0kVDTjbji0EgCo0L\"}]}\r\netag: W/\"69ed97bf-344\"\r\ncontent-encoding: br\r\ncf-ray: 9f3818d54cafb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":836,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (835)","md5":"11000909e19162aa1edd6041b9111c8b","sha1":"a29d8d18eba11cde91a7c0e3029855666c0ce1c7","sha256":"2b154c00be6ca0b702ab5ca216df607027b9a5d07d36d8b7efa04f110675a519","sha512":"fa5292ddf45a6c3647a1dd25a051dd729218b47d67cb5d984fc6ba4ceeb126a8c7bba22925ec0fa2e4bc6a4df7e6606f3fcd2932916e2eb9750fb0d04518e33b","ssdeep":"","tlshash":"0501cef6f90cce7f0ea2455412902a4220090f9cf91118d6bc9f7a692bfa800c69e70d","first_seen":"2026-04-28T18:10:28.239009Z","last_seen":"2026-04-28T19:29:34.090182Z","times_seen":6,"resource_available":true,"data":null}},"time_used":547,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Frame%201-CUL4cChQ.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Frame%201-CUL4cChQ.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-129c\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bqlze1fUyd03SDyDni3zldZTUcams727QYgLp%2FhCujANs09PtuWTjbIXAPRttiSuZ%2B%2BF1kFUZz5%2BmchOAqhG%2Ffr1e%2FgOFHUuvTFHiW8TgboTXxSoC804uhoEOoLdP2ocE8H3vtm%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902c9a5b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4764,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit colormap, non-interlaced","md5":"8d212c8ea1591dfa2ba2794f71335ad5","sha1":"d4a46b85989a0fc68543d47374d7fb23b9533649","sha256":"db3891a7c41e37fcb3a5e36143a9c032486bdb2fa3baf924407a47b6a302e276","sha512":"ff704746c4dfe41083ec85ae9f9b807d3dc784b4055bd2ec149c4f8846966b55ee358218746f767e28c7778cdeadab955f976f4bc3c1e022320c7b0df88e34af","ssdeep":"96:Zj/zFb6cLBHNRnCWjwKWsEUW18YYbAcUsFXk8ZpRw:N4cLBtVCr9kAcpFDvy","tlshash":"74a18d25b470107e48e2d366dfae5cc200c4401e4c662fabd28a81bce28cb996473037","first_seen":"2024-12-26T23:29:40.085743Z","last_seen":"2026-04-28T19:45:58.09031Z","times_seen":90,"resource_available":false,"data":null}},"time_used":600,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":600,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Frame%207-DhyADEO1.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Frame%207-DhyADEO1.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-11df\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c65W7xQBeKcnbZZ38qW%2FHUFy8dQoP8VLp0cVzy4NSUPzOs6io%2BT5Jf8iAxFsO6S6nqH2H9g3qbzzv%2Bgtsc%2FOCzdzPdA%2BfLwWzrk%2FAybCr3rCts7tsISQa9RDiJ6bwebCueR5txhq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902d9f0b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4575,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"c32c604441f656c4eda637db0ce64fc3","sha1":"a936a84c35f34bec6296ccea1ca277ed492b3f37","sha256":"c1011c258b378ecd5b229f60bb4de768c1c1644d5e2acdca24076192b771d0f5","sha512":"552ee2eaef75d4aa9bc1cd49166d4aa8253dbe56488a325c4d670cc41f4dc88f424a2bc6ef42e190dbe651c90a9e0cdcc463fd6b6e778f17ec8a077ceeac0c75","ssdeep":"96:fSZLP23oemB7OTWDyKhsF40UKFEcHp4u9uXBIu++6at42k09B:fSJhxYEXsFLUKicKNR9++R4LE","tlshash":"09916c15efb1b3227f10ce36866a5811a71609fba54d20ae958d586c66143b37caf04b","first_seen":"2024-12-26T23:29:40.059828Z","last_seen":"2026-04-28T19:45:58.089174Z","times_seen":65,"resource_available":false,"data":null}},"time_used":660,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":660,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/Frame%208-QBBarmw8.png","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:22.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/Frame%208-QBBarmw8.png HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:22 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-117e\"\r\nexpires: Thu, 28 May 2026 18:23:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uD2fffDvZDWCdipqsYDt37EO5rXkIBaF8MKC4dG%2FekECB0C%2FECAkBiIUVkJod7wRKnZntzx96PI%2FiWE8%2FI17xZ%2BvYjWi%2Fg6C6tPyOHGi1Q6Fh71d8mymnwCQdH71Q0VT2OTOKYv3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f381902d9f7b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4478,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 216 x 80, 8-bit/color RGBA, non-interlaced","md5":"e7cfd72af14d344bb50ac6a368b99779","sha1":"6d04bc54730a8609351237bafbb0bfc98a07e131","sha256":"180400a26cb69fe17d05af323409d39541eaa734be725363518ebdfb431b8164","sha512":"f981285edc92363ec2c515204f81363c61eb8c8b8bee5cae16b48d9a90866f64e7313813ba306a5d0a9d93b45dd9d7f62341667922f5a4b6d52202ed3573a4e4","ssdeep":"96:fSpM9j52pIOAY8e34ByvkJ8Z0LasASip3bJBK44pv6mb2:fSm94pIOAYgE9S744pO","tlshash":"27917d9dc1239d25cde6caeeafa46ccd7c8d7f009d25726880a5247526040ec4b3e68b","first_seen":"2024-12-26T23:29:40.08069Z","last_seen":"2026-04-28T19:45:58.073557Z","times_seen":65,"resource_available":false,"data":null}},"time_used":654,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":654,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T18:23:11.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:12 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PUjTeQ0uqmWFiZyRMl5YoWOlE8Bm1wyoTEEpHh8RETcjt1ZL2S7va3T1oAfkGW6bw1C%2BsVL9OF34XQycDQWmoyH8dFPHCziUuB4v6oitCMnHACbig4uHYAIDKDqO3ikfT1Hq\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9f3818c0aff8568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3211,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (435), with CRLF, LF line terminators","md5":"58d9f548d10555f3116825142a6943b2","sha1":"b4b2a95ae4ac9070607cf80baf2df75179f12354","sha256":"6fb79136a2dad67046b2c055d1609c7ba00325379afb8e711425483afe7bfa3e","sha512":"1878b1a3026b47ad663a9ab34e1eb1d81a763d643ea013ed2a7d5650e1d441decb0f318c00aa60bddd1158a37fad0f574e7e2e03efe7b30789a1368a7d23da0c","ssdeep":"","tlshash":"536131a3a8a0896a03b1492ba9d7f00cef905653851d9840b4dc50ff5fb2fd6ccd7a76","first_seen":"2026-04-28T18:10:28.232067Z","last_seen":"2026-04-28T19:29:34.103505Z","times_seen":6,"resource_available":true,"data":null}},"time_used":689,"timings":{"blocked":61,"dns":35,"connect":1,"send":0,"wait":567,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-bc011be9.css","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-bc011be9.css HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3xLM8LbZBvU%2FkeJ4FYvPUEhos4ho6HjISCP9ZZh2G%2FixsMernEu%2B82rEYneMbVAl2Sg1uhis06FTyQV3%2FtLoTl5g2X9PMI5JfOkrsxIuTsAaDKYAuMnOcpuOYX6iP1ZTeoWq\"}]}\r\netag: W/\"69ed97bf-18d\"\r\ncontent-encoding: br\r\ncf-ray: 9f3818d51be9b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":397,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (396)","md5":"5353ff252ee4a5e7a3d0176de6a6c712","sha1":"c83942b5dfdb4aa8be53f26b39e53b0b257595e0","sha256":"bc011be90fd6cd33a399912151a5f69ba0d8e394563c71c4c1bea7a4ec032516","sha512":"9a17506817918ef0c9a5d0caebaed8f603641dc1015a726bdf247645a7e0a988b543756d7254abafa18dd4cd9d27c9a198300632156faf59f05c1e27f0a5e30a","ssdeep":"","tlshash":"5ae092c890d6927fb62b607d267c931ad425ac88d8007bb8e67fabb146c7ac53172215","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-04-28T19:45:58.082908Z","times_seen":638,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":551,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//js/index-BOxpxY4i.js","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:18.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //js/index-BOxpxY4i.js HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:19 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-13130f\"\r\nexpires: Wed, 29 Apr 2026 06:23:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UmhK%2BZtlJmIyiO95FWig1ZrWkx9VH5unUdd%2F8pM3VUcxYMqciDXbrGh4Q2ytRxVDgq7vCAQtZOUvXraLZ3HUmo4W%2FBhaW9rUaGi%2FNQCXTXklFquxCvLvlc%2BJxBJZCKa5VnnHRSu1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818ed9fcdb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1250063,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32818)","md5":"bdabf02783329ba20b1b9229d5d59509","sha1":"704f772399bccbc1ea2216d93d7dcff4f25cef28","sha256":"d928350da561b77169c8152dcef8d97a761f67c75ac155a35bcf09c576a76cf0","sha512":"ab9aa814e6ae264ba4f7aabc31a30b50f756fcfcfa43965fa6f723e956b51b18169ee28d7433b93ce97e9dfe0ad794b5f533f6af1357f2ffd34e4142c5f8e6c3","ssdeep":"24576:6PyInRsAX7oM7cPXJn7MeTZZXX7ZTZJIbbfjMHbGz:6PyInRsAX7oM7cPr3qzEbGz","tlshash":"67359eacbdc6b46806f3c7a9a0e71104b2741e45f946c0e4f9ecc56a11e1e6de297f38","first_seen":"2026-04-28T18:10:28.264368Z","last_seen":"2026-04-28T19:29:34.072761Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":739,"receive":589,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.02d7484b4f7ee48c6a62b7ce68d372be2.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.237","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:21.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.02d7484b4f7ee48c6a62b7ce68d372be2.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 28 Apr 2026 18:23:22 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 10828\r\nConnection: keep-alive\r\nx-oss-request-id: 69F0FB1A68F5793033B18D74\r\nAccept-Ranges: bytes\r\nETag: \"DE457A5909B3BC1F01DCAEAD427A3837\"\r\nLast-Modified: Sat, 12 Apr 2025 17:12:44 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16626352392200013147\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 3kV6WQmzvB8B3K6tQno4Nw==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":10828,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 243 x 225, 8-bit/color RGBA, non-interlaced","md5":"de457a5909b3bc1f01dcaead427a3837","sha1":"55d01a85163c0101ba9c8cfd2fab8a05b577d75c","sha256":"efdb48c1076a951f303b048c8bcfe70882e0e8cd4acfd39da46b18920fc55e63","sha512":"2a14eded43f3acfd54ea4a36fd265ac4f70a8c826036ba8910a7a4eebfd1cc464fc537a296810aae51ac3f1171ce756b30f7e2be69029c578e3dd310685f2f37","ssdeep":"192:c2SEQ052gnwnOAO+v6Og2jIXz3WOaxowg70eWHqXAk2lWe3UVMVJx96BF+JaCtB:cZH0MswK+v6O/03FLw/hHq+3Ui2XEl","tlshash":"3d22aea0136de5a7fcc530a0578248b5750c92e2d791ee48f1d3eef86ce5c90a9f0881","first_seen":"2025-09-04T00:18:50.347386Z","last_seen":"2026-04-28T19:29:34.082741Z","times_seen":7,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":264,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/PdfViewer-jwhQnCfx.css","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/PdfViewer-jwhQnCfx.css HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lM9rrdJYQjDwYqmuTDaJhfng%2Fw0oCacWX4KVtXBbIhC82Ls240P5VWp60PKBNWjMBNEtH51zSfpe9kz7zCXjGg3YET1oOLNYe9Rk7J1u76Rlbl9ZnOUgeHxfeRRNweV%2B8YGEM6jB\"}]}\r\netag: W/\"69edb295-5f\"\r\ncontent-encoding: br\r\ncf-ray: 9f3818f7388db1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c439a7310a8063562461d46b3035ad78","sha1":"67c60ebf7e20dddcf9853fc50ca4460e3fd25462","sha256":"4b9e3742eed481eea512c3004a6b6811b9c6b449a598ca409aa3ee49454d7fa0","sha512":"0f608bda78d0477835af6d2b57c18ac810c79e09d46f121908b4e424cae43815947889ac5a606ee259373551cc870f520721555cc5e4c9dd2bb24d5934d4cd10","ssdeep":"","tlshash":"e7b01223f2c4a04c15111000a005337c193c410893010cf04917b735023a283a621041","first_seen":"2025-12-01T22:48:41.440533Z","last_seen":"2026-04-28T19:45:58.065761Z","times_seen":23,"resource_available":false,"data":null}},"time_used":548,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":548,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldpocket.click/assets/index-a4b33414.js","fqdn":"goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://goldpocket.click/","date":"2026-04-28T18:23:14.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET /assets/index-a4b33414.js HTTP/1.1\r\nHost: goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 04:42:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ed97bf-26c0\"\r\nexpires: Wed, 29 Apr 2026 06:23:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kMatAVro5%2FbqxCn%2FuwDYheA6j0LBgOod%2F9%2BkvCMbrdqxcMBe3iop906MW9VRCMIN%2Fn9uM9JKO9F01m%2BRWbjp9Tr%2BV6Sn7Llm6WWgUKdhCJ1WrCKj8iav9CmGmGiRxzSiOjSb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818d54ca3b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9920,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (9917)","md5":"f7282526b5e3d82eba72de24c7da8c64","sha1":"bdc069b0d2499fc376275b5a095e75647a1d710a","sha256":"bf0620a48dfb7acc4cfb8540f8e0d45b4de21555850068a9b4e9ab0387215cce","sha512":"791a45a401d57cf83643036fb5223d8e10d3630ccc3f6eb4820469255cc17b9147f245a152fe89ea60295678fd77a51f7bc54d8be0734e03a8e7bf3d60896142","ssdeep":"192:u+gZfYUKJk/TdOwd03vI40cmwwh5xNEBLyxmXhvA1tB9:ujAw/pHd0zlwh5xNEBLywp8F","tlshash":"a4220a06b40ac93acef6565ca0e90030718d2fc5a025a4a6f1fe791e17f9db463d6739","first_seen":"2026-04-28T18:10:28.272328Z","last_seen":"2026-04-28T19:29:34.089598Z","times_seen":6,"resource_available":true,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.goldpocket.click//assets/index-b5JnzVdM.css","fqdn":"pc.goldpocket.click","domain":"goldpocket.click","tld":"click"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pc.goldpocket.click//#/?from=mobile","date":"2026-04-28T18:23:20.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goldpocket.click","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 05 Apr 2026 15:47:27 GMT","end":"Sat, 04 Jul 2026 16:45:50 GMT"},"fingerprint":{"sha1":"BC:60:01:34:CD:05:7A:47:5C:6C:0B:6F:1A:49:CA:5B:2F:CE:2D:82","sha256":"53:8B:D9:F7:BC:16:95:EC:B4:F5:F7:92:BB:5F:D9:A6:83:C9:D8:71:A0:76:26:F1:80:57:31:DC:94:37:D2:4D"}}},"request":{"raw":"GET //assets/index-b5JnzVdM.css HTTP/1.1\r\nHost: pc.goldpocket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 18:23:20 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 26 Apr 2026 06:37:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69edb295-5f6\"\r\nexpires: Wed, 29 Apr 2026 06:23:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vfy7FcLoncv1S0PQDKOql71B9KyM9VR%2Bg11D3%2B1e9dv3vaU2asbb1suBvxTkwhsD%2FFwnRZS%2B%2FLja6NJl%2BmT1jk1HsWo2o99gGW4%2Fh%2BEmG%2BLzZfdeljG8u4zAI7sKWqs0G%2BUMba0p\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f3818f748b7b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1526,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1525)","md5":"a6a8f8c97ec3da73084a5db5eb486b27","sha1":"e8f2568691d0b6105d0f8ddbefd852c0c4e551e7","sha256":"58deb49c15c8796fdcab9de01d5605a94f51746f0ef857aea798a379ebe8eeb2","sha512":"5b12a4d580a7d9a480baa492a79daa2edf63785da7aa4e7441ea19b2a44061a3cce2e8b5bad43f2e1869b595d76c772e2472b1fd90dd7450226b52ccc5314042","ssdeep":"","tlshash":"ad31ff1966042528d0fbee48e4d0630da330f3639b7a05c963612b10dd8b36731385ed","first_seen":"2025-12-01T22:48:41.449516Z","last_seen":"2026-04-28T19:45:58.074481Z","times_seen":23,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"pc.goldpocket.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}