{"report_id":"cd6580c6-1034-4b5e-85d1-8402178fed6f","version":0,"status":"done","tags":[],"date":"2026-06-26T21:35:31Z","url":{"schema":"https","addr":"ortshopreview.cc/#/Register","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"ip":{"addr":"172.67.191.114","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ortshopreview.cc/#/Register","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"title":"Malls order center","dom":{"size":2637,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2633), with no line terminators","md5":"8dc8cc7578032cbc742363cf7189bc45","sha1":"f7f55f22b68415670b5b3f05b67871e5952902ee","sha256":"7a4891dea7173ea0cc25d425ac005c2fe549b1058eb75ee1c937348561c7f411","sha512":"0947a0ff3f071028668b0455c7b4c4855b0e4bf20ea0efb717833b7fa501ea30f6473dd8805e42a2df68b9dc23ab2df719fda7c802a9a97b33d627f0f832fec5","ssdeep":"","tlshash":"91516572c011c92b93078df8e0a1632d70a3914ad7d2180822e42aea5fd5de6dd2508f","dom_hash":"domhash88ca6ad3e33b39ff47fd2de8b57d67f2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"ortshopreview.cc/#/Register","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"ip":{"addr":"172.67.191.114","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-31T21:35:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"ortshopreview.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ortshopreview.cc","ip":{"addr":"172.67.191.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-11","domain_rank":0,"first_seen":"2026-06-26T21:35:32.825814Z","last_seen":"2026-06-26T21:35:32.825814Z","alert_count":6,"request_count":6,"received_data":1399071,"sent_data":2933,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ortshopreview.cc/customerServer.js","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"ip":{"addr":"172.67.191.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"acb53e5881de75fcf70350bf8e06f581","sha1":"26fe56a0b24beffc28ffe5103cac4902b4c77068","sha256":"c72e35537d7061c3aeb8fbd98f906ec2695f336c48cf1ffc443ca9b1d2773735","sha512":"bfda1b01afc9bacbb019f993024c119d7127ba5adbdf923caea8c2156b11c749d065ed236819b46224bfb4b38ebcf2144bc51416d77b4a94ab9d7b2ee6fd7e68","ssdeep":"768:YIVy0juMiCj8rMVN5uZyDuVhyOAW2uz+xwN33VdNeHXLVd:hVy0liC4rMVN5uIuzyEz+xgUHbf","tlshash":"b0135c655626057a85b373b89f096608ee21042b9007c5397fbc5ae23ff143d92e1ff9","size":44867,"data":"","first_seen":"2025-10-10T21:40:40.062411Z","last_seen":"2026-06-26T21:37:37.974572Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ortshopreview.cc/static/js/main.aee46d7e.js","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"ip":{"addr":"172.67.191.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a1a0e606c8a783bb716ef8f05b61d2c6","sha1":"618badab40bc5934994620a25543d3c146aca286","sha256":"f4497f1baa40943d781342e77050f3e0d67de61d1531025f1e02456702182f98","sha512":"8ee568d05b6611419237a5ccf3645e1365eef1fb84a6c8a8a010e880dc5193f02712b8853c313ebf94dfa0da19d017207e9e37f9e2ea3a3b5cb589648eaebdbc","ssdeep":"12288:zdm5/wWAHpooNfpCM6ITw0OUknT1ofi2iN+fTjToUoQKV:zdm5pAJFH6ITON+fTjToUoQKV","tlshash":"0045e8cd77e2b66c0b76a452c83b994d766d1d408029c230af79d5c6fa2c508e27fb2d","size":1217998,"data":"","first_seen":"2026-06-26T21:35:40.688368Z","last_seen":"2026-06-26T21:37:37.988144Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"warn","text":"将根据已有的meta标签来设置缩放比例","filename":"https://ortshopreview.cc/static/js/main.aee46d7e.js","line_number":2,"column_number":23299}]},"http":[{"url":{"schema":"https","addr":"ortshopreview.cc/#/Register","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"ip":{"addr":"172.67.191.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-26T21:35:06.816Z","timestamp":1782509706816,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ortshopreview.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 10:14:29 GMT","end":"Wed, 02 Sep 2026 11:14:19 GMT"},"fingerprint":{"sha1":"6B:16:C0:EB:3D:89:E2:EB:25:FA:DB:18:DA:6D:9D:A2:83:2B:D3:A2","sha256":"02:A4:4E:2B:7F:19:AA:C4:A4:43:1C:D1:75:9F:1D:77:42:2A:88:3B:31:11:32:C9:A5:A6:05:E1:20:9B:77:44"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ortshopreview.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 26 Jun 2026 21:35:07 GMT\r\ncontent-type: text/html\r\ncontent-encoding: zstd\r\nlast-modified: Sat, 28 Mar 2026 08:06:36 GMT\r\npriority: u=0,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W6fjSQGX35acxNcDdnYfMNP9Q57T%2FMnnofdG0gmrv7f4MzGtUiqhkGahW8fLmOfaqLsksYVSd9I8nrmJH72gGQOEXalDKdX%2FlF%2FDmxx7pdHsckCu6mws8D5wJ%2BoxmhIsre4f\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a11f57041ab60b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":541,"size_decoded":941,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (541), with no line terminators","md5":"09aaeea26bae138ac4ac437ce657230d","sha1":"9d32b37ef16c105d7d3ce637e36bbed8296e91cd","sha256":"a44addd1a59872b8093eae81216a6a66e56ad741492ae619bfdd907dee0166c0","sha512":"a50806f862c247b48e2172e4d41bacc21f070cbe3150540b8f39257e9bdeaea95afd33071a8cb6774e2f1473ca1c41119e39f74bd81f64fb746e5276196a4b18","ssdeep":"","tlshash":"7df0c093cc21c40c823087b8aca1f05cc89af924bbe2bd40798914bf8dd8f88c8a7505","first_seen":"2026-06-26T21:35:40.671324Z","last_seen":"2026-06-26T21:37:37.985598Z","times_seen":2,"resource_available":true,"data":null}},"time_used":369,"timings":{"blocked":-1,"dns":51,"connect":21,"send":0,"wait":297,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"ortshopreview.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ortshopreview.cc/customerServer.js","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"ip":{"addr":"172.67.191.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ortshopreview.cc/#/Register","date":"2026-06-26T21:35:07.432Z","timestamp":1782509707432,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ortshopreview.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 10:14:29 GMT","end":"Wed, 02 Sep 2026 11:14:19 GMT"},"fingerprint":{"sha1":"6B:16:C0:EB:3D:89:E2:EB:25:FA:DB:18:DA:6D:9D:A2:83:2B:D3:A2","sha256":"02:A4:4E:2B:7F:19:AA:C4:A4:43:1C:D1:75:9F:1D:77:42:2A:88:3B:31:11:32:C9:A5:A6:05:E1:20:9B:77:44"}}},"request":{"raw":"GET /customerServer.js HTTP/1.1\r\nHost: ortshopreview.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ortshopreview.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 26 Jun 2026 21:35:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 11:32:02 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68ca9c32-af55\"\r\nexpires: Sat, 27 Jun 2026 09:35:07 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l87J6EpSC1aa7QMyPB5BnfV18Isd%2B8tLjfCz0l3EuGaOBG%2B1iMIw4c6XQV97c0m6R2GpOIKl%2FvBAfjtzknTU0xkfw8hzlnjIAhqKnjg8eKXdUnI0GJBB0bpMuhf9DAaXBk5V\"}]}\r\ncf-ray: a11f57077ae60b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44885,"size_decoded":24751,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (13321), with CRLF line terminators","md5":"acb53e5881de75fcf70350bf8e06f581","sha1":"26fe56a0b24beffc28ffe5103cac4902b4c77068","sha256":"c72e35537d7061c3aeb8fbd98f906ec2695f336c48cf1ffc443ca9b1d2773735","sha512":"bfda1b01afc9bacbb019f993024c119d7127ba5adbdf923caea8c2156b11c749d065ed236819b46224bfb4b38ebcf2144bc51416d77b4a94ab9d7b2ee6fd7e68","ssdeep":"768:YIVy0juMiCj8rMVN5uZyDuVhyOAW2uz+xwN33VdNeHXLVd:hVy0liC4rMVN5uIuzyEz+xgUHbf","tlshash":"b0135c655626057a85b373b89f096608ee21042b9007c5397fbc5ae23ff143d92e1ff9","first_seen":"2025-10-10T21:40:40.062411Z","last_seen":"2026-06-26T21:37:37.974572Z","times_seen":22,"resource_available":true,"data":null}},"time_used":379,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":119,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"ortshopreview.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ortshopreview.cc/static/js/main.aee46d7e.js","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"ip":{"addr":"172.67.191.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ortshopreview.cc/#/Register","date":"2026-06-26T21:35:07.434Z","timestamp":1782509707434,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ortshopreview.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 10:14:29 GMT","end":"Wed, 02 Sep 2026 11:14:19 GMT"},"fingerprint":{"sha1":"6B:16:C0:EB:3D:89:E2:EB:25:FA:DB:18:DA:6D:9D:A2:83:2B:D3:A2","sha256":"02:A4:4E:2B:7F:19:AA:C4:A4:43:1C:D1:75:9F:1D:77:42:2A:88:3B:31:11:32:C9:A5:A6:05:E1:20:9B:77:44"}}},"request":{"raw":"GET /static/js/main.aee46d7e.js HTTP/1.1\r\nHost: ortshopreview.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ortshopreview.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 26 Jun 2026 21:35:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 28 Mar 2026 08:06:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69c78c0c-1295ce\"\r\nexpires: Sat, 27 Jun 2026 09:35:07 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FmhQSC1OBd3jl7JzpfasPozLjPYa1BW%2BbwreK5onizStprxc2hiUkGnM70RIpABuhsDLwpsH2AlyLiiFhCtdAAX7aFUvmaZFlWjGjO%2BUEsRtW9xNuDWMVsUk6AFv%2BrFzcHoH\"}]}\r\ncf-ray: a11f57077ae70b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1217998,"size_decoded":336124,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"5bd664df09dd91af43e2acdd8c1b390c","sha1":"3fbd161d232f4c8d7de8f03c2622a1b64513f7d6","sha256":"3457a4fe64daaddba994a1b5da7d15f40d78880d864c06c463539b81a67b72d6","sha512":"11bb46013c623a77d625e11ca36471a78681b0f91550d23f61452e5423fb9332fc388307268248083e052bbd91c3496b17bb58a6f7db6c21935159e80e53def4","ssdeep":"12288:zdm5/wWAHpooNfpCM6ITw0OUknT1ofi2iN+fTjToUoQF:zdm5pAJFH6ITON+fTjToUoQF","tlshash":"0625f9cd72e2f1780ba6a156883f984eb76d1d5090388170ab79d5c5b92c91ce23ff2d","first_seen":"2026-06-26T21:35:40.673733Z","last_seen":"2026-06-26T21:37:37.9767Z","times_seen":2,"resource_available":false,"data":null}},"time_used":794,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":517,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"ortshopreview.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ortshopreview.cc/static/css/main.18da2f0f.css","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"ip":{"addr":"172.67.191.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ortshopreview.cc/#/Register","date":"2026-06-26T21:35:07.436Z","timestamp":1782509707436,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ortshopreview.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 10:14:29 GMT","end":"Wed, 02 Sep 2026 11:14:19 GMT"},"fingerprint":{"sha1":"6B:16:C0:EB:3D:89:E2:EB:25:FA:DB:18:DA:6D:9D:A2:83:2B:D3:A2","sha256":"02:A4:4E:2B:7F:19:AA:C4:A4:43:1C:D1:75:9F:1D:77:42:2A:88:3B:31:11:32:C9:A5:A6:05:E1:20:9B:77:44"}}},"request":{"raw":"GET /static/css/main.18da2f0f.css HTTP/1.1\r\nHost: ortshopreview.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ortshopreview.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 26 Jun 2026 21:35:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 28 Mar 2026 08:06:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"69c78c0c-159e1\"\r\nexpires: Sat, 27 Jun 2026 09:35:07 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j9X0WVQrl79OaH7TQXhEYKjcbeooKvnjZzGMbsQi794UxqYYvQsrPThRADmnX96Nfc3plI5V3YEE2As2yBRIcBI7UTTUQPpCh8NEKMAF3AzgFkCWE4TaFQBab8HTkEeo8Nk7\"}]}\r\ncf-ray: a11f57077ae80b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88545,"size_decoded":38059,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"87dbf7713b36b57d6ad3283157be9cba","sha1":"385d541c7536084399541988b56583b8a1aa7ea7","sha256":"ca1f81522a4f2391cbff1b7a55e925d9769c677957e931142a628f1a2e4be929","sha512":"030e4dcdc32b43a4a59d5a5007a294fae858d77d702254322fc9610f6df0a7a036b020514dbe7f5451b713fbc55b01838a46ad37e61ee4b3a8de130d454109bb","ssdeep":"1536:37/c8bUlTcGnZzXXHZcrkq22oWwgrek+H5LSE:A8baLzUJAH5LSE","tlshash":"92834b327a31a13dbc3bd6777ad45bcca005c490d29357a9a612b3b585cbaf70a77308","first_seen":"2026-06-26T21:35:40.674887Z","last_seen":"2026-06-26T21:37:37.979945Z","times_seen":2,"resource_available":false,"data":null}},"time_used":379,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":121,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"ortshopreview.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ortshopreview.cc/static/media/newLogin.bdebc0905dc2cd8ec387.png","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"ip":{"addr":"172.67.191.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ortshopreview.cc/#/Register","date":"2026-06-26T21:35:08.461Z","timestamp":1782509708461,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ortshopreview.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 10:14:29 GMT","end":"Wed, 02 Sep 2026 11:14:19 GMT"},"fingerprint":{"sha1":"6B:16:C0:EB:3D:89:E2:EB:25:FA:DB:18:DA:6D:9D:A2:83:2B:D3:A2","sha256":"02:A4:4E:2B:7F:19:AA:C4:A4:43:1C:D1:75:9F:1D:77:42:2A:88:3B:31:11:32:C9:A5:A6:05:E1:20:9B:77:44"}}},"request":{"raw":"GET /static/media/newLogin.bdebc0905dc2cd8ec387.png HTTP/1.1\r\nHost: ortshopreview.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ortshopreview.cc/static/css/main.18da2f0f.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Fri, 26 Jun 2026 21:35:08 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 28 Mar 2026 08:06:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\nvary: Accept-Encoding\r\netag: W/\"69c78c0c-a721\"\r\nexpires: Sun, 26 Jul 2026 21:35:08 GMT\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q1LTE3n19f2CXi%2BXjUI9uIZu6adCTcJ85zQMyQ90p1yc9oigBri0hwQmxqD2yO0Jlu4ulRjrLM97mT8RjywQhzG0at7ROEUY0yKBLAO1cG4WUUWNobDZAVCD8YlyrztbucRf\"}]}\r\ncf-ray: a11f570deb2a0b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42785,"size_decoded":41745,"mime_type":"image/png","magic":"PNG image data, 1170 x 2532, 8-bit colormap, non-interlaced","md5":"35f0a965cbf272f6e78e243ba510e038","sha1":"97281d6c9f751a34183c9066c4d66ce5cc8860e1","sha256":"7f5bdb0d8c5f95424582932e589b985c7a63d68a25255ff2ced74ae7bffd1974","sha512":"937d799711c6d8ab86a09ecb133f9ad17d89ffd0eab71ae62935b87ef697fd1afb04ae369a98f126ae3d9c2c238df73d89d9569a82787620f0085c8eda2bd83f","ssdeep":"768:1sXyxgEfbjHRV3RzkuVZ60Y1CV0OWmgjGywbjfp59ZaGbqtDy93jCyD:1sXcgqjlzVz60YQWmc2PB5ycqy93xD","tlshash":"a713f1f610219bbbf754baf368f22b34c466fe205750adc6514622c9631f425f3a722c","first_seen":"2025-12-23T09:28:21.588096Z","last_seen":"2026-06-26T21:37:37.983853Z","times_seen":3,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":275,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"ortshopreview.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ortshopreview.cc/favicon.ico","fqdn":"ortshopreview.cc","domain":"ortshopreview.cc","tld":"cc"},"ip":{"addr":"172.67.191.114","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ortshopreview.cc/#/Register","date":"2026-06-26T21:35:08.567Z","timestamp":1782509708567,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ortshopreview.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 10:14:29 GMT","end":"Wed, 02 Sep 2026 11:14:19 GMT"},"fingerprint":{"sha1":"6B:16:C0:EB:3D:89:E2:EB:25:FA:DB:18:DA:6D:9D:A2:83:2B:D3:A2","sha256":"02:A4:4E:2B:7F:19:AA:C4:A4:43:1C:D1:75:9F:1D:77:42:2A:88:3B:31:11:32:C9:A5:A6:05:E1:20:9B:77:44"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ortshopreview.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ortshopreview.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Fri, 26 Jun 2026 21:35:08 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hMSNM909cD%2FVyWt%2Bso3ur58S08Luu8FVT9823KdsH0YlznWIFw6aEpOKvhnytL9SWG2rtUk9Bw9yWjnvb842aDgLwqt5Y8hakcEjv8vtgU74okJ5fK0K0zABLoy2WkhMWm7C\"}]}\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a11f570e8b320b49-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":702,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-30T11:33:07.45397Z","times_seen":533068,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-26","alert":"Sinkholed","trigger":"ortshopreview.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}