{"report_id":"a2e7618b-5884-4822-b422-eacd2b7b4f7d","version":6,"status":"done","tags":[],"date":"2026-02-16T13:33:55Z","url":{"schema":"http","addr":"goldenmaskclub.ru","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":0,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"goldenmaskclub.ru/","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"title":"goldenmaskclub.ru","dom":{"size":24805,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (457)","md5":"d82c5872b0351510aaa7c3c33da9119d","sha1":"8509d8229fc423cf819c3b3679c6cf9d7988c995","sha256":"9ab182955c96a8d519512ca6c57fb1af4313b24f601726b038416465b2c7dee3","sha512":"4ce5c4561dbd65689d8c2524a049f0e43f4b3b3fe54fbcb771853e424523ab161fd096b15e62974f84ac4ceb1a59b75851a8c7c227f061120d21e7ce76bb30e0","ssdeep":"384:jF4OOxXxi7pmn5RaaEbJPxUawENVjEQEG9IPE3V6Aw:jF4OOxXxi7pm73MJ5pj4DGPw","tlshash":"bab2e6b0ab5c1567071320a0d82aa1e9743e483d6f0bceebfc79147a70e1c84c67e9e1","dom_hash":"domhash9a0f52d6670a9ea926d8c09bcb414898","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"goldenmaskclub.ru","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":0,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-23T13:33:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"ggl2.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"ggl2.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"ggl2.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"ggl2.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-15T22:14:55.382377Z","alert_count":0,"request_count":1,"received_data":8834,"sent_data":541,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ggl2.ru","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-07-16","domain_rank":0,"first_seen":"2025-10-05T12:15:00.064537Z","last_seen":"2026-02-08T06:43:51.311091Z","alert_count":4,"request_count":1,"received_data":0,"sent_data":404,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-15T22:17:53.373077Z","alert_count":0,"request_count":1,"received_data":1887,"sent_data":473,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"stalmokas.ru","ip":{"addr":"104.21.59.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-05-21","domain_rank":0,"first_seen":"2018-06-23T06:32:43Z","last_seen":"2026-02-04T07:30:24.420992Z","alert_count":0,"request_count":2,"received_data":320,"sent_data":920,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"goldenmaskclub.ru","ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"domain_registered":"2025-10-02","domain_rank":7330095,"first_seen":"2026-02-16T02:38:44.715215Z","last_seen":"2026-02-16T02:38:44.715215Z","alert_count":26,"request_count":26,"received_data":1071783,"sent_data":12456,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"parallax.js:4.6.2","description":"Simple parallax scrolling effect.","website":"https://github.com/pixelcog/parallax.js","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"imagesLoaded:5.0.0","description":"jQuery plugin for seeing if the images are loaded.","website":"https://imagesloaded.desandro.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-02-15T23:01:11.547642Z","alert_count":0,"request_count":1,"received_data":14173,"sent_data":440,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"goldenmaskclub.ru/tie-scripts-js-extra","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"63c95fad24f5354f22ed4144888f798e","sha1":"bbf023e36f7b6881c2c1c2e47de0fbfaf92d709c","sha256":"483c77e5761fb1ebb16b636cd87011b27b5acf6b7464ba1ed622fd65ea077c3e","sha512":"049d323c5e8eb2c7bbdeffd07fe5c0c5fd099d599dbcc4a9000788099bc64855f3fc573af4e896ad531025525cbfe3ca29f473040e101782ba1d1b8e06cc8761","ssdeep":"","tlshash":"90211401e6404c77029f45fbb8136a7821c81142c56d6e5bdce84d4cdfba904a6cab0b","size":1361,"data":"","first_seen":"2026-02-16T13:33:59.146619Z","last_seen":"2026-02-16T13:37:18.787946Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/js/scripts.min.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b3022f9d2802b3b03136d44c2cca856","sha1":"6f74479f1b3c85de92841fd72400348d08d7197e","sha256":"656db82bff854206090132e761f9f6fff574503843af9092c8262f15a56c8425","sha512":"658497ade63d2422e478fb8e1d08ccebde90f0bb630f69cf121e28120af2f6b57667c3e55e3b63b7cafe14cf6689716232a59735269889255f25f3e5a747db69","ssdeep":"384:U/Yv8IG7Z6YfbZLOgFsoaqStGmnBVpeUjI7QtygzfZ7LP5JFglmRI20vgb5CCs7x:U/YviZPdOgFsoacmnBVpxI7QtygzB7l+","tlshash":"3c82c748724074fa11bf30bae53f7212b1676936eb07845060bb90b86d3dd852267ebf","size":18404,"data":"","first_seen":"2023-03-07T12:08:03Z","last_seen":"2026-04-08T23:42:00.66564Z","times_seen":93,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/wp-emoji-loader.min.js","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"56fd4776b68ffb73325200a753c427b3","sha1":"8f3543f8ddc21f1d1b2ae5816ec23794a727d6b2","sha256":"b403a7e6d97c41ec99430324a3ae3daf38ae4bb0468a11d6bc24351f78e46a19","sha512":"5703e8fdfa17a4fed53d3f95edfb0dcde582b590d2dbabf738747c7fea75e9fc5ca12111e71938f13cfbc71060d19da8c8571b6beee1ee00285daafa5c2f815f","ssdeep":"","tlshash":"b661969ae77a3cdbb2f900f2697a0d47eb614435d6c8d438c9bda3141cb5893c274b46","size":3400,"data":"","first_seen":"2026-02-16T13:33:59.14743Z","last_seen":"2026-02-16T13:37:18.789593Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"68422d08ad72124f3cfe52b7e051a495","sha1":"8c1b88b7a422b61fc6d28a6b8ba2b17ea9d038de","sha256":"a35e01ec476ba2dbfffaacc084a7bc41e5e31334fe19bae727235cbf02a5465f","sha512":"da92b8c95ae9c9440bc65940e54d588b57318f343151826fc0602a43c1802b3412aac2ff4e0ef9004a719f0b9c70d21e9179bc3cf3c30ad5296e7f812d5c116a","ssdeep":"","tlshash":"f2b09220b1823c7d024072213ee893a47c3a83e0fbc22105803c155f7871928a040eb1","size":124,"data":"","first_seen":"2025-10-18T16:22:09.567353Z","last_seen":"2026-04-08T23:42:00.674641Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/js/parallax.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e03be2b2bf0ee6a76b11aac23d4b60a","sha1":"d44dd765e2da226b3c9c848a127f4eac81d35acb","sha256":"d8a5f81391bc3da5244f17db4af427303ebb7bcc09bfe3e5ca14c50eb2a1a66c","sha512":"b3b553482b31b2ef14ab6d12cf54bdafe8b18f2470f116309b9e80fd383dab8dde008903f05fb041f7c7243e755d295bc0b40a983e56e98c7c058e52c9761619","ssdeep":"384:tv70FQS6XA90nxCbX9s+aO5tl+aL8/rXh0WydPk0o7/6BAeVU0yhVS:90SS6XA9KxCbXm+P5z+W8zoe5T6BA5hQ","tlshash":"d7b2c76d3320731142f325e9f81f110d30395a39a246cb36a03ad6ee696cd4a95f7f7a","size":24004,"data":"","first_seen":"2023-03-08T14:30:05Z","last_seen":"2026-04-08T23:42:00.662728Z","times_seen":151,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/js/random.js?1","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc1575f913a1f1f30924869d238ba9a2","sha1":"f463856b65abf366fa1273a8e31c40b97a5a18e3","sha256":"f19488eb3dfd6649178fdd3a6ff9e5333c0bc5ed18b61a869f4f8a610628af73","sha512":"0539b8146117654821178474e453df5a8ce878ede0a241b20b61054feabed705eae94fc17eda10df1bc67a0953fcbc877cb688568200298de4509d007f564eb7","ssdeep":"","tlshash":"c7212608fefc635604be145cd46f5288ab1e28f2bf4a0c62d87430ad466c5753011e1f","size":1323,"data":"","first_seen":"2025-10-18T16:22:09.467939Z","last_seen":"2026-04-08T23:42:00.648334Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/js/jquery-3.3.1.min.js","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-10T15:53:39.07199Z","times_seen":120084,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/comment-reply.min.js?ver=6.9.1","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4a49df71f8b98c1d9f9d8fce74d89e8","sha1":"b95fcda0c8c26305ad94e80343d0cfca8a048a10","sha256":"9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f","sha512":"42cd5f854779886f24c43ed14617380110c946d1b430b454060c3b391de6fbae6d0ed8ab7cdd7cfdc9726b2d6142a4e01c4448e36088dfcee7fdd00b60909f89","ssdeep":"","tlshash":"5051a7d437c95d762a83b3395efe930271712709a50805608826c86931bcfea63b67fe","size":3026,"data":"","first_seen":"2024-11-13T06:33:24.856382Z","last_seen":"2026-04-10T15:53:20.88994Z","times_seen":58605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"560734840376d0a3ebfa866b22b55586","sha1":"c26f7f1cd1dd7ddbef93b56d88878d0dfd1d76bb","sha256":"107e34bbcc967fdf23222c32fd841208d2b511f36e45f27adfed44da5a78a80c","sha512":"0709047b650aa5a5607ed8202437c76ea2a6d5e8d8bbdd2c2659e3138caa275f6a83cfbd5e3f4f784ca632876f29da7a54ee30fe2f116cdf2ae7fec54b1f0143","ssdeep":"","tlshash":"4111100166804c7b029f46dbb8136a7821c81182096d6e9bdce88d4cdfba904a6cab0b","size":973,"data":"","first_seen":"2026-02-16T13:33:59.148968Z","last_seen":"2026-02-16T13:37:18.792574Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/imagesloaded.min.js?ver=5.0.0","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"6823120876c9afc8929418c9a6f8e343","sha1":"90b0adb37d70ffec5f9189c36bb0027c310c9502","sha256":"b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1","sha512":"63d84226815c831245754adb30040ee72dcf218d01f991a5619675374bbe3b706e3721d32f5120d9d27e500813e8214244992b3875b3a7e7e4bc7ded5201183a","ssdeep":"96:PwSrH5hrG6Qpw1rIN2Bkqsu6B89w1y+7Y3qv5StcXyuC0r4oYeTnf49uVhWWTfju:PwSrq6Qpw1rI2k1u6i9woa3hSSCP9+XC","tlshash":"00b1318db7737563125aa0f2b31b430ab3b6509ea128419d765cecf39cb490a1973fb0","size":5520,"data":"","first_seen":"2023-11-08T01:34:44Z","last_seen":"2026-04-10T15:56:05.535358Z","times_seen":150833,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/js/desktop.min.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"62afe01268550fa75c098d1145fe693b","sha1":"359463fd1984698a2551e1b53646734082bef3e4","sha256":"66d4707b9abcd6966cd20f380f07b355633f6de76350daabfe058085f63b3942","sha512":"7ba8186a8e61d8ae086c7c2ffe5e0fab55e5a4eafb1f4fdae7bc22098ce1ddbf80297d805080c50c1df1fd67f7f7475149250f8abfc04c55c7a398e9fedce82b","ssdeep":"768:MI+QRWTNvA2Y8BIaDTOXpzr9UkjHoI9WTeR1dbcydLNdT7MwbJcH5sbERgXRaHKn:MIeTCGTOZzSkUI9vdbcydB17yfRgo1C","tlshash":"0f532aa8330134b752ebab8f502f41097232595667468474757dccfc2fb0aaa22a7f7d","size":62792,"data":"","first_seen":"2023-03-07T01:20:18Z","last_seen":"2026-04-08T23:42:00.659705Z","times_seen":92,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.9.1","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-04-10T15:56:05.460604Z","times_seen":140588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-10T15:55:48.675549Z","times_seen":652650,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/js/sliders.min.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"e97351c97d3c26bdb7bfc4a6ec2f699d","sha1":"a2f426e9f2e89559aed9d81ad80714563496d0ff","sha256":"295eb9ae7af785e206fa0c2b412e00b1073747b8a69ca82d634a9654ad8515a3","sha512":"f9e34b0d7e2e434cdf9cfe196ebffab58c05035cb327767474fd2e983ad8a7a0b1d3595079298336bceda56f0aaa2120fcbba635786a370e626442752b049438","ssdeep":"768:WuDiMx5/KCJkxviq6l28dLwhIkyiJkmM+5H2h7l0xNQh5FP7vsnYOu2P:Ft8vF6lZ0vy59fm","tlshash":"6b23a609e1042727c5eb61e62105c50eb3f7fa78ab12c1a471d6d7eb606ec0886d7bf9","size":49250,"data":"","first_seen":"2023-03-07T01:20:18Z","last_seen":"2026-04-08T23:42:00.662132Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/webfont/1/webfont.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c96a5f11d9741541d5e3c42ff6380d7","sha1":"d3fa2564c021cf730e58ffddb138cf6b57ed126e","sha256":"81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee","sha512":"23c162a2e268951729b580e5035ad6ca9969cfcc5ce58a220817b912e76b38be6c29c3ca7680cb4e8198863d95a72ea65bd06ff7189b5c8475e4c1ce501aeab1","ssdeep":"384:i11kqRm4UjryX2DfatZrT80NCGz5r2zItrX:iEqRm4cy338m7d","tlshash":"7942c65d7652b26a825280f2177f060b9576fa2ab844c0bc7a89d8d46c74db8037ff7c","size":13188,"data":"","first_seen":"2023-03-07T01:03:17Z","last_seen":"2026-04-10T15:53:27.172404Z","times_seen":49213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/random.php","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"609dee878f9c479bb2616212ff7bb874","sha1":"8748c43c7c901c23e6c9971e99eb5abda71fdd61","sha256":"3cb9de80ddc57f07146d81142013db15f5ca5c5e2e4ceb2272737038528087e8","sha512":"71fb42e5d7fa3bc7511ef52416bc204f826789bae0ee0e153123fd605f4673b8d57e2fc5bd4191b25cb731f567b41881cde10f4bd61b605301950eca265feb20","ssdeep":"192:hrNGB4Mn5R6ZcLi/zHWgs0PhvUcLi/zbENNLjEQEdu/J7u:/mn5RaaEbJPxUawENVjEQEG6","tlshash":"1c5286f5ae2c11670b572114882ae1bc782d24393f1bceab6c9c546f70f1d98c6bc9e0","size":14173,"data":"","first_seen":"2026-02-08T06:43:52.933817Z","last_seen":"2026-04-08T23:42:00.677604Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-10T15:55:48.66773Z","times_seen":700959,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/js/live-search.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"86a4407b89c66d2dccb95b1319950696","sha1":"372e889f0916a811d19a10950554a5586b89ac70","sha256":"00a1346c0e63df97eca33ec1ff32a778caa5b6612cde78986e391c17eeb10e87","sha512":"19e40381b6bfb3ea7e1216cd54d82d50500daf6154fe07fa8255613b4b974bcf0c2d6f2a3e87fae06eb1d6bb97a02a41a0594fabae0456b4acfaca0945d9cf5c","ssdeep":"384:+01y7FC0nLsNVuFWYXRAFbAx6fVio85N3fweE5Qx:r0pFYNVu0FMx+v85Nn","tlshash":"0552b808b3416672c3eb609dc99b050ea97bbd153c06249c762ec9c98d79f0ca1efb75","size":14323,"data":"","first_seen":"2023-03-07T01:20:18Z","last_seen":"2026-04-08T23:42:00.641083Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/random.php","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"0d11b7544fb9a05d9316d22b93ffb291","sha1":"2eb2572fa945e1d08d592831af21bb7c574f6502","sha256":"d86fbdfa4e43b106f0103797a59c4c2b2eb9d792b909d22a237d4a8bd679f2b7","sha512":"234324a4ed54a3c0590418ea26e0e6e5de7e58e2c6adad568352bca82843bd6d5ed288524925bb87406dc391a6dcb1e70111abff2fa31e477574788ff1dbe630","ssdeep":"","tlshash":"f8c01229995a394150a955054e2a16746168411bdd2584107f8c82d15f9416b2931758","size":185,"data":"","first_seen":"2026-02-04T07:30:29.454643Z","last_seen":"2026-04-08T23:42:00.682785Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"stalmokas.ru/img/","fqdn":"stalmokas.ru","domain":"stalmokas.ru","tld":"ru"},"ip":{"addr":"104.21.59.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:35.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"stalmokas.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 11 Feb 2026 15:15:23 GMT","end":"Tue, 12 May 2026 16:12:31 GMT"},"fingerprint":{"sha1":"EF:BD:C8:A2:C7:37:FC:46:AE:5F:A7:F2:F4:FE:9C:F3:0A:16:D6:8F","sha256":"8B:13:37:98:33:67:8D:82:7D:05:F6:D0:73:9B:9D:22:98:EB:68:E8:98:47:5C:BB:E8:4D:00:80:0F:1C:F9:62"}}},"request":{"raw":"GET /img/%kaicat%/video-bg/%kairand%.mp4 HTTP/1.1\r\nHost: stalmokas.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br, identity\r\nDNT: 1\r\nRange: bytes=0-\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\nserver: cloudflare\r\ndate: Mon, 16 Feb 2026 13:33:35 GMT\r\ncontent-type: text/html\r\ncontent-length: 155\r\ncf-ray: -\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T15:55:52.128321Z","times_seen":13584587,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/css/base.min.css?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/css/base.min.css?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 35133\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-893d\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35133,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (35132)","md5":"502195a02c57f6aef88cdf5616154d5f","sha1":"5e12680e1dc8dd4ad7b2f66e7db774136b82347c","sha256":"2b3864260e56788b71f61f7024bfda4400c72e1fa9b5f12196e799d758321cca","sha512":"5e002384dba2a2fc50622784182b62e723e1bbf5a8096f537571c72b3ee2634a1378c2664fe51c4436604be43f2bb2af59fe6d020e7ca1ae0f881a90092e0bf6","ssdeep":"768:9HL0cs850ZtPZMPcClc1Jn1XoD1Yjksjkkm9rg6rsblIq:9HZ+WpsblIq","tlshash":"b0f27571c15438582033536ce9b2fb6927e85102eb6706eff2926e1e8fc72475572e8e","first_seen":"2023-05-04T18:59:48Z","last_seen":"2026-04-08T23:42:00.661024Z","times_seen":96,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":30,"receive":291,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.9.1","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:35.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=6.9.1 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:35 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 22762\r\nLast-Modified: Fri, 07 Nov 2025 11:44:34 GMT\r\nConnection: keep-alive\r\nETag: \"690ddba2-58ea\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22762,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-04-10T15:56:05.460604Z","times_seen":140588,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/webfont/1/webfont.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:35.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /ajax/libs/webfont/1/webfont.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 5437\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 06:36:03 GMT\r\nexpires: Sat, 13 Feb 2027 06:36:03 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 284252\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13188,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2134)","md5":"7c96a5f11d9741541d5e3c42ff6380d7","sha1":"d3fa2564c021cf730e58ffddb138cf6b57ed126e","sha256":"81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee","sha512":"23c162a2e268951729b580e5035ad6ca9969cfcc5ce58a220817b912e76b38be6c29c3ca7680cb4e8198863d95a72ea65bd06ff7189b5c8475e4c1ce501aeab1","ssdeep":"384:i11kqRm4UjryX2DfatZrT80NCGz5r2zItrX:iEqRm4cy338m7d","tlshash":"7942c65d7652b26a825280f2177f060b9576fa2ab844c0bc7a89d8d46c74db8037ff7c","first_seen":"2023-03-07T01:03:17Z","last_seen":"2026-04-10T15:53:27.172404Z","times_seen":49213,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":90,"dns":40,"connect":8,"send":0,"wait":8,"receive":1,"ssl":81},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/images/default-cover-image.jpg","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goldenmaskclub.ru/random.php","date":"2026-02-16T13:33:35.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/images/default-cover-image.jpg HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/random.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:35 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 14967\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-3a77\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14967,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 960x960, components 3","md5":"bd7314c56c40110795daf08bbc589d7b","sha1":"5d52e7470bd9bf63b8a89df66248ada1b25b4be1","sha256":"18473a66497282a83e10f8bf6b9d417e4a0272f4eb3b534c949219ebed60052b","sha512":"45d2f3d8e3fb54ea5e55ff01cf0deac566c5130529de04083b3aa34659e05e46c5b3a1f236bb20498c489fd608e8ab683974ce40ace8512e8b28bb2d4be03c6c","ssdeep":"192:cOWyGA43+tcfnuEsUw4W1xiqLCtJ3R8ZC1x0LiT3R8V:tW6z6foUQ1sqLCtdRGCULp","tlshash":"5462d7a35f8447a7c84d4bb594b70b2abf275cfde6884543e6fa923254ba364fc9c040","first_seen":"2025-10-18T16:22:09.37656Z","last_seen":"2026-04-08T23:42:00.657272Z","times_seen":56,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":289,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/style.css","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/style.css HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 1199\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-4af\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1199,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"cbbd6dc1646cbb047ae11a08b443bf06","sha1":"8196cd1c85707f94eef40efeaba660eaead32c46","sha256":"6b072c46090ddf46093d426992d37f027dc383ca2f6476ac8cc7df85b87a33bb","sha512":"b11d9cb2fc14311710b0514e00a47f36d427b170ff32521d4f395ffa9a883c824cf9f8476f273b2fd4fecfd91d2953fa5d46434e306df453fff66ff0c8493170","ssdeep":"","tlshash":"eb2162b450f433f129d15203bd28e01dab8683947ffc19a5f4cd3a14371ab3683a4278","first_seen":"2026-02-04T07:30:29.402684Z","last_seen":"2026-02-16T13:37:18.767402Z","times_seen":5,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/css/helpers.min.css?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/css/helpers.min.css?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 46994\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-b792\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46994,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (46993)","md5":"c6693e2710f893801b60dc28dfc34302","sha1":"a53f58b194fb577b2bc6b0271dced7c44a0ca76c","sha256":"21a7e95a391451a776343e4b01669e54e2d6f8b6eb847380eef8cbad96f9e4e8","sha512":"6e7bc1744875970d100b4a8385de7141018ac5f3dafacf6c065b8f0cbef5afac86d7137d3b9f5ff9d5ad4b69d348652f007add0cc9928f63c74e56b2846e5348","ssdeep":"768:Da5/llr+Klk3Yi+fwYUf2l8yQ/e9vbKIfMsjNFxYR7Zi:Da5tlrniSUf2l7f9vbK4MsTxYR7Zi","tlshash":"8823fce5d50c11d6b376c08bfb81b3a822b9f73ed5810c69f00f291c5ac13a652d5bba","first_seen":"2023-04-07T20:32:50Z","last_seen":"2026-04-08T23:42:00.671286Z","times_seen":102,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":95,"dns":1,"connect":31,"send":0,"wait":59,"receive":60,"ssl":70},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/js/sliders.min.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/js/sliders.min.js?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 49250\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-c062\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49250,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32024)","md5":"e97351c97d3c26bdb7bfc4a6ec2f699d","sha1":"a2f426e9f2e89559aed9d81ad80714563496d0ff","sha256":"295eb9ae7af785e206fa0c2b412e00b1073747b8a69ca82d634a9654ad8515a3","sha512":"f9e34b0d7e2e434cdf9cfe196ebffab58c05035cb327767474fd2e983ad8a7a0b1d3595079298336bceda56f0aaa2120fcbba635786a370e626442752b049438","ssdeep":"768:WuDiMx5/KCJkxviq6l28dLwhIkyiJkmM+5H2h7l0xNQh5FP7vsnYOu2P:Ft8vF6lZ0vy59fm","tlshash":"6b23a609e1042727c5eb61e62105c50eb3f7fa78ab12c1a471d6d7eb606ec0886d7bf9","first_seen":"2023-03-07T01:20:18Z","last_seen":"2026-04-08T23:42:00.662132Z","times_seen":77,"resource_available":true,"data":null}},"time_used":417,"timings":{"blocked":330,"dns":0,"connect":0,"send":0,"wait":29,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:35.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://goldenmaskclub.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8000\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 11 Feb 2026 23:23:02 GMT\r\nexpires: Thu, 11 Feb 2027 23:23:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396633\r\nlast-modified: Mon, 15 Sep 2025 16:33:57 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8000,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8000, version 1.0","md5":"72993dddf88a63e8f226656f7de88e57","sha1":"179f97ec0275f09603a8db94d4380eb584d81cd5","sha256":"f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149","sha512":"7c20165f9d22a86341e841fd58526209017dcde2afe2d0d2a89fe853d95dc69f658d25cf798c71f452dab09843fc808c1ae87a60b1284134163abf5a1d93e50a","ssdeep":"192:GDonmfrEdXT8WrxzRXwyQo3zGEOM7Y2hOMgWnsfYSjv4ENFGwrlKJ:8onPxTzjgyQSzLPXOTIYHJAJ","tlshash":"08f1b0ffa92456c4df692475a5044f27623652b4dd35cb2f496f3e12d2d74224bcc4c1","first_seen":"2023-04-05T18:53:14Z","last_seen":"2026-04-10T15:54:14.691693Z","times_seen":207281,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":64,"dns":1,"connect":7,"send":0,"wait":8,"receive":1,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 13577\r\nLast-Modified: Fri, 09 Jun 2023 02:49:24 GMT\r\nConnection: keep-alive\r\nETag: \"64829334-3509\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13577,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-10T15:55:48.675549Z","times_seen":652650,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":180,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/comment-reply.min.js?ver=6.9.1","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-includes/js/comment-reply.min.js?ver=6.9.1 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3026\r\nLast-Modified: Thu, 06 Feb 2025 14:27:26 GMT\r\nConnection: keep-alive\r\nETag: \"67a4c6ce-bd2\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3026,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2991)","md5":"e4a49df71f8b98c1d9f9d8fce74d89e8","sha1":"b95fcda0c8c26305ad94e80343d0cfca8a048a10","sha256":"9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f","sha512":"42cd5f854779886f24c43ed14617380110c946d1b430b454060c3b391de6fbae6d0ed8ab7cdd7cfdc9726b2d6142a4e01c4448e36088dfcee7fdd00b60909f89","ssdeep":"","tlshash":"5051a7d437c95d762a83b3395efe930271712709a50805608826c86931bcfea63b67fe","first_seen":"2024-11-13T06:33:24.856382Z","last_seen":"2026-04-10T15:53:20.88994Z","times_seen":58605,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":210,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/imagesloaded.min.js?ver=5.0.0","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-includes/js/imagesloaded.min.js?ver=5.0.0 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 5520\r\nLast-Modified: Fri, 11 Aug 2023 15:18:26 GMT\r\nConnection: keep-alive\r\nETag: \"64d65142-1590\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5520,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4358)","md5":"6823120876c9afc8929418c9a6f8e343","sha1":"90b0adb37d70ffec5f9189c36bb0027c310c9502","sha256":"b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1","sha512":"63d84226815c831245754adb30040ee72dcf218d01f991a5619675374bbe3b706e3721d32f5120d9d27e500813e8214244992b3875b3a7e7e4bc7ded5201183a","ssdeep":"96:PwSrH5hrG6Qpw1rIN2Bkqsu6B89w1y+7Y3qv5StcXyuC0r4oYeTnf49uVhWWTfju:PwSrq6Qpw1rI2k1u6i9woa3hSSCP9+XC","tlshash":"00b1318db7737563125aa0f2b31b430ab3b6509ea128419d765cecf39cb490a1973fb0","first_seen":"2023-11-08T01:34:44Z","last_seen":"2026-04-10T15:56:05.535358Z","times_seen":150833,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":302,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/random.php","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:35.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /random.php HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:35 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.4.33\r\nStrict-Transport-Security: max-age=31536000;\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":24793,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (457)","md5":"2e83e521d72fd2b0955ce7d8ee09f717","sha1":"718c4e3f2919d08eafebc3b3493c2a7619f1b889","sha256":"31b942171bc6bf0be53bc857157b3666a0a12db07c5c0687dea0fc09f472dfac","sha512":"78deeeda01a7605d0d3eb802e78729f6dc1388bbe462875d270668884ac80a85614125fa2b9ea83c5c5d874a601399c8cb836d51a1f35fa2c50a4e41bff1b0eb","ssdeep":"384:kF4OOxXxi7pmn5RaaEbJPxUawENVjEQEGUtIPE3lpoT:kF4OOxXxi7pm73MJ5pj4DGUmT","tlshash":"d3b2e7b0ab5c156707172064d82aa1e9743e483d6f0bceebfc79147a71e1c84c67e9e2","first_seen":"2026-02-16T13:33:59.132111Z","last_seen":"2026-02-16T13:37:18.78146Z","times_seen":2,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/favicon.ico","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:35.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:35 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.4.33\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0, no-store, private\r\nLink: \u003chttps://goldenmaskclub.ru/wp-json/\u003e; rel=\"https://api.w.org/\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":47892,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18692), with CRLF, LF line terminators","md5":"a722cdc42c5441322e80df76e7c91cd8","sha1":"ded6ef8c3e824f4de4b8b226904a0369e637b27e","sha256":"f0135de999a26b0a4f0550f433df0c1309d162a1e578c82fe14eb10ffe88dfa0","sha512":"9878cbf2a45286cb11cbae2550ac72172548bc66288d5b1c937a9a0071e5599893179e99b267ede22d99a60de1d1c89d0c39c487e0de03f415e9a8c1631d23d1","ssdeep":"768:jQNZdypJydoLHDvqiLHDvqY1bFYqegDlARaZ7w8GHXWo0sCNKe:jsyp+kvqevqLqegDlARk7w8GHXSKe","tlshash":"ad23fab1e29c00b6365b47acd0e2f738abe49210d7059f78b1f970588ac9ad606b375d","first_seen":"2026-02-16T13:33:59.133281Z","last_seen":"2026-02-16T13:37:18.763982Z","times_seen":2,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/css/style.min.css?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/css/style.min.css?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 166536\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-28a88\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":166536,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"dcbe3fc6385bebb3626cfe67d477a14d","sha1":"9a6a2b0f82a1f5434be758ba90c3f5de3bee9900","sha256":"1914a5804b4b196d78e2504e51198f212cdf36c2859900fc1cae4b15e0e9c19f","sha512":"db053e76bb578bd154d3247c3ed68fae3e07a75e028af291701f9a8d7c2bd8d239a1d283f1a4610ea6fd6a41e3bce3a594316598b7670fc90fea1f2733009562","ssdeep":"3072:GdJlV/40KR3nVt9/fjg9BS187SugPccJGc7HO63+KRWciR91CYrYcUtLja/5qzFz:GdJlV/40KR3nVt9/fjg9BS187SugPccj","tlshash":"a9f3f85095a2245cb267031dedd9d698b6b8a223eb020bfafde4753dcb4d3c6143389d","first_seen":"2023-08-08T15:58:08Z","last_seen":"2026-04-08T23:42:00.658511Z","times_seen":88,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":85,"dns":0,"connect":28,"send":0,"wait":57,"receive":144,"ssl":65},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/css/widgets.min.css?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/css/widgets.min.css?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 50529\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-c561\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50529,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (50528)","md5":"f70669700350440ab75e2bc5d341631a","sha1":"17bbced74c15abd909735f35f481c8ded896fe55","sha256":"64e9e3a74ddcf45faf863cb2f47991e5e8172ee74ce9387ea71afde28821205f","sha512":"55a078a5464a999058a3ee0041003dbb5e955c175dd263a777845cd222aa1c63d8b3c3840562cec6a66391b80fba59d667e2c2fc4a48dd25a3aa302ba5b88523","ssdeep":"384:QlI45pPoFuJemJtopM4zsMy3DooyT2jCAZFlg7nIkWMoBVVM1DikPdLS+N3Voy2r:QlI4GlWj6Xhd5oymquL","tlshash":"7933c99642950a8d73138a1996c0abdc21195157ffa30ceefa563c0f8bdebc8123757b","first_seen":"2023-04-07T20:32:50Z","last_seen":"2026-04-08T23:42:00.670193Z","times_seen":89,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":91,"dns":1,"connect":34,"send":0,"wait":91,"receive":2,"ssl":68},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.4.33\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0, no-store, private\r\nLink: \u003chttps://goldenmaskclub.ru/wp-json/\u003e; rel=\"https://api.w.org/\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":47892,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18692), with CRLF, LF line terminators","md5":"a722cdc42c5441322e80df76e7c91cd8","sha1":"ded6ef8c3e824f4de4b8b226904a0369e637b27e","sha256":"f0135de999a26b0a4f0550f433df0c1309d162a1e578c82fe14eb10ffe88dfa0","sha512":"9878cbf2a45286cb11cbae2550ac72172548bc66288d5b1c937a9a0071e5599893179e99b267ede22d99a60de1d1c89d0c39c487e0de03f415e9a8c1631d23d1","ssdeep":"768:jQNZdypJydoLHDvqiLHDvqY1bFYqegDlARaZ7w8GHXWo0sCNKe:jsyp+kvqevqLqegDlARk7w8GHXSKe","tlshash":"ad23fab1e29c00b6365b47acd0e2f738abe49210d7059f78b1f970588ac9ad606b375d","first_seen":"2026-02-16T13:33:59.133281Z","last_seen":"2026-02-16T13:37:18.763982Z","times_seen":2,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":101,"dns":1,"connect":31,"send":0,"wait":247,"receive":61,"ssl":73},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/js/desktop.min.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/js/desktop.min.js?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 62792\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-f548\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":62792,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32037)","md5":"62afe01268550fa75c098d1145fe693b","sha1":"359463fd1984698a2551e1b53646734082bef3e4","sha256":"66d4707b9abcd6966cd20f380f07b355633f6de76350daabfe058085f63b3942","sha512":"7ba8186a8e61d8ae086c7c2ffe5e0fab55e5a4eafb1f4fdae7bc22098ce1ddbf80297d805080c50c1df1fd67f7f7475149250f8abfc04c55c7a398e9fedce82b","ssdeep":"768:MI+QRWTNvA2Y8BIaDTOXpzr9UkjHoI9WTeR1dbcydLNdT7MwbJcH5sbERgXRaHKn:MIeTCGTOZzSkUI9vdbcydB17yfRgo1C","tlshash":"0f532aa8330134b752ebab8f502f41097232595667468474757dccfc2fb0aaa22a7f7d","first_seen":"2023-03-07T01:20:18Z","last_seen":"2026-04-08T23:42:00.659705Z","times_seen":92,"resource_available":true,"data":null}},"time_used":355,"timings":{"blocked":236,"dns":0,"connect":0,"send":0,"wait":30,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/js/live-search.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/js/live-search.js?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 14323\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-37f3\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14323,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13288)","md5":"86a4407b89c66d2dccb95b1319950696","sha1":"372e889f0916a811d19a10950554a5586b89ac70","sha256":"00a1346c0e63df97eca33ec1ff32a778caa5b6612cde78986e391c17eeb10e87","sha512":"19e40381b6bfb3ea7e1216cd54d82d50500daf6154fe07fa8255613b4b974bcf0c2d6f2a3e87fae06eb1d6bb97a02a41a0594fabae0456b4acfaca0945d9cf5c","ssdeep":"384:+01y7FC0nLsNVuFWYXRAFbAx6fVio85N3fweE5Qx:r0pFYNVu0FMx+v85Nn","tlshash":"0552b808b3416672c3eb609dc99b050ea97bbd153c06249c762ec9c98d79f0ca1efb75","first_seen":"2023-03-07T01:20:18Z","last_seen":"2026-04-08T23:42:00.641083Z","times_seen":100,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":274,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.4.33\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0, no-store, private\r\nLink: \u003chttps://goldenmaskclub.ru/wp-json/\u003e; rel=\"https://api.w.org/\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":47892,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18692), with CRLF, LF line terminators","md5":"a722cdc42c5441322e80df76e7c91cd8","sha1":"ded6ef8c3e824f4de4b8b226904a0369e637b27e","sha256":"f0135de999a26b0a4f0550f433df0c1309d162a1e578c82fe14eb10ffe88dfa0","sha512":"9878cbf2a45286cb11cbae2550ac72172548bc66288d5b1c937a9a0071e5599893179e99b267ede22d99a60de1d1c89d0c39c487e0de03f415e9a8c1631d23d1","ssdeep":"768:jQNZdypJydoLHDvqiLHDvqY1bFYqegDlARaZ7w8GHXWo0sCNKe:jsyp+kvqevqLqegDlARk7w8GHXSKe","tlshash":"ad23fab1e29c00b6365b47acd0e2f738abe49210d7059f78b1f970588ac9ad606b375d","first_seen":"2026-02-16T13:33:59.133281Z","last_seen":"2026-02-16T13:37:18.763982Z","times_seen":2,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":225,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stalmokas.ru/img/","fqdn":"stalmokas.ru","domain":"stalmokas.ru","tld":"ru"},"ip":{"addr":"104.21.59.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"stalmokas.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 11 Feb 2026 15:15:23 GMT","end":"Tue, 12 May 2026 16:12:31 GMT"},"fingerprint":{"sha1":"EF:BD:C8:A2:C7:37:FC:46:AE:5F:A7:F2:F4:FE:9C:F3:0A:16:D6:8F","sha256":"8B:13:37:98:33:67:8D:82:7D:05:F6:D0:73:9B:9D:22:98:EB:68:E8:98:47:5C:BB:E8:4D:00:80:0F:1C:F9:62"}}},"request":{"raw":"GET /img/%kaicat%/bg/%kairand%.jpg HTTP/1.1\r\nHost: stalmokas.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\nserver: cloudflare\r\ndate: Mon, 16 Feb 2026 13:33:34 GMT\r\ncontent-type: text/html\r\ncontent-length: 155\r\ncf-ray: -\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T15:55:52.128321Z","times_seen":13584587,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":31,"dns":0,"connect":8,"send":0,"wait":8,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.4.33\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0, no-store, private\r\nLink: \u003chttps://goldenmaskclub.ru/wp-json/\u003e; rel=\"https://api.w.org/\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":47892,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18692), with CRLF, LF line terminators","md5":"a722cdc42c5441322e80df76e7c91cd8","sha1":"ded6ef8c3e824f4de4b8b226904a0369e637b27e","sha256":"f0135de999a26b0a4f0550f433df0c1309d162a1e578c82fe14eb10ffe88dfa0","sha512":"9878cbf2a45286cb11cbae2550ac72172548bc66288d5b1c937a9a0071e5599893179e99b267ede22d99a60de1d1c89d0c39c487e0de03f415e9a8c1631d23d1","ssdeep":"768:jQNZdypJydoLHDvqiLHDvqY1bFYqegDlARaZ7w8GHXWo0sCNKe:jsyp+kvqevqLqegDlARk7w8GHXSKe","tlshash":"ad23fab1e29c00b6365b47acd0e2f738abe49210d7059f78b1f970588ac9ad606b375d","first_seen":"2026-02-16T13:33:59.133281Z","last_seen":"2026-02-16T13:37:18.763982Z","times_seen":2,"resource_available":false,"data":null}},"time_used":500,"timings":{"blocked":236,"dns":0,"connect":0,"send":0,"wait":203,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/js/jquery-3.3.1.min.js","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/random.php","date":"2026-02-16T13:33:35.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /js/jquery-3.3.1.min.js HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/random.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:35 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 86927\r\nLast-Modified: Mon, 02 Feb 2026 13:57:08 GMT\r\nConnection: keep-alive\r\nETag: \"6980ad34-1538f\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86927,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-10T15:53:39.07199Z","times_seen":120084,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/js/random.js?1","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/random.php","date":"2026-02-16T13:33:35.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /js/random.js?1 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/random.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:35 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1323\r\nLast-Modified: Mon, 02 Feb 2026 13:57:08 GMT\r\nConnection: keep-alive\r\nETag: \"6980ad34-52b\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1323,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"bc1575f913a1f1f30924869d238ba9a2","sha1":"f463856b65abf366fa1273a8e31c40b97a5a18e3","sha256":"f19488eb3dfd6649178fdd3a6ff9e5333c0bc5ed18b61a869f4f8a610628af73","sha512":"0539b8146117654821178474e453df5a8ce878ede0a241b20b61054feabed705eae94fc17eda10df1bc67a0953fcbc877cb688568200298de4509d007f564eb7","ssdeep":"","tlshash":"c7212608fefc635604be145cd46f5288ab1e28f2bf4a0c62d87430ad466c5753011e1f","first_seen":"2025-10-18T16:22:09.467939Z","last_seen":"2026-04-08T23:42:00.648334Z","times_seen":60,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggl2.ru/bd/img/news/logo/5.png","fqdn":"ggl2.ru","domain":"ggl2.ru","tld":"ru"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goldenmaskclub.ru/random.php","date":"2026-02-16T13:33:35.179Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /bd/img/news/logo/5.png HTTP/1.1\r\nHost: ggl2.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T15:55:52.128321Z","times_seen":13584587,"resource_available":true,"data":null}},"time_used":361,"timings":{"blocked":285,"dns":0,"connect":30,"send":0,"wait":0,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"ggl2.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"ggl2.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"ggl2.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"ggl2.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-16T13:33:33.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:33 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.4.33\r\nLink: \u003chttps://goldenmaskclub.ru/wp-json/\u003e; rel=\"https://api.w.org/\", \u003chttps://goldenmaskclub.ru/wp-json/wp/v2/pages/45825\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://goldenmaskclub.ru/\u003e; rel=shortlink\r\nStrict-Transport-Security: max-age=31536000;\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"parallax.js:4.6.2","description":"Simple parallax scrolling effect.","website":"https://github.com/pixelcog/parallax.js","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"imagesLoaded:5.0.0","description":"jQuery plugin for seeing if the images are loaded.","website":"https://imagesloaded.desandro.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":56315,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21377), with CRLF, LF line terminators","md5":"94ba581c00e2868ed1da221954856c42","sha1":"6f87e34ac3de19e655de1fa53108cf283c1ec9fa","sha256":"2f2bdf5e6053fdf37b1c860b8004a1bb256e051200ae6618f6f738a86d7b6ab8","sha512":"912e2353ef4bacb3c5b639c9bf8ee1e71c6ed693e9564f21423769ad7dd0ad7aef33c2c8fe8358aa7bf409faee17629fadbcb6e4f6f4c0d9d7f9293ddbc5e13f","ssdeep":"1536:Pqyp+kvqevqeOeSkdwJj7ef8egDlAX/WkMw8GH8CKXSKe:Pj9vqevqeOeSkdijE/Cw8GH8CKXSH","tlshash":"9943c871e19800b63257479da0e2f734e7a99270d7064bb8f1f97148cfc9ad206b366e","first_seen":"2026-02-16T13:33:59.141426Z","last_seen":"2026-02-16T13:37:18.759924Z","times_seen":2,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":139,"dns":43,"connect":30,"send":0,"wait":239,"receive":31,"ssl":64},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/fonts/fontawesome/fontawesome-webfont.woff2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/fonts/fontawesome/fontawesome-webfont.woff2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/wp-content/themes/jannah/assets/css/helpers.min.css?ver=4.6.2\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Length: 77160\r\nConnection: keep-alive\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nETag: \"12d68-649d7a53a5cef\"\r\nAccept-Ranges: bytes\r\nStrict-Transport-Security: max-age=31536000;\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-04-10T15:55:57.530019Z","times_seen":421677,"resource_available":true,"data":null}},"time_used":374,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":46,"receive":328,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/fonts/tiefonticon/tiefonticon.woff","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/fonts/tiefonticon/tiefonticon.woff HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/wp-content/themes/jannah/assets/css/helpers.min.css?ver=4.6.2\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: application/font-woff\r\nContent-Length: 8992\r\nConnection: keep-alive\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nETag: \"2320-649d7a53a60d7\"\r\nAccept-Ranges: bytes\r\nStrict-Transport-Security: max-age=31536000;\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8992,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 8992, version 1.0","md5":"559d0684dc8c07c5784d72fca3bd1057","sha1":"1ec112aa03f9262d64fdfa8fe9bfe1da94c47886","sha256":"8e3349c36d26f3f07ddc1807ac6312022900cf8130a510a903c51ce07045f379","sha512":"2c0882cdfc3c6e6c0652ef7208064e309db95f0971fd75ac4ad0a3a8593dc9d10ab54a748740234867d48a90d663f011ca10fd9ef6307619e38e9caa2b7f8901","ssdeep":"192:oUaf+1+335fkstrELLwhbb09QkeHglwzdw0zygIK:ojW14NyeKQzZ5","tlshash":"47021802cbc7cb06d8278b7c555353524ee6fb25d3bdc6eea4994e44e02cce48d18b2a","first_seen":"2023-05-04T18:59:48Z","last_seen":"2026-04-08T23:42:00.632182Z","times_seen":146,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Poppins:600\u0026subset=latin\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:35.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /css?family=Poppins:600\u0026subset=latin\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 16 Feb 2026 13:33:35 GMT\r\ndate: Mon, 16 Feb 2026 13:33:35 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1201,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"330b3687567c433e01d15e8a9d397ca2","sha1":"ab37436e02cb8fda28aa9e4dfd0899ffd5a5fd7c","sha256":"94d6e99990c0752dcd4f57d0c04fcf57bf2e80bf768323ec18559e1e1ba47ead","sha512":"34362f8624e3a07e7ab014a03001fac8a2e16d564bd43dcfe46369ab47bf3e8ebc7c8267483ab5b36efae5364760f5e985fc5d44f6b33cfb247f7411e65a1ac6","ssdeep":"","tlshash":"0421afd1087be104ab831cc123ce7e36ef1e92957414d5786bfd0c98adabc25036272d","first_seen":"2025-09-19T00:50:16.725097Z","last_seen":"2026-04-10T14:15:20.997253Z","times_seen":459,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":31,"dns":0,"connect":7,"send":0,"wait":18,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 87553\r\nLast-Modified: Mon, 28 Aug 2023 14:14:24 GMT\r\nConnection: keep-alive\r\nETag: \"64ecabc0-15601\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-10T15:55:48.66773Z","times_seen":700959,"resource_available":true,"data":null}},"time_used":722,"timings":{"blocked":122,"dns":1,"connect":45,"send":0,"wait":84,"receive":376,"ssl":91},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/js/scripts.min.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/js/scripts.min.js?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18404\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-47e4\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18404,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18403)","md5":"1b3022f9d2802b3b03136d44c2cca856","sha1":"6f74479f1b3c85de92841fd72400348d08d7197e","sha256":"656db82bff854206090132e761f9f6fff574503843af9092c8262f15a56c8425","sha512":"658497ade63d2422e478fb8e1d08ccebde90f0bb630f69cf121e28120af2f6b57667c3e55e3b63b7cafe14cf6689716232a59735269889255f25f3e5a747db69","ssdeep":"384:U/Yv8IG7Z6YfbZLOgFsoaqStGmnBVpeUjI7QtygzfZ7LP5JFglmRI20vgb5CCs7x:U/YviZPdOgFsoacmnBVpxI7QtygzB7l+","tlshash":"3c82c748724074fa11bf30bae53f7212b1676936eb07845060bb90b86d3dd852267ebf","first_seen":"2023-03-07T12:08:03Z","last_seen":"2026-04-08T23:42:00.66564Z","times_seen":93,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":210,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goldenmaskclub.ru/wp-content/themes/jannah/assets/js/parallax.js?ver=4.6.2","fqdn":"goldenmaskclub.ru","domain":"goldenmaskclub.ru","tld":"ru"},"ip":{"addr":"217.29.62.235","port":443,"asn":39238,"as":"Okb Progress LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goldenmaskclub.ru/","date":"2026-02-16T13:33:34.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"2.4li.ru","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 04:38:32 GMT","end":"Sat, 02 May 2026 04:38:31 GMT"},"fingerprint":{"sha1":"F7:24:9B:C4:09:D9:62:2F:4F:4C:50:47:0B:D4:C6:B9:2D:7F:0F:26","sha256":"E8:CE:08:90:90:58:D2:BC:06:EF:26:11:60:C4:7D:C2:6D:3A:CD:AC:6E:87:DB:36:47:94:C3:CC:84:53:5D:A7"}}},"request":{"raw":"GET /wp-content/themes/jannah/assets/js/parallax.js?ver=4.6.2 HTTP/1.1\r\nHost: goldenmaskclub.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goldenmaskclub.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Mon, 16 Feb 2026 13:33:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 24004\r\nLast-Modified: Mon, 02 Feb 2026 13:53:19 GMT\r\nConnection: keep-alive\r\nETag: \"6980ac4f-5dc4\"\r\nStrict-Transport-Security: max-age=31536000;\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24004,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11127)","md5":"9e03be2b2bf0ee6a76b11aac23d4b60a","sha1":"d44dd765e2da226b3c9c848a127f4eac81d35acb","sha256":"d8a5f81391bc3da5244f17db4af427303ebb7bcc09bfe3e5ca14c50eb2a1a66c","sha512":"b3b553482b31b2ef14ab6d12cf54bdafe8b18f2470f116309b9e80fd383dab8dde008903f05fb041f7c7243e755d295bc0b40a983e56e98c7c058e52c9761619","ssdeep":"384:tv70FQS6XA90nxCbX9s+aO5tl+aL8/rXh0WydPk0o7/6BAeVU0yhVS:90SS6XA9KxCbXm+P5z+W8zoe5T6BA5hQ","tlshash":"d7b2c76d3320731142f325e9f81f110d30395a39a246cb36a03ad6ee696cd4a95f7f7a","first_seen":"2023-03-08T14:30:05Z","last_seen":"2026-04-08T23:42:00.662728Z","times_seen":151,"resource_available":true,"data":null}},"time_used":413,"timings":{"blocked":323,"dns":0,"connect":0,"send":0,"wait":60,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-16","alert":"Sinkholed","trigger":"goldenmaskclub.ru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}