{"report_id":"b44bedda-8bcb-4e73-99fc-11f551fcf3e0","version":6,"status":"done","tags":[],"date":"2026-05-28T12:32:09Z","url":{"schema":"http","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"104.21.69.239","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"title":"Georgia Department of Driver Services","dom":{"size":93830,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65489), with no line terminators","md5":"20449a243a928e737abd056e0428e479","sha1":"9f116babbe6645221b8c46808cd9fe2436144980","sha256":"a9f581098481041571c98da82245cd230a1e49caf0df53f5c684ca1c96be3c89","sha512":"10c9dc7233abb23528a0fce6b07d657407214325044faa8ae68041d610b35579897e609c08e5d041eceba84d3f3dc88b1fe4d9af577495bca7ab52a8e3461c7b","ssdeep":"1536:dMc2UTtScI3bjiV+EAiHgJsNp+Iozji/beL39YiUiVJPVmCsUYuVkv63S7G21zTh:ic2KK3DTWb6zSAh3Ps1KNPEc2wV4","tlshash":"f69364f61d148e3d01134e8ad6ebe318d389847db9694c8bcaff5b76418bd90f4a3864","dom_hash":"domhash3eb670480d4b4d44f417a6adab72f4c1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"104.21.69.239","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-02T12:32:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-28T12:31:52Z","timestamp":1779971512,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":39212,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2026-05-28T12:31:52.913163+0000\",\"flow_id\":726827479339605,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":39212,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":911,\"bytes_toclient\":1606,\"start\":\"2026-05-28T12:31:52.856661+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ipinfo.io","ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2013-04-23","domain_rank":1327,"first_seen":"2013-12-16T07:25:53Z","last_seen":"2026-05-27T18:05:04.167221Z","alert_count":0,"request_count":1,"received_data":514,"sent_data":429,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2026-05-25T07:23:13.533444Z","alert_count":0,"request_count":4,"received_data":501943,"sent_data":1798,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"georgia.org-ko.one","ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-15","domain_rank":0,"first_seen":"2026-05-28T12:32:10.948659Z","last_seen":"2026-05-28T12:32:10.948659Z","alert_count":60,"request_count":30,"received_data":1897458,"sent_data":14548,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Drupal:10","description":"Drupal is a free and open-source web content management framework.","website":"https://www.drupal.org/","common_platform_enumeration":"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*","icon":"Drupal.svg","categories":["CMS"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":[{"md5":"a737c47eb9e414d0de0195b5c56a2c6e","sha1":"682755372ff57c42620bb9b7d453c9339df6dc36","sha256":"6cb862862fc8536523b9f6041c8e15ae015d64ce82e062297ec8662017b11819","sha512":"b07d00d705acccca7ac9169a4436c106305b9c720e23715cf630cb26a15680a1562666ab8870a26b8fbcff830dcf20a72686dc6acef0d885c4b1015c0e872d03","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":3638,"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/discover-card.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"archive":null,"alerts":{"urlquery":null,"analyzer":null}},{"md5":"65e5ef6e1e662df2dfb177d738a34736","sha1":"52300d2f11f13d5ec7694b78951ef029eed486af","sha256":"ed2f990ced5ea2b6e51167148a75ec39a9c3e98e2e16259f31cbf3806d4403a7","sha512":"ee36269a8aecb4af648fbc8c5993f2489e0e0134080c6cb3afa2f365c6227ce8eccc3d21a07f6627bf38cb4e05c31cbd52afd8bccbe9a8bf497e364d9af60c8f","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":2052,"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/visa-card.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"archive":null,"alerts":{"urlquery":null,"analyzer":null}},{"md5":"79a5f1fda4790f8900e278fa7c7d907a","sha1":"34624cbd1976f030b11e49811d02da1121593a4d","sha256":"2889851f4d97b538b546aa51a676dc2100c8fa5710187de45e2875bfbc21ee57","sha512":"34730569aa90502c0ad9238e3fa524af812407639f9c4167a635db169f7b49ceed8d0d499538f1501d21328921a4a2ac6901fa52b44ebaf58325884f976ad0d8","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":2379,"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/jcb-card.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"archive":null,"alerts":{"urlquery":null,"analyzer":null}},{"md5":"5e09aa53ccdb2de94e4093d3c52b466c","sha1":"b3d7cfc8788bc9a17a509bfbe34a097de7355554","sha256":"d77fe435701de13d2dac9cfc1f66ed1469a862e0c55a89a45db432652ba059ae","sha512":"bdf88bc17c1389d4650d572f01c01d4c1ab01b868a774863f3b56b535fb6acc9554ff4b586b74e145b6c875531b22438a35bb32e50816ff0c20410d10f96921b","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":2166,"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/amex-card.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"archive":null,"alerts":{"urlquery":null,"analyzer":null}},{"md5":"4c8d90fb3ea4c2d57299eedb41a2e20d","sha1":"d22bd75e679fd93d69269939d855435b87453c0f","sha256":"7a0822eefcd060a8fa86ee2c2e778f59c5eb11e5cd41818f5059aea5c3da3f7b","sha512":"5a4cb1819a56e40527070a8e6613ca2f523a61e989f1c7148023c327f6eae3b124537880b1ad6678e1def808a0e4cbd3f58dea9c363675f3f7a876c81bb60075","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","size":1239,"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/card-refresh.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"archive":null,"alerts":{"urlquery":null,"analyzer":null}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/dotlottie-wc@0.6.0/dist/chunk-B6AP7WKV.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"aea1f7a12b77f053393b67da3d1b2d3f","sha1":"7e8a73d43eb55f2c71d13462612b76ff1ca25868","sha256":"616548b059f0f23b65788280822758eb77f06ef32e87bb5c0a5f095c551c8ded","sha512":"7e54a44f9323341e085f6fb3e9827317a02e6860ade964878538b7a61c2d86ec0ac519fa88b298d01445792e818db67e9f0b704e20240dc1e65d91b7627ec7a8","ssdeep":"1536:LRmQu62qGsOOAPqfsPSQVLOavQuwQh7qsu/2/eC//m1P67tOTcMUPvEsjJwyHiDr:VmQTuifsPbzw","tlshash":"c4a4e5b2738817a6e5480ae94164a20bd4fad42d342525ccebf6b797f43d9a2fc1c374","size":474281,"data":"","first_seen":"2026-03-05T17:25:09.904767Z","last_seen":"2026-06-06T17:16:15.556488Z","times_seen":8722,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/js/common.js","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"67213e6a3389b07f0863a0d85ff11f66","sha1":"12ffc8146af0e98773ccdde9f3ec3242be9e0aa9","sha256":"ab72e374172cc19a36893951e9084cf413b57a91ad291874a5af1f39f691e992","sha512":"f29bbc7d3e8c2bb09a420eb2eb9fe12e4634dac5497bbe08630a6e68c657149ec5eae26100b7ef3534498b30e94a8e564f46272b5e1fef4c1f7dc37d5ba0979e","ssdeep":"","tlshash":"0711084469e34610819290bd39962412f2364457b93c7f2576be91457f8ca2d13f2bde","size":997,"data":"","first_seen":"2026-02-08T23:06:32.587229Z","last_seen":"2026-05-29T00:53:03.32576Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"6f8eefc49879c3e361f61b9bea3fe51a","sha1":"22eaeaa6890dd43845f900633e325068a5b8f668","sha256":"304c0f8debc39d6c5da00dd53d9eec755a62af77fa285fccce076c635513d5de","sha512":"b77b8c4ab1968793dc7afec0f9094917b10170df976b9ec9d5e138abb36af40bf0ba34c98f0ba243fa3f26c088a07a3d2bbb8a60be1ddb9819ba62b16529ed80","ssdeep":"","tlshash":"dfe0f152f9ddbd70f5774c2053087f92b00c105230748ec4b291cd0480dd26d9b19326","size":418,"data":"","first_seen":"2026-02-08T23:06:32.605695Z","last_seen":"2026-05-29T00:53:03.37895Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"b4c3548629f9e5e079ab9b3af0262d25","sha1":"c8c00ad2eff322f5f9ad9364058dd0b7b9c2ee67","sha256":"742149d7d3a95b318c8a1878870fec4cba7fcb7cb8fc7e6cca95bd80e30c21b8","sha512":"6a7367458863fe215b3eab367e6c526e06245f1d4c3cce533921e4398c5c96795b2e07a83440bfe69549b9a52117abcb49fc24dc948fc349a9a5c993a338b112","ssdeep":"","tlshash":"bb017b63395c6cb9f9de5db26109bab0600c3466b0a08ad9b9468d0490ed1754f0e716","size":709,"data":"","first_seen":"2026-02-08T23:06:32.606555Z","last_seen":"2026-05-29T00:53:03.373811Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/dotlottie-wc@0.6.0/dist/chunk-F5EFWER6.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"e404af09dd04bf3f85ef25ff477f2235","sha1":"c01a359668d3860945f3c1ef49b66bd623ab25e0","sha256":"636ae4031f3d4cec06693504293bcd55d5ea42a0022e579d6c2d01620024054d","sha512":"a49dea23ac5ed1b82c7edaa62d0fbed4195bb48aff92378adcda6891c8d581aba45590892137f314a12e4f881daead6ff63d51696b1075c8f7e1041c1d694b00","ssdeep":"","tlshash":"1d019ecc78b8bef287d25859405feb02e6265451d56a405022edaed4d07c8d789a982f","size":672,"data":"","first_seen":"2026-03-05T17:25:09.886647Z","last_seen":"2026-06-06T17:16:15.547888Z","times_seen":8721,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/dotlottie-wc@0.6.0/dist/dotlottie-wc.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"05981be59a26970fbca1e5a8c7634336","sha1":"579e7098232d88c3a0cb8101b9ad9bd45a3c9f40","sha256":"71bd5d3c6e096c8a6e9a3a3f0acb0dcd5cfc610ac5706ff0251964ec34bc71e5","sha512":"4d31793eb824fbfec3447fd7a4a709d7605e7dcd276c710d599de8c2b059c3935922d3f78a3999ba095ed47eb92df069bbc5d9bb3a98a649aef2c15c4e54feac","ssdeep":"","tlshash":"31c0127be8f0eeb359728c5a80a6c3212a1a88d3d361037491881aac41208db9918ca7","size":187,"data":"","first_seen":"2026-03-07T22:46:23.632504Z","last_seen":"2026-06-06T17:16:15.531879Z","times_seen":8719,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"531dec080e6805d700411f87d61c9b20","sha1":"99e5322c32284f47927955a7533b0038cfc79a9a","sha256":"80abd1b1895eae4d056054d71206b781a4acf14d88520281eea146a04e50ac82","sha512":"3a2787be8bff4ef821c54c405ea13a641f0aab726467259d37f373c13c0e6fc15b363493d706a2ddd1b8a367eb7a8cbb93d2b89a8935ed0c504d686eec3acf5b","ssdeep":"","tlshash":"ff2180613d2c7c78fd5d4812112dfb70f80e24a2b2348aedba41cc1590de2654f0eb56","size":1121,"data":"","first_seen":"2026-02-08T23:06:32.607341Z","last_seen":"2026-05-29T00:53:03.369643Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"dcc367f449c7bdcb0f6d45317b112c02","sha1":"714544a62122de805fbd6357b585094ab398970b","sha256":"8f2b8e073a4556f7945c52b87ec289db8e2a8dc573d52a8910aaf36d1bc7208c","sha512":"ddcc6f62330e3c788bc90ca2c4031bbcc4b775fd584e6cb5a0e69ba0d569bbb8565e0760a329fb995e1c3202f565a89f7e9971e9dcdf7aa6050c9e6fe8731345","ssdeep":"","tlshash":"96218b62795cac3dfd5648511219ffb0f444a0a6b2b88ad8ba96cc28e4dd1a08f0e716","size":1172,"data":"","first_seen":"2026-02-08T23:06:32.608187Z","last_seen":"2026-05-29T00:53:03.370548Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"6bbe2424d1d7750ef4030b79956cb835","sha1":"9ec07ba0765af240dead5bfeff9d3f974a5a08a0","sha256":"3657ec39933edb81a5b39688d2470143b1918733d58f66a735182249d562eecd","sha512":"50bd1a7f6b3d10b01ad73858a2c3b6fd1dafd662d2b4a1e9b2a7c4ca8c7f74eac468becf6ddd183bef1bcb648fd7cf22b2a81cf32ff6c89e55c0f1169cc93a0b","ssdeep":"","tlshash":"23f0aca37c3da426fd0300a24515bbb3ea0c347832780aecb9909d4a744e0715f2f729","size":640,"data":"","first_seen":"2026-02-08T23:06:32.612725Z","last_seen":"2026-05-29T00:53:03.374825Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/js/main.js","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5cf5cebedf8ec64d3161e568dc6a6bf6","sha1":"5c9dbbb4e83c72ca1adaf1294c47f2657bc01295","sha256":"6922b69f12163337cbd0ed8be71babe7a717c488e5db389f09618d8efd23a9c2","sha512":"2756056c50398b2d70e66f3f87a2cb333cb95a31b9d5ddad0ca92c4bebe7eeee6fc12113a2da9dccc751d0ed12a460989d2725821dde4d3eec8e80ab1e49bf52","ssdeep":"3072:N5i2qY4caSkTc4m8RB59oI5bkZj30lDGzDK1My5vU1izImNlTEmG2bwqm5RvWIyW:K2qY4caSkTc78RB59oI5bkZj30lDGzD1","tlshash":"e804a60125cc540223064efb765e76e5da293f9fb8090d9ad668bc34b9d6123fee9334","size":185481,"data":"","first_seen":"2026-05-06T14:21:54.430556Z","last_seen":"2026-06-05T01:47:59.127483Z","times_seen":2071,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/dotlottie-wc@0.6.0/dist/chunk-SI7D3PZW.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4915cbe555f5ca0aa6534f7592c55fd1","sha1":"01683f93f73717af0c3fbb9a6aba1c1cc72188e6","sha256":"30fd7438846b02993a472074e050860ad1b4638f5f36a9f07940fdd741aaab85","sha512":"eb5f9b688df0c4e82837699361394f865eb2736882f3b5d8f46fab3c58384c805ebe827297941144bbc2dc11dbf7f04c3429a53a8d774ee6e4f836c35b81ff2b","ssdeep":"384:fHOyHjPQ5GnHixKWPY1rVdeqGRUkKpvKtvV3jM4:vD3nHixKWP+rVdgrKpvKlVw4","tlshash":"16a2d88076f994b34ad582d6dc79460fe250349c682e846dfa7ca6ef1938f41a1ec732","size":23376,"data":"","first_seen":"2025-08-04T13:12:55.035191Z","last_seen":"2026-06-06T17:16:15.54522Z","times_seen":8841,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/js/vue.js","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d510c12b589a26e2c72f65a1e726a347","sha1":"61131c8e8cc4151fdc2d89e21f95ee27a76710c1","sha256":"d535a5f003b5350e4753025226c81f30cf883edb0ddc01901a31e49f0a9740b5","sha512":"a31326ea137759a06e3c7d26f26ca4adfe31bcc7b96cf24710bf6ef0cc1ae778b883f2f838145e8c615dcaeff42fc8118bec25d83eff4077ed24e67a20ddb945","ssdeep":"1536:DUXY7qLtpHt2P0e1mZ8I6H82RaLPMBlo5VV2B/S/r:SYeJpN28efKMBlmV00/r","tlshash":"c29308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","size":93674,"data":"","first_seen":"2025-12-05T15:25:52.043787Z","last_seen":"2026-06-06T17:16:15.551972Z","times_seen":21928,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2fe2c701f217e8fd9884e070d9eb778e","sha1":"36216437f256209619b81bf2d6f44d2f48601130","sha256":"06fcee91f631d1269d3a3341b28fcca2ba46094312ddd904151fd5ca87842150","sha512":"02bc419d4288db6fc1aa6e0761beac7498a445a3e6a51a2b207b23e6e25df0ecebb295c15f88376f46325d4730145cc5afff00a0384ef6ae6e3210a88df10e41","ssdeep":"384:r3zRuvgyiJ73Ai6i+Ar1CmCfuisFASSEj2BbIJzLDK7Lqf79:r3zRuvgy073iiv1CjKn6n7Lqh","tlshash":"72b264f986bc94fc9a47565aeb376970d30e94f9b96085e0543ec9f0c0a3ba4cb0781d","size":25284,"data":"","first_seen":"2026-02-08T23:06:32.614738Z","last_seen":"2026-05-29T00:53:03.377843Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/js/axios.js","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1eb8e8e2284670dc214a3e70c25992b8","sha1":"94ece417aa560aa8de906e8f54c0985da90364cc","sha256":"96b65382c74cd6255d4628044c5394f2ef3f0662d7d72b10f1bceb50b6ee5455","sha512":"ae6cce74fa46a0ee1b00245f7da885ace7bd608d96152f3b4d9b2c1e66d53cbf5c1f298d1eb60cdf4a17a14296edc2fec63c22a7cf968025911ebe9272f7d49e","ssdeep":"768:iE/e1fRWqcYe4Q2q3jetDArR2d1mP2EduTgeIQN/s:VGoqcY22q3GASme1k","tlshash":"0a1385c6fbd57803b51630a98e8f754a76b4d05374046ca5bc4cb9e83fd883c86e6a89","size":42736,"data":"","first_seen":"2023-03-08T19:53:18Z","last_seen":"2026-06-06T17:16:15.523524Z","times_seen":25324,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fcd570a1ba15887c26e102af88786157","sha1":"678eab1dec7276847531a9f2ac2a23f0bbee6d65","sha256":"968cd39817ee79faec4e30ead85701bea9423bacb9e04b899a535c291221c02d","sha512":"6d88a32eca50f74d2efbf2ca0765ef473050b377863b56d2133eda447a6c7d444f80386798e10507513d5eff8f8fb7439559c71d9dabc98431b459b1713679b6","ssdeep":"","tlshash":"aae08662ac54172cfce73dd9a463522a3431650238984865d8f8755a20d6c95d4bfac8","size":327,"data":"","first_seen":"2026-02-08T23:06:32.617854Z","last_seen":"2026-05-29T00:53:03.372621Z","times_seen":79,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2043a31532b1722c2d81ecdb69e3d858","sha1":"ece3ddfdc5f1ddf5594c40bff95a49f0cc29adca","sha256":"480ec57e991c4bf32e54ec81adf0523559c4275c38c858928eef9664b9c61c00","sha512":"23ec6e00ea9d767a692cb0ced8f2227c7b1873eaf67344d5069e22ac97f2dc16482d516b83e0180e8a98e011d6b2baa73ba680038f21c8bc7f958ec2f78d36b7","ssdeep":"","tlshash":"4ef09e11a01c7c79fdca0e3420ab7a22900b6821916be5d8aba25c04f0ea0354f3d102","size":497,"data":"","first_seen":"2026-02-08T23:06:32.613713Z","last_seen":"2026-05-29T00:53:03.368523Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/dotlottie-wc@0.6.0/dist/chunk-F5EFWER6.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:52.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 13 May 2026 17:38:50 GMT","end":"Tue, 11 Aug 2026 18:38:47 GMT"},"fingerprint":{"sha1":"85:3A:E3:4D:41:9A:40:A5:EA:4D:21:21:BC:8B:AF:E9:9B:B2:27:3A","sha256":"41:2C:5C:27:2E:1B:0A:16:BA:4A:09:22:08:86:E9:EC:B5:B9:C4:CF:94:00:3A:8F:52:77:35:8C:F9:C4:FC:A4"}}},"request":{"raw":"GET /@lottiefiles/dotlottie-wc@0.6.0/dist/chunk-F5EFWER6.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://georgia.org-ko.one\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 May 2026 12:31:53 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncf-ray: a02d47642c73568a-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 1294351\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 28 May 2027 12:31:53 GMT\r\nlast-modified: Wed, 13 May 2026 12:59:21 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-digest: sha256=:Y2rkAx89TOwGaTUEKTvNVdXqQqACLledbC0BYgAkBU0=:\r\nfly-request-id: 01KPV1Y1CS5AH9PAS12WMRKQWT-fra\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":672,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (629)","md5":"e404af09dd04bf3f85ef25ff477f2235","sha1":"c01a359668d3860945f3c1ef49b66bd623ab25e0","sha256":"636ae4031f3d4cec06693504293bcd55d5ea42a0022e579d6c2d01620024054d","sha512":"a49dea23ac5ed1b82c7edaa62d0fbed4195bb48aff92378adcda6891c8d581aba45590892137f314a12e4f881daead6ff63d51696b1075c8f7e1041c1d694b00","ssdeep":"","tlshash":"1d019ecc78b8bef287d25859405feb02e6265451d56a405022edaed4d07c8d789a982f","first_seen":"2026-03-05T17:25:09.886647Z","last_seen":"2026-06-06T17:16:15.547888Z","times_seen":8721,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/img/img_4591274bf4be_2l81wj.png","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:53.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/img/img_4591274bf4be_2l81wj.png HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 1638\r\npriority: u=6,i=?0\r\naccept-ranges: bytes\r\nlast-modified: Thu, 09 Apr 2026 13:07:24 GMT\r\netag: \"14d0cacad9f71d9e13b2781ae6e38a7c\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BjTCkM1gAn78mmmCcXL4JuD6YdvBD9rVYOQeJVFDcQ56jUAiZ3WucEz5njLRCfA4QC46%2BzlsaM05YznGlBIbKByJWKc8HF3R9L0WxdGvBZvROvZEFO%2FmYbXko4rO8uwu6aWqm3s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a02d47669fb2723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1638,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"fc7e0f5a19acce7d79467b8847fbeb49","sha1":"40bb81092e628f25608574d9e93183f13566367a","sha256":"955900f2f2bafaf5a992daac4fd0067ccd42395e545fee08e46165cc8873ad4c","sha512":"2a7f8fbeb99fe28e04a76ddf74dd22b2e8fdaefdb81af6f48ac64d777695788fa8d9691bc7e077f679ab48ffcb2b7446c1850e179bda6379e363922a9999c5eb","ssdeep":"","tlshash":"0a31ea8295f286b5d901136416bf8c1f8bf7cad8b83d6cea60aed9bb1d1118c1138466","first_seen":"2026-02-08T23:06:32.602388Z","last_seen":"2026-05-29T00:53:03.326407Z","times_seen":50,"resource_available":false,"data":null}},"time_used":1202,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/discover-card.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:53.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/user-img/discover-card.lottie HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:54 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 05 May 2026 00:21:50 GMT\r\netag: W/\"143d15061f3d07f0bda1b270f7257850\"\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e6FkFhkQDfZnxxFqEx9dheaW8J0UU7IOuTPEdeIP8LWbagB79q0ZxZRd5W7MwTyn%2BZCftmgEQ6Kdf%2BHKWmmINPFDeMb0AfTlqOplMT1Zy3%2BHTGdhbk%2Fb3CFmkW6mBxQ9KhBjpIg%3D\"}]}\r\ncf-ray: a02d47677fe9723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3638,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"a737c47eb9e414d0de0195b5c56a2c6e","sha1":"682755372ff57c42620bb9b7d453c9339df6dc36","sha256":"6cb862862fc8536523b9f6041c8e15ae015d64ce82e062297ec8662017b11819","sha512":"b07d00d705acccca7ac9169a4436c106305b9c720e23715cf630cb26a15680a1562666ab8870a26b8fbcff830dcf20a72686dc6acef0d885c4b1015c0e872d03","ssdeep":"96:sa+YveJC78aX1ddhtn7FTgXTCYKsDmTeyMbXQuOllcPMl3minwE0oB:s/YD1Lbn7FELkNuOllrpNww","tlshash":"feb16d2306a0b725de0279b57c906efda09dadeed6c16707ea42902633231ec675dd48","first_seen":"2026-03-07T22:46:23.628415Z","last_seen":"2026-06-06T17:16:15.544245Z","times_seen":8586,"resource_available":false,"data":null}},"time_used":937,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":937,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/dotlottie-wc@0.6.0/dist/chunk-B6AP7WKV.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:52.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 13 May 2026 17:38:50 GMT","end":"Tue, 11 Aug 2026 18:38:47 GMT"},"fingerprint":{"sha1":"85:3A:E3:4D:41:9A:40:A5:EA:4D:21:21:BC:8B:AF:E9:9B:B2:27:3A","sha256":"41:2C:5C:27:2E:1B:0A:16:BA:4A:09:22:08:86:E9:EC:B5:B9:C4:CF:94:00:3A:8F:52:77:35:8C:F9:C4:FC:A4"}}},"request":{"raw":"GET /@lottiefiles/dotlottie-wc@0.6.0/dist/chunk-B6AP7WKV.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://georgia.org-ko.one\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 May 2026 12:31:53 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncf-ray: a02d47642c77568a-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 575285\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 28 May 2027 12:31:53 GMT\r\nlast-modified: Thu, 21 May 2026 20:43:47 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-digest: sha256=:YWVIsFnw8jtleIKAgidY63fwbvMuh7tcCl8JXFUcje0=:\r\nfly-request-id: 01KJQ8X5ED1557NAS2RRARVX05-fra\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}],"data":{"size":474281,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (21615)","md5":"aea1f7a12b77f053393b67da3d1b2d3f","sha1":"7e8a73d43eb55f2c71d13462612b76ff1ca25868","sha256":"616548b059f0f23b65788280822758eb77f06ef32e87bb5c0a5f095c551c8ded","sha512":"7e54a44f9323341e085f6fb3e9827317a02e6860ade964878538b7a61c2d86ec0ac519fa88b298d01445792e818db67e9f0b704e20240dc1e65d91b7627ec7a8","ssdeep":"1536:LRmQu62qGsOOAPqfsPSQVLOavQuwQh7qsu/2/eC//m1P67tOTcMUPvEsjJwyHiDr:VmQTuifsPbzw","tlshash":"c4a4e5b2738817a6e5480ae94164a20bd4fad42d342525ccebf6b797f43d9a2fc1c374","first_seen":"2026-03-05T17:25:09.904767Z","last_seen":"2026-06-06T17:16:15.556488Z","times_seen":8722,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/visa-card.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:53.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/user-img/visa-card.lottie HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:54 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 05 May 2026 00:21:50 GMT\r\netag: W/\"80142bea315608e5cc389ee8d42c347c\"\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MMve7xGhJfBjQoegyqv15Glx3WvIDH8NWAYT8pehpFxWMnxHffrFKB34iw6yiyuwhr3oPYxFpTKB%2BAnOkHT%2F7J%2BVUQIJyFuGeda1KVsie0Z2lz8HxTWGqO3j4IgUbYaK547grJU%3D\"}]}\r\ncf-ray: a02d47675fdc723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2052,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"65e5ef6e1e662df2dfb177d738a34736","sha1":"52300d2f11f13d5ec7694b78951ef029eed486af","sha256":"ed2f990ced5ea2b6e51167148a75ec39a9c3e98e2e16259f31cbf3806d4403a7","sha512":"ee36269a8aecb4af648fbc8c5993f2489e0e0134080c6cb3afa2f365c6227ce8eccc3d21a07f6627bf38cb4e05c31cbd52afd8bccbe9a8bf497e364d9af60c8f","ssdeep":"","tlshash":"c4515a181450b319e8b1a3ff38ca1d03f68fce46d5428d02d010d2f132ad70a8eeec95","first_seen":"2026-03-07T22:46:23.592793Z","last_seen":"2026-06-06T17:16:15.553102Z","times_seen":8609,"resource_available":false,"data":null}},"time_used":986,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":986,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/maesteo-card.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:53.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/user-img/maesteo-card.lottie HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:54 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 05 May 2026 00:21:50 GMT\r\netag: W/\"3ce76fca14aab23555370ce949f7129c\"\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B%2B8K5BKa2Ml8Y9vAQ0svG01DiUML0dagq%2FWTG%2FBWKMe%2FxtnxosKFNzh8RYMt4fqukaT2zmgO86pqBIJZ1MUD3NT64lXk8EcR%2BewHvkfLclcbqSZZu9EvcM5w94I8RYcJaE63vAk%3D\"}]}\r\ncf-ray: a02d47676fe3723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1558,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"data","md5":"0321fb9bd8d28f6be9155b77acf17796","sha1":"1302e19d1355d631045ce5baab59725c75ee7a3a","sha256":"042935812e0fb44617d7cbb2f32bd6693c6a33377630554ed79e1fad7d877d9c","sha512":"58a3e38ccdf76ab61b0348bcca5a7b9c181ffeaa5067b951ff917c3b0cf9c59f48742fd524df3c0c994b4a2803ee17b6c4f4737061e8ddb2c954adba1a85b5ae","ssdeep":"","tlshash":"c74109169be18f69e1d2273844e34c8358791351e0d6ec56dc45a414a936774ee8d234","first_seen":"2026-03-07T22:46:23.635014Z","last_seen":"2026-06-06T17:16:15.533615Z","times_seen":8609,"resource_available":false,"data":null}},"time_used":1068,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1068,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/js/ws-worker.js","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:54.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/js/ws-worker.js HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:55 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gledudr6HOGxE8cAMj1bRPQ6BBTQw1A1NIKc79eYQ%2BCvOIIQ9OaF5Pof1u%2B1E4HIqN4IdmYLtR0fVQHwsVeDnESfhGO3%2B6G0DsmjlSnC6HnpWDdChjwassMzHvARVLUCPvA2ee4%3D\"}]}\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\nlast-modified: Tue, 05 May 2026 00:21:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"4c7b07cba5e23b6bc37f81be1b3d9b19\"\r\ncf-ray: a02d476da95d723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18325,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (18325), with no line terminators","md5":"a4b1d45c0ae50cc78fb95cd14ac5d729","sha1":"251f1ae04547d5e7963964a06dd662db269aecc8","sha256":"acb27669bdfa7c5e1fcfdc72c8e5ebf26ee6dd44ae754cd46477d291f237b6e8","sha512":"0eec215862b6249859c2ab7e9bddcaa37a400760c61de3a3b5166bb972b66c19d97a15b6ef9fdffd8c18a5b01519c2c120c632a02474bc19643bca4670019f3f","ssdeep":"384:oysQgbkJv8BnxLvM5N44G/5KDosMQ5sylkefA55bN2GJMT5R7zV2aIwRVR6e+ZJ2:oysQgbkB8BnxLvM5N44AKDosMQ5sylkQ","tlshash":"e782a8547fc035a037476fbbb13b70e0e92b0d8a3d49065fc618bc58ba6135ad5e2a39","first_seen":"2026-05-05T10:48:14.896087Z","last_seen":"2026-06-05T23:00:45.622791Z","times_seen":3187,"resource_available":false,"data":null}},"time_used":1109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":994,"receive":115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"georgia.org-ko.one/dds/_frame/webSocket/QT/JWRCVV-1779971512779-zwuengjr3om-c7yz86r3wug/khkjsahfjkwhakjlsdwdddddd88","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:32:00.061Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/webSocket/QT/JWRCVV-1779971512779-zwuengjr3om-c7yz86r3wug/khkjsahfjkwhakjlsdwdddddd88 HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://georgia.org-ko.one\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: nYDYrfkfGcQ5bKwY/e1Bpw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 28 May 2026 12:32:01 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: WWW-Authenticate, WWW-Authenticate-username, WWW-Authenticate-userid\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=2y3eH6T6DyI%2Fx0pTjAxQyR08r7dFZqupbO0p2yVes82UmSEPySsoECLLprIoh7wNXN1FpKRunr26jOlJz7sAL%2BdNYYT%2BXK7SBVzXKn9eqpO5zPt%2FRg7mKA2NTDX04hvgraj3nuA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a02d47908a660b3d-OSL\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=601\u0026min_rtt=505\u0026rtt_var=309\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2340\u0026recv_bytes=1260\u0026delivery_rate=3151251\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=f59632774c295bb6\u0026ts=1637\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T17:09:45.179918Z","times_seen":16184828,"resource_available":true,"data":null}},"time_used":1645,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":1621,"receive":2,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/jcb-card.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:53.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/user-img/jcb-card.lottie HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:58 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 05 May 2026 00:21:51 GMT\r\netag: W/\"aba8d44326c3ca3820896d108d28c55d\"\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ks2wrCJpmNPJM9U5JLhXK8QryoyCYxCvYMAVkGYdCurdaCUMBm%2BgPJ34r7N03F2G4S%2B6AdflQC4cUZ5wvuJIwHD5JEhYFm5w2lR8SvUdBvZJ0%2FPbhmOq9zSHbgPVDo3QmZ4OGzk%3D\"}]}\r\ncf-ray: a02d47677fe4723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2379,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"79a5f1fda4790f8900e278fa7c7d907a","sha1":"34624cbd1976f030b11e49811d02da1121593a4d","sha256":"2889851f4d97b538b546aa51a676dc2100c8fa5710187de45e2875bfbc21ee57","sha512":"34730569aa90502c0ad9238e3fa524af812407639f9c4167a635db169f7b49ceed8d0d499538f1501d21328921a4a2ac6901fa52b44ebaf58325884f976ad0d8","ssdeep":"","tlshash":"6c616b0a4ba4c324c0d5b076ea600673648904e636cbb8d9f539b48c5406ebfb5df2d2","first_seen":"2026-03-07T22:46:23.621023Z","last_seen":"2026-06-06T17:16:15.554784Z","times_seen":8615,"resource_available":false,"data":null}},"time_used":5220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/a_index.html","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-28T12:31:47.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/a_index.html HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 May 2026 12:31:49 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: no-cache, no-store, must-revalidate\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=naP1MRS7ItA76xlAYOwmoYLbPvxkUPt4MGCBzdou6C5WaXnkppF1sdSIR3tU269Targ8fl64kRz8jX%2FzJv2uV3jN4Wf%2FEp3f8tXTaJxsroDkQiUsRIdyOdTlCuWrCM%2Bg8qVqX7A%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: a02d473faa2bb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Drupal:10","description":"Drupal is a free and open-source web content management framework.","website":"https://www.drupal.org/","common_platform_enumeration":"cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*","icon":"Drupal.svg","categories":["CMS"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":92370,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65489), with no line terminators","md5":"e4ef4e21dd0f7a8cdad678bcc4095c22","sha1":"1fdd4ad28726cffa126e632cee3613066b8192de","sha256":"eb7d80ecc4c32c7d73094b211ea69fbdb6f24dd071c149e37edb0947eb1bd864","sha512":"80e5d89d62a6489aa5bd167d8ef4c3eb749fe34fe3c42503c0eb78509988c3974f3ef6569c2019d58059eaebc40a4a82216fa99b4a80ceac17b065be81aa3dec","ssdeep":"1536:ouHbc2UTtScI3bjiV+EAiHgJsNp+Iozji/beL39YiUiVJPVmCsUYuVkv63S7G21+:ogc2KK3DTWb6zHAK3Pa1K1jLc2wVy","tlshash":"fc9353f61d148a3d01134e8ad6ebd318d389887db9694c8bcaff5b76418bd90f4a3c64","first_seen":"2026-02-08T23:06:32.581978Z","last_seen":"2026-05-29T00:53:03.353382Z","times_seen":81,"resource_available":true,"data":null}},"time_used":2271,"timings":{"blocked":36,"dns":16,"connect":2,"send":0,"wait":2198,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/js/common.js","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:49.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/js/common.js HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:50 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IDRlfymCPLQGFTh0bAd8GCv7s%2B0u2M4bi%2FFaQiA6GddvqjPmt6CX6yE2r3KpgLu53t0h%2FOp9ZYX8vmKuKD6EjrjKBZM35qwSUdk8tLkG8%2Fyn89XQH8vcvdFIKg6ZuOa4hQXU7KY%3D\"}]}\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nlast-modified: Thu, 09 Apr 2026 13:07:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"03c0143b232679f257415fd44440e998\"\r\ncf-ray: a02d474e59ec723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":997,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text","md5":"67213e6a3389b07f0863a0d85ff11f66","sha1":"12ffc8146af0e98773ccdde9f3ec3242be9e0aa9","sha256":"ab72e374172cc19a36893951e9084cf413b57a91ad291874a5af1f39f691e992","sha512":"f29bbc7d3e8c2bb09a420eb2eb9fe12e4634dac5497bbe08630a6e68c657149ec5eae26100b7ef3534498b30e94a8e564f46272b5e1fef4c1f7dc37d5ba0979e","ssdeep":"","tlshash":"0711084469e34610819290bd39962412f2364457b93c7f2576be91457f8ca2d13f2bde","first_seen":"2026-02-08T23:06:32.587229Z","last_seen":"2026-05-29T00:53:03.32576Z","times_seen":81,"resource_available":true,"data":null}},"time_used":851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":851,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:52.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 03 May 2026 16:36:00 GMT","end":"Sat, 01 Aug 2026 16:35:59 GMT"},"fingerprint":{"sha1":"06:75:C4:FB:38:6E:E1:2E:FA:EB:1F:53:64:D4:A8:68:81:AA:9A:4A","sha256":"74:4A:07:24:C9:DA:4C:BA:4E:1D:C1:1D:2D:9D:6B:AD:65:55:3E:08:89:78:B2:E0:36:DF:14:3D:B1:7E:BD:21"}}},"request":{"raw":"GET /json HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://georgia.org-ko.one\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\ncontent-type: application/json\r\ncontent-encoding: gzip\r\ndate: Thu, 28 May 2026 12:31:53 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":280,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"adf22d9a8ca3a97a9ff78909b8702358","sha1":"f5046826566a7e98d6b5e5c7b0a65677c3bde708","sha256":"756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3","sha512":"182391c8c01e54481853a09aa4cf8072496850e45863b198721d0d572e3aa93d8fe11a90bfb24cf97fa64cc132f1594c379474db65db5a1d2207694f770443b9","ssdeep":"","tlshash":"c3d02b6621341b37aeed455c8406960622656e1f1642369f0fe72b0c100c87334f03ae","first_seen":"2023-04-17T17:28:07Z","last_seen":"2026-06-06T17:26:23.031306Z","times_seen":58737,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":63,"dns":1,"connect":26,"send":0,"wait":154,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/api/open/getSyncSettings","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:53.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"POST /dds/_frame/api/open/getSyncSettings HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/octet-stream\r\nContent-Length: 50\r\nOrigin: https://georgia.org-ko.one\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:54 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 14119\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: WWW-Authenticate, WWW-Authenticate-username, WWW-Authenticate-userid\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5xqjbHIDSjB%2FGJWxRhav3am7cnf6QMf0nXz%2B9pNY1HEzfmP89DgiDy3orNlmDJBgkLn3%2BiBapnQbk40ElDybLoOqPXm8lKedZlRAx6ceK%2Bd7TQsD45pduB97bHXMqnkL14wN1ts%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a02d4764ef76723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14119,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"9820bfe05a569fc61ccd7c2bbd231419","sha1":"76ff90fa0d71110d7eb02d33eb79a57194fab8a0","sha256":"fec057b1811081d8dacb8b57c386faa14e4810bc14fd74e1730941b667880cbb","sha512":"da186d829cd34590ac0866b1e9a033a097dd90e1b3f4759fde764daca8a0d2b2222918d1da76c721824eb68de1235b43ba2cc8aae8525fa25b157682b4dc165b","ssdeep":"384:A05M5GJIio7G7iVO8xs38VvUQoIX6jIzdMkvqik:h56Tp7GOVO7+3+iGPik","tlshash":"df52cf1c4bfdc92d2c54704d944ba83996d0c03f17497271f85b674af2a81e2a63272d","first_seen":"2026-05-28T12:32:15.348047Z","last_seen":"2026-05-28T12:32:15.348047Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1376,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1375,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/amex-card.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:53.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/user-img/amex-card.lottie HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:54 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 05 May 2026 00:21:51 GMT\r\netag: W/\"e8ae6611b3b32bed0bff1e9023d30cc3\"\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X32tOCwk2jpataZK70xtXlLtF%2FYluJQKVXczeetqGqllJJDAiIyQ5otH3UHFzirWsdyjCRP3P2JUi6MPgV4SWOScqtUajJ6KM02Lp3NjV%2BhgXpOT%2Be0zA5DEu310P2cBXcSb9zE%3D\"}]}\r\ncf-ray: a02d47675fde723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2166,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"5e09aa53ccdb2de94e4093d3c52b466c","sha1":"b3d7cfc8788bc9a17a509bfbe34a097de7355554","sha256":"d77fe435701de13d2dac9cfc1f66ed1469a862e0c55a89a45db432652ba059ae","sha512":"bdf88bc17c1389d4650d572f01c01d4c1ab01b868a774863f3b56b535fb6acc9554ff4b586b74e145b6c875531b22438a35bb32e50816ff0c20410d10f96921b","ssdeep":"","tlshash":"0e5119984516d7f2c6a6a2b4e6b78a822d7c220096c2ac91f90dc755ab69d9d248f0c0","first_seen":"2026-03-07T22:46:23.63844Z","last_seen":"2026-06-06T17:16:15.55394Z","times_seen":8602,"resource_available":false,"data":null}},"time_used":949,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":949,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"georgia.org-ko.one/dds/_frame/webSocket/QT/JWRCVV-1779971512779-zwuengjr3om-c7yz86r3wug/khkjsahfjkwhakjlsdwdddddd88","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:58.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/webSocket/QT/JWRCVV-1779971512779-zwuengjr3om-c7yz86r3wug/khkjsahfjkwhakjlsdwdddddd88 HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://georgia.org-ko.one\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: +UFXaDLdGY/gcAjTMylgjg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 28 May 2026 12:31:59 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: WWW-Authenticate, WWW-Authenticate-username, WWW-Authenticate-userid\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=m5btaXpo9MJdfVkIW2eU3Xs3zlqs9z6MRob5fjcn8k7%2FRxoEOKRvVe%2Bzec9C6EpW4F%2FL1iGPP0W6xSqp49t7sRzQo02Mgb5gvx3FinKp656vNl2L38s20ZYcabxpW1K81rREKZI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a02d4784695bb1b8-OSL\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=516\u0026min_rtt=491\u0026rtt_var=183\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2340\u0026recv_bytes=1260\u0026delivery_rate=4778877\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=1702c5c7a9f094f1\u0026ts=1415\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T17:09:45.179918Z","times_seen":16184828,"resource_available":true,"data":null}},"time_used":1421,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":1405,"receive":1,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/js/main.js","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:49.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/js/main.js HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:50 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tCM28W6LwnMEfIcgnhBtXDpHWQSBWEV0kqhMP98dSNF5BoZI3AQ%2Fu0ZcPlSMx6Asb7vDZ20r1Qhsz7HVyPOMbB3TF%2Br%2FaBhBYHKf7bEfaigN3E4QUCIb5DzmWIkocwG7cbM4SSs%3D\"}]}\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nlast-modified: Wed, 06 May 2026 01:18:34 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"027c81f918e84c980cee0c16308374c0\"\r\ncf-ray: a02d474e59f0723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":185481,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65218), with no line terminators","md5":"5cf5cebedf8ec64d3161e568dc6a6bf6","sha1":"5c9dbbb4e83c72ca1adaf1294c47f2657bc01295","sha256":"6922b69f12163337cbd0ed8be71babe7a717c488e5db389f09618d8efd23a9c2","sha512":"2756056c50398b2d70e66f3f87a2cb333cb95a31b9d5ddad0ca92c4bebe7eeee6fc12113a2da9dccc751d0ed12a460989d2725821dde4d3eec8e80ab1e49bf52","ssdeep":"3072:N5i2qY4caSkTc4m8RB59oI5bkZj30lDGzDK1My5vU1izImNlTEmG2bwqm5RvWIyW:K2qY4caSkTc78RB59oI5bkZj30lDGzD1","tlshash":"e804a60125cc540223064efb765e76e5da293f9fb8090d9ad668bc34b9d6123fee9334","first_seen":"2026-05-06T14:21:54.430556Z","last_seen":"2026-06-05T01:47:59.127483Z","times_seen":2071,"resource_available":true,"data":null}},"time_used":1174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":846,"receive":328,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/img/img_2b9387ade84b_1c5iac.svg","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:50.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/img/img_2b9387ade84b_1c5iac.svg HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://georgia.org-ko.one/dds/_frame/static/css/dkmlpsbe5766.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:51 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 09 Apr 2026 13:07:24 GMT\r\netag: W/\"287defa879b05ba4090291400d27b83f\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=38y4nvWSgcfNZsbHSP2lIFi2qbE2ZlxjCBkTcu%2BYviJpq3agoAA5%2FU%2Bg8o1M7dN2SaamaAkPR%2FDjo5BuKbVyKFVnf0PNQbrPRpIFxQuZ%2B83wcwnv2FH15mqIBfvGwy%2FJEuYmtsM%3D\"}]}\r\ncf-ray: a02d47549b90723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":344,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"57a8088f4ada1ff4746e612e093485c1","sha1":"aa13489d7b48dd14382408ed0c9e476da8565151","sha256":"0523b41191660f11968b2d29eb23a5184af9b2eda14355d4a67ff83275376c59","sha512":"55fac9becfc5e0bf23cd43937907598380e9aaaa67458e3cd815982de4aa0b1f87c7b11ebb248af6caaf39b88a8699c13f2f9fa593c4e306d87ff20df7c71d3d","ssdeep":"","tlshash":"1fe020f9640de014900c8a725d5e555b306fb0ee51cc545df3c15d06b848cd789187c4","first_seen":"2025-06-27T18:19:38.333639Z","last_seen":"2026-05-29T00:53:03.31883Z","times_seen":83,"resource_available":false,"data":null}},"time_used":847,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":847,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"georgia.org-ko.one/dds/_frame/webSocket/QT/JWRCVV-1779971512779-zwuengjr3om-c7yz86r3wug/khkjsahfjkwhakjlsdwdddddd88","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:55.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/webSocket/QT/JWRCVV-1779971512779-zwuengjr3om-c7yz86r3wug/khkjsahfjkwhakjlsdwdddddd88 HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://georgia.org-ko.one\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: z4vQ/ewGTI94bp5XyXKi5g==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 28 May 2026 12:31:57 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: WWW-Authenticate, WWW-Authenticate-username, WWW-Authenticate-userid\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=V%2Bj5RWhL%2FQnLkkNt0a9yAtsPdg0tZL%2F%2B%2B7KZPW%2FgwQZXYLe7phXM5uEhIYRNtTX9MINcUz%2BOIKJRw2pyyv8XgvcK05%2BZzp9%2BwVGdy8mun6YYL9GQ4p5D4psbdadMR5E4rQ6%2FyXU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a02d4774fc6d56bb-OSL\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=521\u0026min_rtt=497\u0026rtt_var=185\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2340\u0026recv_bytes=1260\u0026delivery_rate=4503888\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=e31fde02576e5b36\u0026ts=1966\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T17:09:45.179918Z","times_seen":16184828,"resource_available":true,"data":null}},"time_used":2002,"timings":{"blocked":0,"dns":16,"connect":16,"send":0,"wait":1953,"receive":1,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/css/dkmlpsbe5766.css","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:49.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/css/dkmlpsbe5766.css HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://georgia.org-ko.one/dds/_frame/a_index.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:50 GMT\r\ncontent-type: text/css; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 09 Apr 2026 13:07:24 GMT\r\netag: W/\"890996537c20f4510184beee593a5f41\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iO5wF9F6K%2FEFcylVTuvLnqdTPfX%2FG2AjKjcZ8Z1See9oHXhjpMIQ07fe4%2BivNPpRg6Ehj6KnFlyaHqvbKOG5gmaKl7JoqPmUXvuk5Ty8KeXDoE%2BwOtsMJf2%2BtTKIwBTeO6ZnAK0%3D\"}]}\r\ncf-ray: a02d474e49ea723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":195002,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (13819), with CRLF line terminators","md5":"1e56a1eb1bf62097486d564590b3b0b8","sha1":"92f8d1c2fc57f6d976327881f16af3154354e703","sha256":"1b9d8ab0021af1c234589fe0e18f5358aa1e7642d5df8f9fc2bd561c824b5e50","sha512":"6590a640b16728cbed3147662296b9adbb7ade313a3fa7e965a40430b2e56588a0d1c887935096c0a6c2c0c7011635aa541a76acd0dea92451139c9a11bd3cdc","ssdeep":"3072:ilThLlTholThOlThllThtlThFlThclTh8lThglThplTh7lThqlThJlThvlThAlTq:ilThLlTholThOlThllThtlThFlThclT+","tlshash":"f414c915f414122d4223943df3a7ff98693cb0719d441abcfaa7525e83e7aa26bc7c09","first_seen":"2026-02-08T23:06:32.583031Z","last_seen":"2026-05-29T00:53:03.332412Z","times_seen":81,"resource_available":false,"data":null}},"time_used":958,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":849,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/js/axios.js","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:49.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/js/axios.js HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:52 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EsMtn7Q2GSA7pv7r0sBviuZB06Sz5HYuQJe3wtNwlaQpVkafLnAQFboPQ7qf%2FjKKx3XROPPg3sOQ%2BMb%2Br5EzB1lGBTtdaRmFw6gbBSzs%2BM0E0XOMAHVsQ0qbiKEyW7zznDV%2B17w%3D\"}]}\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nlast-modified: Tue, 05 May 2026 00:21:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"71dde40d8ba45ce99df015e131e46e85\"\r\ncf-ray: a02d474e59ee723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42736,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"1eb8e8e2284670dc214a3e70c25992b8","sha1":"94ece417aa560aa8de906e8f54c0985da90364cc","sha256":"96b65382c74cd6255d4628044c5394f2ef3f0662d7d72b10f1bceb50b6ee5455","sha512":"ae6cce74fa46a0ee1b00245f7da885ace7bd608d96152f3b4d9b2c1e66d53cbf5c1f298d1eb60cdf4a17a14296edc2fec63c22a7cf968025911ebe9272f7d49e","ssdeep":"768:iE/e1fRWqcYe4Q2q3jetDArR2d1mP2EduTgeIQN/s:VGoqcY22q3GASme1k","tlshash":"0a1385c6fbd57803b51630a98e8f754a76b4d05374046ca5bc4cb9e83fd883c86e6a89","first_seen":"2023-03-08T19:53:18Z","last_seen":"2026-06-06T17:16:15.523524Z","times_seen":25324,"resource_available":true,"data":null}},"time_used":3185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2974,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/img/img_7975c58b6190_imrs53.svg","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:50.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/img/img_7975c58b6190_imrs53.svg HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://georgia.org-ko.one/dds/_frame/static/css/dkmlpsbe5766.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:51 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 09 Apr 2026 13:07:24 GMT\r\netag: W/\"58ef12779272c6520c1e5e639735a5ce\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gz6zkk3mkEw63u1SQxO8qS%2FKtHVn9Ed0u7NfwNxu3foND8VQ95QZuFCPDAY4ctCfKBFEaFp8CJnlxd4b1EaJEpgrXQ41QwdaWQ%2Fs%2FbzznKRYnYjYrj%2FCcrL7drqvg1J6fEdA45c%3D\"}]}\r\ncf-ray: a02d47549b8e723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":409,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e35bbd52fcf0fa05d47ac55d82d8c0b9","sha1":"d1dd4587052c79c87e828bf7857eb24b7686165f","sha256":"c540b9bad782ba4e6d127db57d0c23d4a6d8e060b1cb55e916cf981b600dacde","sha512":"d48bfe04ab319c9bfbca5a96b880c04288b05eeef2326addfb404a25ff27f707a1e6fd6781f2df918c384aa1d516d9f356b37cdc8a40980d17ac2b187bf700a0","ssdeep":"","tlshash":"bee02bf55289654c4b118db0c96862d4e33e863d2e64b0ccb144df345413b944d4cd09","first_seen":"2025-06-27T18:19:38.330184Z","last_seen":"2026-05-29T00:53:03.358001Z","times_seen":87,"resource_available":false,"data":null}},"time_used":951,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":951,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/img/img_294c2a2cd2ef_ehpr3e.jpg","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:50.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/img/img_294c2a2cd2ef_ehpr3e.jpg HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://georgia.org-ko.one/dds/_frame/static/css/dkmlpsbe5766.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 309768\r\npriority: u=4,i=?0\r\naccept-ranges: bytes\r\nlast-modified: Thu, 09 Apr 2026 13:07:24 GMT\r\netag: \"93dcf6471b4d0a32c8618b4d9cfdc70d\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PPdsXZXH16FclOvO8BjPkgDHA7SYeNYZ7SzrCje6NFU6HdzT20lc6vcIukDnNUb5%2BI1Jyf7bBE2a2rVjzQNPsDD2SmIPAS0PIDKQ8rf4teciyNBIKg6Up1BJ8zwANIM00hwLQUU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a02d4754bb93723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":309768,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Copyright (c) 2017 f11photo/Shutterstock.  No use without permission.], baseline, precision 8, 1848x1488, components 3","md5":"5510325b32640fe5e8660f99a76ad727","sha1":"3c56b82cff7426847546c7dd454834b1e5827e52","sha256":"9d4e9782cacce13a6b44c9700024c1eed04800c6d798774e0e6375ac3759936b","sha512":"b1404d2d7af019be9d7789a66eedb941b64e7f6f2f25518c4fa100b97b74ca5e55d8fbe2a270adb760fa58d5f31289ec145a2fbf61f3e7e1e3922c91e98bc0f8","ssdeep":"6144:vF19iGMXDGW540ijpCTV6b1cb2XJj+i0/kBbFsG+Jk:vFfiGM6W5ZiQT0b1cbsf3bFsG+O","tlshash":"d9642309094becdb7d7296467c9a7c4cd0a79bb831a4db71f8236db4eca645d8023c4e","first_seen":"2025-06-27T18:19:38.314803Z","last_seen":"2026-05-29T00:53:03.359746Z","times_seen":83,"resource_available":false,"data":null}},"time_used":2972,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1955,"receive":1017,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/img/img_27c18b00c300_nz52rk.jpg","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:50.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/img/img_27c18b00c300_nz52rk.jpg HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 549963\r\npriority: u=4,i=?0\r\naccept-ranges: bytes\r\nlast-modified: Thu, 09 Apr 2026 13:07:24 GMT\r\netag: \"ff3c732d71d6c9da9934b4e0aff4c039\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bpsM6dwkiZFAq1I%2BOlKYhOf4QeQUiKJobfm1aru3Ec79WevYu0YfjLw5M1WnjnOgnbxNuVK7JhaU2QwNqkSQkE1KXczS91wL7G4HmScHZhSfVP63HjKrBCT5cyK54R4%2FkcUSiSI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a02d4754ab92723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":549963,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2400x1465, components 3","md5":"727036bc6d70cde867ee0f5239fa45ca","sha1":"d94c66eda3fc855861915d66e0dcbe11188c5dc2","sha256":"b6391353acecec5254b23afcffcd919d46107c0447b4d9a32b4a5d84760a015c","sha512":"f924e25980305843235aba9bd2063c2df75633bfe3d15b95bbf0142fe21607ef9fff3d99bbddd5e83fe8cd703f6e3598c45d96f2b6a027c325ec04a870c70a95","ssdeep":"12288:y0jIsiOX+A1Hub2Hh8yTLFRLbJuQOjmCzzd3UYOm+PZcIxb7i:XIzOX9hpLz/gQOaCFUm+hc+O","tlshash":"7ec423765e525242dce860fe58a516607a368666c8c1a0abff33cd7f2317e3c1f1648b","first_seen":"2026-02-08T23:06:32.593216Z","last_seen":"2026-05-29T00:53:03.312541Z","times_seen":81,"resource_available":false,"data":null}},"time_used":1212,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":842,"receive":370,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/font/img_cd85b73cb21e_fr100p.woff2","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:50.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/font/img_cd85b73cb21e_fr100p.woff2 HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://georgia.org-ko.one/dds/_frame/static/css/dkmlpsbe5766.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:51 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 68268\r\npriority: u=4,i=?0\r\naccept-ranges: bytes\r\nlast-modified: Thu, 09 Apr 2026 13:07:24 GMT\r\netag: \"5eb1822a905b164d0161bfda92cf40cb\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YhsMyDXqMxGMbXsafeHNjviKik6Bx74G5gHHa%2FapkFdc72GixwokrW7v202uIZa%2Bk7LRnlDh%2B4H7wvLvSQyizw9j6Dw2cnDQmqUGpqBWzXd08qX67LPw7%2F2KfKyVnCXwkfxH8dI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a02d4754cb96723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68268,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 68268, version 1.66","md5":"a588b6c6cd73da210cd852db686aec1c","sha1":"87cad6880220e7fda4c249a3059bd918a3030626","sha256":"ba4dede1060ef8d2ad69231ffe135ae4a60cbfade5dcc79b489a80ece8b97796","sha512":"eb99f0dfa100e105e4ab72a9afbc76bf698cc1ab4cf88bee7b42afe546bbd17ef50d30464652404e8edd79d29f54206478d3ccded1733c40e5a40fab1e82c7f8","ssdeep":"1536:lqRasOrFZMt8ciLiSPbRKioTiyx2Zx7jC4zhwFn:g4sOfS8cTSPbpVrl1w9","tlshash":"e663026ff03e91389a78ae4dd077a33c9ad902925e1da9044d016dd97909a7fd3738cc","first_seen":"2025-06-27T18:19:38.327625Z","last_seen":"2026-05-29T00:53:03.367476Z","times_seen":87,"resource_available":false,"data":null}},"time_used":1041,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":824,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/api/open/addClick","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:54.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"POST /dds/_frame/api/open/addClick HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/octet-stream\r\nContent-Length: 264\r\nOrigin: https://georgia.org-ko.one\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:58 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 119\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: WWW-Authenticate, WWW-Authenticate-username, WWW-Authenticate-userid\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7XcXDYEHKaan1YFbksn8XKPWna13vgxpf%2BoXAD9rLDFMtbSOGrHzMtwUetE6gZ659l7tdKvC27wajSRvA9M5HcUeTNABFm0Ly1nU0%2BlyRSE%2B1MFfrxEUhlCBZ%2FadPBnGGxfrxps%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a02d476da95e723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"9f78eea777aa51d2aaf7518b808c2535","sha1":"a87518ecf5c7b6c7f88f63f1d58d4455cac98a37","sha256":"b848078ebe12820d2fffb16ae30d901c5cb0426fd512d0c279c485870b864cc5","sha512":"817ed06bf97df4b1c8fef7e64e33a9e43217f5faac663715540a7d93c0ca4a08c6b947ec9636a59073310edc96a55b10d4c7ff40a211ab70a359899fdee68d7e","ssdeep":"","tlshash":"b5b02b05c0068b10fb690045ac31383609409e843c5d008ad070172b004e811dc94403","first_seen":"2026-05-28T12:32:15.35833Z","last_seen":"2026-05-28T12:32:15.35833Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/js/xxxtpgbu7585.js","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:49.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/js/xxxtpgbu7585.js HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:50 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pR5%2BpUAUN6YAc%2F0uQHFa05BOHZTRZVa%2BKVEPXfhmIdQp0FqKbWfTZSqvVTNsO%2B%2BQXD0Z%2F8zBiI8YszqqxoVr0u8hhLjXufHUU5Axlp5m1m%2FEadnf12u7Fenp5YCzzP6oEBLN500%3D\"}]}\r\ncf-ray: a02d474e59eb723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"689525ee6c812e73a44b6aa1036ab53a","sha1":"7350cb4703a96ea7c140bd30da9a6d1bcff36eb2","sha256":"37ec4665a8102d115ffd1ac20dae94c98b4dac64b0c1a68228aa2a531caeb35d","sha512":"da6deff19f0b2bf5e0ef17b3cae34a0d44c5d48fbf9f3ffedd00cea74f923e1a3e9c4c926a6564c889cca21041550f557e1ec00db9e35502ffc794a5f9e9722e","ssdeep":"","tlshash":"5770000820028acc0000e0e0208c202000003b002020802a0000c020820028e20ac008","first_seen":"2023-04-08T18:32:13Z","last_seen":"2026-06-06T16:30:40.340058Z","times_seen":10626,"resource_available":true,"data":null}},"time_used":813,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":813,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/js/vue.js","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:49.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/js/vue.js HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:50 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VIdbK07oC3NWtb1xsk0mfmyL6TVJyyCajPeXd4zZ%2FULqul%2F1pv8TRE0kNKsg7%2FgnPgLPnnpzutKEKl3YHo7WVvSLHHhcXNKFbSi0aFfqJeO7b33zmYNmqXZApS6gIt1vSPOmbc8%3D\"}]}\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nlast-modified: Tue, 05 May 2026 00:21:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"21d149b67435bd144d4f85b12280d12d\"\r\ncf-ray: a02d474e59ed723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93674,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65445)","md5":"d510c12b589a26e2c72f65a1e726a347","sha1":"61131c8e8cc4151fdc2d89e21f95ee27a76710c1","sha256":"d535a5f003b5350e4753025226c81f30cf883edb0ddc01901a31e49f0a9740b5","sha512":"a31326ea137759a06e3c7d26f26ca4adfe31bcc7b96cf24710bf6ef0cc1ae778b883f2f838145e8c615dcaeff42fc8118bec25d83eff4077ed24e67a20ddb945","ssdeep":"1536:DUXY7qLtpHt2P0e1mZ8I6H82RaLPMBlo5VV2B/S/r:SYeJpN28efKMBlmV00/r","tlshash":"c29308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","first_seen":"2025-12-05T15:25:52.043787Z","last_seen":"2026-06-06T17:16:15.551972Z","times_seen":21928,"resource_available":true,"data":null}},"time_used":1052,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":828,"receive":224,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/font/img_174b494bf5bb_pkpfsy.woff2","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:50.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/font/img_174b494bf5bb_pkpfsy.woff2 HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://georgia.org-ko.one/dds/_frame/static/css/dkmlpsbe5766.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:51 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 122820\r\npriority: u=4,i=?0\r\naccept-ranges: bytes\r\nlast-modified: Thu, 09 Apr 2026 13:07:24 GMT\r\netag: \"b201a2b2a1327d5b484b424b736937b4\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qE1GpjZmP3unfYl1v%2FogotTAfdd4X19LFOQ5MFBNEnzPIn%2Fc4n8uhwdy8WxACEh66dKDyeAnPgqeHSq6FLuaIFWJuVdupM6QSmxtC6F%2BueMSpyQlBy1AVxEwlkKru5gthKgFm60%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a02d47549b8c723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":122820,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 122820, version 8.0","md5":"5b4370ea9799a250feb4ad2733a0640c","sha1":"04a91cf17814b49a4acd307727a34ac05c08315b","sha256":"30340b72c6991d891792731fb1dd492ff6a2c530adee3b22d13c5fbc522601e8","sha512":"48076a97d96a3cef07090e1c9c920a6a9ec129f24684268e22976632e0902149d3a9f60b48d863c94f13a3178e08ea0ddefe79f6239641f6c061658dac5fe92f","ssdeep":"3072:3GQ2nX+Hn11TMbkhRVNGGsOQEv+ZV+Cfo+MmzhvN+ddk:2QrbTMAyGlQK+39NB6k","tlshash":"49c3124bea7af418f01b23b984f4abb269dbcd44d6e1da2a530f06c51f9fd34121b119","first_seen":"2023-04-20T09:59:46Z","last_seen":"2026-06-03T20:38:28.206632Z","times_seen":363,"resource_available":false,"data":null}},"time_used":1195,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":859,"receive":336,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/master-card.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:53.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/user-img/master-card.lottie HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:58 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 05 May 2026 00:21:50 GMT\r\netag: W/\"976282e8217350df0f06d540ec756257\"\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rWqSj8dcymEZQCpGj80Y9%2FJYgxfr0ux%2BOJEIT2lTcYgw1LFz31g2FWGjkL%2FH7kRhrtnKghrvc8Pr5TirkA4DDZYxC7A7zsTrJtW%2F9B89hGQdCL3mMSG0MJVfKyg4EGfK1gQpUNI%3D\"}]}\r\ncf-ray: a02d47675fdd723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1551,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"data","md5":"d33ae09835512c6dda3a7e1410958d7c","sha1":"8991716009f54f23ef048250d6ca523bbfa8f56c","sha256":"ce6bc7ce48c390f25d28e6c2c490afd824ae644054b6f5e11c12db8ec1cc581d","sha512":"47b65e36a445cf66ee3ef42470caf83b275b35d3e024d00d043530ff9e0d6e0819ea293aa4539cd190fb8cfffde8c686e32d9ba7529590bfd3305b6e93215710","ssdeep":"","tlshash":"f5412bd34418138afc89953c7cff2a52ba2b8d2c039790ded546a550266d97c16ad1e4","first_seen":"2026-03-07T22:46:23.62688Z","last_seen":"2026-06-06T17:16:15.549033Z","times_seen":8606,"resource_available":false,"data":null}},"time_used":5236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/diners-club.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:54.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/user-img/diners-club.lottie HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:55 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 05 May 2026 00:21:51 GMT\r\netag: W/\"fc66052d25a8f8f77bd3232ddd28fbbb\"\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V4WbfBRtrYH%2BpCmL30ZldAj4DZhGcp2d9%2F09iXOLjBhwYRM%2BqFkVs8j5nT5Rgt4jKi4MVMqbuxov%2BtsSa6ABor5eEXasB28p7WDBz%2BLbXD2CLM3DPYH3%2F3vOJy8FWNr0opQCiO4%3D\"}]}\r\ncf-ray: a02d476d594d723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1438,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"data","md5":"aec125624de33fa15362b62be9a1f673","sha1":"02a558c2ff1a97d388042f0f9bbb4778dbe6e79d","sha256":"ae61a1834e7ba18e6abaf0316e33f743f711e2ca007f61ed1b65ccb77ca47c83","sha512":"8f05c54d359b19db112d14009603ecd3d9a1306e891a000e6a60ea953861cc69653a3479f70a02a8e3ef6f7c065eb41127bab60dacc47043fae27124365215a6","ssdeep":"","tlshash":"68410a66d918d395d4beb0f60b3a01e46224fb04a50e9c02c86b9d72796437e3f9f0b3","first_seen":"2026-03-07T22:46:23.616138Z","last_seen":"2026-06-06T17:16:15.562351Z","times_seen":8588,"resource_available":false,"data":null}},"time_used":1129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"georgia.org-ko.one/dds/_frame/webSocket/QT/JWRCVV-1779971512779-zwuengjr3om-c7yz86r3wug/khkjsahfjkwhakjlsdwdddddd88","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:32:02.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/webSocket/QT/JWRCVV-1779971512779-zwuengjr3om-c7yz86r3wug/khkjsahfjkwhakjlsdwdddddd88 HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://georgia.org-ko.one\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: ZSATrubaRQfQoMdTswkmfw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 28 May 2026 12:32:04 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: WWW-Authenticate, WWW-Authenticate-username, WWW-Authenticate-userid\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=YmM2Ynz3CF0k0LDaQ5kWMtXzRHwQUM%2BPKYzIzVR8sjSXdvzvjYh0TIM4zygPgyHlFTGdk1g8bRHFA0wOYqSfFVIOpFOPM%2B2JZb0IIRaS1DqKxxoZoIUJsEGwi1fYsEkh2AB1bXA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: a02d479f0df2712d-OSL\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=576\u0026min_rtt=525\u0026rtt_var=239\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2340\u0026recv_bytes=1260\u0026delivery_rate=3727155\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=c22fb7952fb17903\u0026ts=2271\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T17:09:45.179918Z","times_seen":16184828,"resource_available":true,"data":null}},"time_used":2277,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":2253,"receive":1,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/static/font/img_c1d6012f40fc_3kq0me.woff2","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:50.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/static/font/img_c1d6012f40fc_3kq0me.woff2 HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://georgia.org-ko.one/dds/_frame/static/css/dkmlpsbe5766.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:51 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 162624\r\npriority: u=4,i=?0\r\naccept-ranges: bytes\r\nlast-modified: Thu, 09 Apr 2026 13:07:24 GMT\r\netag: \"53a80c9b56d1b537ffac95ee5164a0e6\"\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i3QcXQKT6kO1slO5wWBbavrCOWCL7xuPFSmklHlKpSkqmxJfiSMrsi%2F8DmH2MctuOwu3mgpazG8TErvMKaUXlNe4QAPcY0IT3dw5DJaQDgPaTEux2AUTMsaTpXG4H16uOd575OY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a02d4754fb9f723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162624,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 162624, version 1.721","md5":"8d65d0412e1cc67140f2764d535d54ef","sha1":"6d43906f20ffd3f058761f322fc42f97b37888bc","sha256":"7e2948403dab5e623bd30983fb2bfdaa7f8afc32ca6c0c099e031b6027dc5385","sha512":"d6175994dacc7a653ba806eb2278de689993b720df2101d03267fbd6cd4daa79bdbbe38e74c1ef371ade2cd17802cafaf42d42c4b959665eac9f7ad70c0e771c","ssdeep":"3072:Zid3OSVum+twkpjxwcEUN9RgZXqoSMl+b2yjmfSU8zvmdlv3rQTZSVV8+DW:Zy+JiEjCcEmq6oS+byjmfSXC7QTZSVKj","tlshash":"e0f3127f660653c079c5c4657364e83b9f3c24521a9b98eeaee62d103bbf80234b65b0","first_seen":"2025-06-27T18:19:38.282132Z","last_seen":"2026-05-29T00:53:03.313977Z","times_seen":87,"resource_available":false,"data":null}},"time_used":1085,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":789,"receive":296,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/dotlottie-wc@0.6.0/dist/dotlottie-wc.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:52.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 13 May 2026 17:38:50 GMT","end":"Tue, 11 Aug 2026 18:38:47 GMT"},"fingerprint":{"sha1":"85:3A:E3:4D:41:9A:40:A5:EA:4D:21:21:BC:8B:AF:E9:9B:B2:27:3A","sha256":"41:2C:5C:27:2E:1B:0A:16:BA:4A:09:22:08:86:E9:EC:B5:B9:C4:CF:94:00:3A:8F:52:77:35:8C:F9:C4:FC:A4"}}},"request":{"raw":"GET /@lottiefiles/dotlottie-wc@0.6.0/dist/dotlottie-wc.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://georgia.org-ko.one\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 May 2026 12:31:52 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncf-ray: a02d47637b2b568a-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 1841806\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 28 May 2027 12:31:52 GMT\r\nlast-modified: Thu, 07 May 2026 04:55:06 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-digest: sha256=:cb1dPG4JbIpumjo/CssNzVz8YQrFcG/wJRlk7DS8ceU=:\r\nfly-request-id: 01KQM273C31QMZ7DG39842JETZ-fra\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":187,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text","md5":"05981be59a26970fbca1e5a8c7634336","sha1":"579e7098232d88c3a0cb8101b9ad9bd45a3c9f40","sha256":"71bd5d3c6e096c8a6e9a3a3f0acb0dcd5cfc610ac5706ff0251964ec34bc71e5","sha512":"4d31793eb824fbfec3447fd7a4a709d7605e7dcd276c710d599de8c2b059c3935922d3f78a3999ba095ed47eb92df069bbc5d9bb3a98a649aef2c15c4e54feac","ssdeep":"","tlshash":"31c0127be8f0eeb359728c5a80a6c3212a1a88d3d361037491881aac41208db9918ca7","first_seen":"2026-03-07T22:46:23.632504Z","last_seen":"2026-06-06T17:16:15.531879Z","times_seen":8719,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":21,"dns":1,"connect":1,"send":0,"wait":69,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/@lottiefiles/dotlottie-wc@0.6.0/dist/chunk-SI7D3PZW.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:52.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 13 May 2026 17:38:50 GMT","end":"Tue, 11 Aug 2026 18:38:47 GMT"},"fingerprint":{"sha1":"85:3A:E3:4D:41:9A:40:A5:EA:4D:21:21:BC:8B:AF:E9:9B:B2:27:3A","sha256":"41:2C:5C:27:2E:1B:0A:16:BA:4A:09:22:08:86:E9:EC:B5:B9:C4:CF:94:00:3A:8F:52:77:35:8C:F9:C4:FC:A4"}}},"request":{"raw":"GET /@lottiefiles/dotlottie-wc@0.6.0/dist/chunk-SI7D3PZW.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://georgia.org-ko.one\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 May 2026 12:31:53 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncf-ray: a02d47642c7b568a-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 4164019\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 28 May 2027 12:31:53 GMT\r\nlast-modified: Fri, 06 Mar 2026 12:30:19 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-digest: sha256=:MP10OIRrApk6RyB04FCGCtG0Y49fNqnweUD910Gqq4U=:\r\nfly-request-id: 01KK1J15SDHJ6GJXF8DE0SC2XE-fra\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}],"data":{"size":23376,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (11535)","md5":"4915cbe555f5ca0aa6534f7592c55fd1","sha1":"01683f93f73717af0c3fbb9a6aba1c1cc72188e6","sha256":"30fd7438846b02993a472074e050860ad1b4638f5f36a9f07940fdd741aaab85","sha512":"eb5f9b688df0c4e82837699361394f865eb2736882f3b5d8f46fab3c58384c805ebe827297941144bbc2dc11dbf7f04c3429a53a8d774ee6e4f836c35b81ff2b","ssdeep":"384:fHOyHjPQ5GnHixKWPY1rVdeqGRUkKpvKtvV3jM4:vD3nHixKWP+rVdgrKpvKlVw4","tlshash":"16a2d88076f994b34ad582d6dc79460fe250349c682e846dfa7ca6ef1938f41a1ec732","first_seen":"2025-08-04T13:12:55.035191Z","last_seen":"2026-06-06T17:16:15.54522Z","times_seen":8841,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgia.org-ko.one/dds/_frame/user-img/card-refresh.lottie","fqdn":"georgia.org-ko.one","domain":"org-ko.one","tld":"one"},"ip":{"addr":"172.67.215.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://georgia.org-ko.one/dds/_frame/a_index.html","date":"2026-05-28T12:31:54.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"org-ko.one","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 11:07:27 GMT","end":"Wed, 15 Jul 2026 11:07:26 GMT"},"fingerprint":{"sha1":"66:B2:A3:82:97:85:57:04:8A:CC:9D:0C:75:58:36:B6:3B:B1:39:62","sha256":"F0:A7:58:D2:6E:27:C5:D3:20:67:83:50:B0:0F:83:E0:FD:05:54:14:FA:2D:51:B0:9D:48:BD:5E:2D:1C:28:01"}}},"request":{"raw":"GET /dds/_frame/user-img/card-refresh.lottie HTTP/1.1\r\nHost: georgia.org-ko.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 28 May 2026 12:31:55 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 05 May 2026 00:21:51 GMT\r\netag: W/\"176365d5a62e8a175a3ae9085db64a6f\"\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NkbcZ0Q7Sd2CeQnlyfDD%2B10SihAab5Z7Ro8hX0O%2BwJNDaZ65r%2BmMjer4j%2BVW0Ks%2BeK6JS7H9H2%2FhsmkIJ%2B2xXQMLgc%2FIx0dyazEZuSqxLRiJsLHegy0Hthg%2Falhf3hCSiRMIgpI%3D\"}]}\r\ncf-ray: a02d476d594e723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"Zip archive data, at least v2.0 to extract, compression method=deflate","md5":"4c8d90fb3ea4c2d57299eedb41a2e20d","sha1":"d22bd75e679fd93d69269939d855435b87453c0f","sha256":"7a0822eefcd060a8fa86ee2c2e778f59c5eb11e5cd41818f5059aea5c3da3f7b","sha512":"5a4cb1819a56e40527070a8e6613ca2f523a61e989f1c7148023c327f6eae3b124537880b1ad6678e1def808a0e4cbd3f58dea9c363675f3f7a876c81bb60075","ssdeep":"","tlshash":"3b31fa39e13a434cce4ae9b8301738c7b755c7012981204bd63b54a4d5e51ac37fdc21","first_seen":"2026-03-07T22:46:23.623456Z","last_seen":"2026-06-06T17:16:15.526661Z","times_seen":8589,"resource_available":false,"data":null}},"time_used":1041,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1041,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"georgia.org-ko.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"georgia.org-ko.one","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}