{"report_id":"dbe0ce2e-19d2-4451-92fc-64f9ee00ff93","version":0,"status":"done","tags":[],"date":"2026-07-02T12:46:49Z","url":{"schema":"http","addr":"gom-player.net","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"172.67.158.247","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gom-player.net/","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"title":"GOM Player - Free Video Player | Download \u0026 Features | gom-player.net","dom":{"size":141035,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (458)","md5":"68551afaee6daaf0819ee29b97047296","sha1":"4cdbaccc40b3e3974f6fa76e15cba694c2b829d3","sha256":"96d2009cf5ef72f56f52235a55a70b056577b7ce6c24ba16f7699efbfdd893c7","sha512":"2d886394308b6c76562c57133bd0205c2e7a218420d2afe31ef2a5810e83f544d057552679d7afce592d04df5b7e5435f08b3f737c8ec8bfc8fa2853c67c4b50","ssdeep":"1536:+oDNJlAB27QmjJcwyWg9hnsSOfpBJMPw1BqBvHyBqXOLdkUso27ls3m07f51pcXm:wPwvqBvHyBqXOLdr2erX","tlshash":"38d3c835b1f1007768b392b6a7de232a7f68d00bc61bd984b6dc41145fc6db58d93368","dom_hash":"domhashace0100113e02a3bd01dbab251578c47","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gom-player.net","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"172.67.158.247","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-06T12:46:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-06-28T22:47:06.167692Z","alert_count":0,"request_count":1,"received_data":277398,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"gom-player.net","ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-10","domain_rank":0,"first_seen":"2026-07-02T12:46:51.664016Z","last_seen":"2026-07-02T12:46:51.664016Z","alert_count":32,"request_count":8,"received_data":7067843,"sent_data":4318,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-06-28T22:30:22.905773Z","alert_count":0,"request_count":1,"received_data":485977,"sent_data":477,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gom-player.net/","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a3fb4b4fea946ec82ccd1aac5e54e3f","sha1":"ec9e43274eeab1e58b880e4d03c5369b81a6a021","sha256":"bd0185aed141676dd670e48a1fd9174134e11782a54e1e68a1573f60db057eb5","sha512":"c573f0b6da2e3316db0b0c4f9888ddc8e8a3d19a56b79f41f3b2a7cbec096b9a1dbb7958d19314e59f2b8484abeb0c9028b5bf3da1431972cfcb4236d44eb5f5","ssdeep":"","tlshash":"3bc08c88210b0cb041a72b014bafa200b049320294d06921380e62044f20d03db54864","size":161,"data":"","first_seen":"2026-07-02T12:46:56.517015Z","last_seen":"2026-07-02T12:46:56.517015Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.net/","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9523e1131edd04949a95d5ed9a78debd","sha1":"88fafab8c069dd32a46e6b85bd2d96845b00d70a","sha256":"5ac21a6e0ce6c2ac7cf7aebdccff58e4cf550d4468c7a200717769d46add035a","sha512":"c0753151b43881a0b3b6a4fcac55ba911046b6b671a4b7ae20976f8b2a7f8f04083362a4be5bd71c34a978a5f99a61bf353131a797954f3efcf3a49a2a8b8e29","ssdeep":"","tlshash":"25e0721a30c2003a03b394aa23bb810a2123270bc49ecb167a5fc8e61f34ca2040210c","size":319,"data":"","first_seen":"2026-07-02T12:46:56.518595Z","last_seen":"2026-07-02T12:46:56.518595Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.net/","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ee6148f77c34f276c6bd407f3f75e049","sha1":"25debf678247fb4d7f2c3ef38cf107ac2e99f135","sha256":"2461f208b79e8597862af0d465c5756cef53b279f37f5fccbc205291f25ed571","sha512":"b2c826e827ca41d7eede7453c72d1a7c2dbba0d658db254f32077b75363c4b27e2823a0ea6c1b32ff00b7af0422bd60ad0f1227e39a211efca606bd54d13645f","ssdeep":"","tlshash":"2d71549b70f2103606b73aab638b9788362240433484dd263f6dcb495f93e9019f3bd9","size":3773,"data":"","first_seen":"2026-07-02T12:46:56.520013Z","last_seen":"2026-07-02T12:46:56.520013Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tailwindcss/browser@4","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ab42b0053e976bc3a170bb73eb47e4a","sha1":"72ffa8579bed201cb460a4d929f91e62a08ab606","sha256":"d04446c80203b7517ca833115e9bdcbd87f1ff709a9f4f7ca48804604129d782","sha512":"99037b4ad0b354997eaf089e5adf9afec0ccea6b9c15223adfab27d897fc4877c105d68bfeb093ea1c04e9aff378393131689519862e1385a478cb9157abb99e","ssdeep":"3072:O3M3h4O2WMhWAY/LBcDcQKwod0PNTsVPYoYZGJtgXoul5VWR8cWiYVSi5+0Lra2Z:D2OT7jaWsNxy0uOz","tlshash":"cf442b353603a03e5fbb43da20de6004d62e6b65a75841e8f782d51b21e5af809f7f39","size":276272,"data":"","first_seen":"2026-06-30T06:12:31.279404Z","last_seen":"2026-07-03T04:06:19.629576Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JV83FJH9EY","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cdfeae8f2ed0e30dc12839cbec9474a5","sha1":"663945a669a12a74d7e1760cb2c734ea6c934412","sha256":"5d6ebdb38a0a71e2c80cc831ff775fe5fcb1547f2d9f17881be660c41844cd32","sha512":"a9196d7e184238021262556734fbe6f5659411a471209aa9119c4fe8ca119ea31713562f56a2dae581c96cc51cf3a4b7aad23f0769fddeb42fd483bd072bc3ee","ssdeep":"6144:7LIWtCn0dFkiqGCvJwXQd7pcxIGQznsWjfGUpEGmwvPrLi:PIWzFB0AQQUpEZEni","tlshash":"85a4f8cdb3d674265396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","size":485373,"data":"","first_seen":"2026-07-02T12:46:56.513593Z","last_seen":"2026-07-02T12:46:56.513593Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tailwindcss/browser@4","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gom-player.net/","date":"2026-07-02T12:46:24.358Z","timestamp":1782996384358,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/@tailwindcss/browser@4 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 68133\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 4.3.2\r\nx-jsd-version-type: version\r\netag: W/\"43730-cv+oV5vtIBy0YKTZKfkeYqCKtgY\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230233-FRA, cache-bma-essb1270054-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 33774\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VYf4aBCApgsnKSCi0d9cpAbnjn%2Bd9VWpMVG3HyUksSzNHLhmVo16VWPFNOEOFQpuQLNYNw3zQxG409UFlbnSqVay4UGlm02KFPtWF3dTOXAs9rhqfEzqAXbHNMJUWwCcouM%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a14dc0ca5d258deb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276272,"size_decoded":69259,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65267)","md5":"4ab42b0053e976bc3a170bb73eb47e4a","sha1":"72ffa8579bed201cb460a4d929f91e62a08ab606","sha256":"d04446c80203b7517ca833115e9bdcbd87f1ff709a9f4f7ca48804604129d782","sha512":"99037b4ad0b354997eaf089e5adf9afec0ccea6b9c15223adfab27d897fc4877c105d68bfeb093ea1c04e9aff378393131689519862e1385a478cb9157abb99e","ssdeep":"3072:O3M3h4O2WMhWAY/LBcDcQKwod0PNTsVPYoYZGJtgXoul5VWR8cWiYVSi5+0Lra2Z:D2OT7jaWsNxy0uOz","tlshash":"cf442b353603a03e5fbb43da20de6004d62e6b65a75841e8f782d51b21e5af809f7f39","first_seen":"2026-06-30T06:12:31.279404Z","last_seen":"2026-07-03T04:06:19.629576Z","times_seen":34,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":6,"receive":2,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.net/images/gomplayer_visual.png","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gom-player.net/","date":"2026-07-02T12:46:24.374Z","timestamp":1782996384374,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 19:46:38 GMT","end":"Sun, 23 Aug 2026 19:46:37 GMT"},"fingerprint":{"sha1":"ED:06:E9:30:7D:6C:CC:96:D4:7F:37:A5:7D:2E:48:6C:BA:1A:54:A4","sha256":"09:2B:9B:DC:90:CD:F0:E4:3D:07:67:4F:5D:E8:F5:ED:A4:45:39:FA:DE:41:11:05:3A:F6:AD:0B:E4:95:B8:BE"}}},"request":{"raw":"GET /images/gomplayer_visual.png HTTP/1.1\r\nHost: gom-player.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff38-37c22a\"\r\nexpires: Sat, 01 Aug 2026 12:46:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G5u8xe4a7qZoNu%2FvJMW%2Fe2Q5edfr07rwzcbQmBDxmz1OV6KfKIf59Yp8M10dRfhjBNGK3BxgQUTdhuZ8uHDxu2lhCmczRresxP4VIXvs55lxZnIpjk48lFDJpPGelGh4hw%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncf-ray: a14dc0ca5fc41525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3654186,"size_decoded":3646135,"mime_type":"image/png","magic":"PNG image data, 3840 x 1160, 8-bit/color RGBA, non-interlaced","md5":"f9d9498c8d056b5abae387f2bfbba919","sha1":"cf11b30388a59ba262b18f5f053eeee68b05628c","sha256":"f428067efcf6617c161200dabcbf776843174644e9256db255a2cd01528fa73e","sha512":"72153aec6921f6b08f7252dcce6295120d9184910e75b4eccfbf7b18009cdc6a9674368c26d49f9f2d9ed220d02d2dd19c9a106a9951300709200415d3491b8f","ssdeep":"24576:BtF22V2bXhFyLMzYc7iRfqn0bWzYFLgjfPTBH5Bw:BmcavmMzvsfqn0bWPjfPlHo","tlshash":"f0253378d5dc69f531ebad3569a5103936e5b328b169ea31a732cbf53e09dcb0b10302","first_seen":"2026-07-02T12:46:56.500463Z","last_seen":"2026-07-02T12:46:57.961878Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":1107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.net/images/gomplayer_feature_01.png","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gom-player.net/","date":"2026-07-02T12:46:24.624Z","timestamp":1782996384624,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 19:46:38 GMT","end":"Sun, 23 Aug 2026 19:46:37 GMT"},"fingerprint":{"sha1":"ED:06:E9:30:7D:6C:CC:96:D4:7F:37:A5:7D:2E:48:6C:BA:1A:54:A4","sha256":"09:2B:9B:DC:90:CD:F0:E4:3D:07:67:4F:5D:E8:F5:ED:A4:45:39:FA:DE:41:11:05:3A:F6:AD:0B:E4:95:B8:BE"}}},"request":{"raw":"GET /images/gomplayer_feature_01.png HTTP/1.1\r\nHost: gom-player.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff38-4c23e\"\r\nexpires: Sat, 01 Aug 2026 12:46:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Iw2%2B8XEpsxgF7yC21P3AeUdR7olBDwYz78EqOwgMONR7bgJ6biu8VVNZ6kXEIp4hXDus%2BX1Hq7X2yx%2B2TbX9gBXXZZr%2Ftwzn%2FerqLwy8i%2BbRjoU84bN5%2BJmFMi2gN3mcBg%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14dc0cbe8071525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":311870,"size_decoded":295352,"mime_type":"image/png","magic":"PNG image data, 1760 x 1121, 8-bit/color RGBA, non-interlaced","md5":"acbee190793e76f0d696d8298e0774f2","sha1":"3a9b4d9c8b5510280b144e77893ceeb3e7a99152","sha256":"bfc56e29f5fe62eed0674d3031c24dc3e647fd13870464a04924647f4c914a82","sha512":"83ad4294fc7b67d4132e2c3fa76f0269b40d7cfc963f4f6fa025b2411c78e773107383e50f2f1312b171206b8b5cdc5cca0d23cb16c4a85504fb1ac1b368ca02","ssdeep":"6144:hexm4EcKHy0sreVi3iO1ZV6MfpEfEz/jIr/Ft68Dt19uX2DAUYEV:hEEUOslZJfykIrdI8Dt19uX28UYs","tlshash":"f964e003ca84707b6946cd2c56432a81bd37682374558f399f9a327e690fbf5ee72d08","first_seen":"2024-12-14T21:01:49.613433Z","last_seen":"2026-07-02T12:46:56.503379Z","times_seen":3,"resource_available":false,"data":null}},"time_used":460,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":179,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.net/images/gomplayer_feature_02.png","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gom-player.net/","date":"2026-07-02T12:46:24.626Z","timestamp":1782996384626,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 19:46:38 GMT","end":"Sun, 23 Aug 2026 19:46:37 GMT"},"fingerprint":{"sha1":"ED:06:E9:30:7D:6C:CC:96:D4:7F:37:A5:7D:2E:48:6C:BA:1A:54:A4","sha256":"09:2B:9B:DC:90:CD:F0:E4:3D:07:67:4F:5D:E8:F5:ED:A4:45:39:FA:DE:41:11:05:3A:F6:AD:0B:E4:95:B8:BE"}}},"request":{"raw":"GET /images/gomplayer_feature_02.png HTTP/1.1\r\nHost: gom-player.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff38-166f07\"\r\nexpires: Sat, 01 Aug 2026 12:46:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JXo8IipZtJhBJlIXTCrjsCJD7OJSqpxorBsADooG8RbYZcTzSff8%2Bb8myB1qdf1%2F7%2B%2Bugn%2BW4QkEeWBSB63Q4xOdT%2F907SwvKHFIJlDQnv9KJjV5PFtJOk78J4X02VtVbA%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14dc0cbe8081525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1470215,"size_decoded":1463625,"mime_type":"image/png","magic":"PNG image data, 1760 x 1121, 8-bit/color RGBA, non-interlaced","md5":"76d047078bdc8a4907a33bb25171e90f","sha1":"861165b69298a722840ab2677946d509b2ae7143","sha256":"e57d279ab104e42fa02a3b77e555638c78fa592f4aaf18e8ef07cc3284e25266","sha512":"ce312a5fef1c63684848ec01513b90d7c22173b7e2cec3de25c5e0c4309a41b25146f0a0300f6a68cd4a6542ea05b3d457f92049a02975bc851c693e82423100","ssdeep":"24576:vxmYwIEGl0IVLa59OCtPS+eQshnoWuOz9rVqFQKPMPDFVWwbgbLomh5ip:59PEGl0IV+59TPS3HhVum9hqFh0PBb6Y","tlshash":"4425332e95e95db2d1cbc9c3bb870571784ca03cbf92a47507c1a3cbb685ac13525b2e","first_seen":"2026-07-02T12:46:56.50613Z","last_seen":"2026-07-02T12:46:56.50613Z","times_seen":1,"resource_available":false,"data":null}},"time_used":856,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":538,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.net/images/icon.webp","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gom-player.net/","date":"2026-07-02T12:46:25.030Z","timestamp":1782996385030,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 19:46:38 GMT","end":"Sun, 23 Aug 2026 19:46:37 GMT"},"fingerprint":{"sha1":"ED:06:E9:30:7D:6C:CC:96:D4:7F:37:A5:7D:2E:48:6C:BA:1A:54:A4","sha256":"09:2B:9B:DC:90:CD:F0:E4:3D:07:67:4F:5D:E8:F5:ED:A4:45:39:FA:DE:41:11:05:3A:F6:AD:0B:E4:95:B8:BE"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: gom-player.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.net/\r\nCookie: _ga_JV83FJH9EY=GS2.1.s1782996384$o1$g0$t1782996384$j60$l0$h0; _ga=GA1.1.1675696814.1782996385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:25 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\netag: \"69eeff38-116c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=poDn9zOvfPYyUjehjjFB6vaIt5ovdu5%2FsaPWyOfsJWRdSw%2F2ogpbcglhNsJGXRk%2Fk7jZ7EDEx8ijEz6bx1Tnn3%2Brc4PBj6Zxehtxnd5h3hQNuYkxhOidPIK4j7kLAo7M4g%3D%3D\"}]}\r\ncf-ray: a14dc0ce78d21525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 4460\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4460,"size_decoded":5208,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19f9163ccb146f269c7b0f6debffd2eb","sha1":"14adfcbef21179fdb0ad9a17313d4f48603852d3","sha256":"2c241bcbba186737815f8feaf7cc204534c48b9a5600a814713feb3f076d52b6","sha512":"2960c8c39df1a469720dfaa3279ac40077f2eec91db73024f120dbf9905bcca5c5f90de2523d6aa6ed4c568da8bdd25ca31025c979ebe8e92ffff844cd2cbc08","ssdeep":"96:/+gi4CtXzg99vvdOZVnJF4WZKRE1JmG5bKNfJoqrgFh2M2uVHcJ5ZMpo:/Hi1Dg/NBC1kNizHgz7","tlshash":"1b918d5b2c27608ade6a7441623cfe691b4c378c26edeac143441bae0e85a43d7c6379","first_seen":"2026-07-02T12:46:56.509011Z","last_seen":"2026-07-02T12:46:57.959487Z","times_seen":2,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.net/images/icon.webp","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gom-player.net/","date":"2026-07-02T12:46:25.031Z","timestamp":1782996385031,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 19:46:38 GMT","end":"Sun, 23 Aug 2026 19:46:37 GMT"},"fingerprint":{"sha1":"ED:06:E9:30:7D:6C:CC:96:D4:7F:37:A5:7D:2E:48:6C:BA:1A:54:A4","sha256":"09:2B:9B:DC:90:CD:F0:E4:3D:07:67:4F:5D:E8:F5:ED:A4:45:39:FA:DE:41:11:05:3A:F6:AD:0B:E4:95:B8:BE"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: gom-player.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.net/\r\nCookie: _ga_JV83FJH9EY=GS2.1.s1782996384$o1$g0$t1782996384$j60$l0$h0; _ga=GA1.1.1675696814.1782996385\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:25 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\netag: \"69eeff38-116c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UDhPD%2B0SR3%2FlLrA1Q2t5IiSzGlQtxtMS4jAXh27aXwTBlki4lhdW3U%2Fdv7KltYIR3ndm7hsM5wFtomsvNUKnCxhZR%2B%2BT32yw0cbOwyvVSVrmUe5V44LhoBHIpEl%2Bj%2BhJ9g%3D%3D\"}]}\r\ncf-ray: a14dc0ce78d31525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 4460\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4460,"size_decoded":5214,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19f9163ccb146f269c7b0f6debffd2eb","sha1":"14adfcbef21179fdb0ad9a17313d4f48603852d3","sha256":"2c241bcbba186737815f8feaf7cc204534c48b9a5600a814713feb3f076d52b6","sha512":"2960c8c39df1a469720dfaa3279ac40077f2eec91db73024f120dbf9905bcca5c5f90de2523d6aa6ed4c568da8bdd25ca31025c979ebe8e92ffff844cd2cbc08","ssdeep":"96:/+gi4CtXzg99vvdOZVnJF4WZKRE1JmG5bKNfJoqrgFh2M2uVHcJ5ZMpo:/Hi1Dg/NBC1kNizHgz7","tlshash":"1b918d5b2c27608ade6a7441623cfe691b4c378c26edeac143441bae0e85a43d7c6379","first_seen":"2026-07-02T12:46:56.509011Z","last_seen":"2026-07-02T12:46:57.959487Z","times_seen":2,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.net/","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-02T12:46:23.695Z","timestamp":1782996383695,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 19:46:38 GMT","end":"Sun, 23 Aug 2026 19:46:37 GMT"},"fingerprint":{"sha1":"ED:06:E9:30:7D:6C:CC:96:D4:7F:37:A5:7D:2E:48:6C:BA:1A:54:A4","sha256":"09:2B:9B:DC:90:CD:F0:E4:3D:07:67:4F:5D:E8:F5:ED:A4:45:39:FA:DE:41:11:05:3A:F6:AD:0B:E4:95:B8:BE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gom-player.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:23 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eR1z%2FVUGMBu%2B%2Fac0b3HQ5SKgbk%2FM%2FMgOEcnAPdHKCQa9%2B3oobNnZ5k6TTMznsDADEBLp1Tk9mLUD%2BQA1rB9x%2FXXYsMib8uBxSpQe3c98Tbiu7RNcdlus3BWgbv%2BLenb56A%3D%3D\"}]}\r\ncontent-encoding: zstd\r\ncf-ray: a14dc0c64f261525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":103953,"size_decoded":19278,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (459)","md5":"d47be9a8abad1c393f06268c23c8d887","sha1":"a803a95288ea1f42055bf09067fb552531260617","sha256":"d8650e01ae76aadfaba995f158c1ab98e111a3a1427c2ad0ec344bdbac0ff695","sha512":"5f3b267b4acf8d9c14394db83b0a073e22cfc818a7be5e52eab34b6a6d2b489b09beb64e689f6ce0ee3628a4c18f44e81aa90a3a060a14a1ea6b650fc7c9c2d3","ssdeep":"1536:4oDNJl5PB27QHjJcw5+7Gs3m07f5EpcXhAYH+55FgZMYJam:e2vrm","tlshash":"63a3973671f1056b11a3c2f6bba627377ea4c10bd61b9184b2ad826c5fc7c468d533ac","first_seen":"2026-07-02T12:46:56.511509Z","last_seen":"2026-07-02T12:46:56.511509Z","times_seen":1,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":9,"connect":20,"send":0,"wait":176,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JV83FJH9EY","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gom-player.net/","date":"2026-07-02T12:46:24.360Z","timestamp":1782996384360,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:39:04 GMT","end":"Mon, 07 Sep 2026 08:39:03 GMT"},"fingerprint":{"sha1":"6D:E4:85:F4:01:A4:0B:02:E0:64:E2:F2:58:93:6D:3F:4C:AB:30:9D","sha256":"4A:07:79:34:AC:03:17:68:07:4A:CB:68:23:A7:E3:14:B2:DE:22:3C:E1:AE:8D:F5:2F:2E:2D:C6:28:58:47:CE"}}},"request":{"raw":"GET /gtag/js?id=G-JV83FJH9EY HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\nexpires: Thu, 02 Jul 2026 12:46:24 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 165050\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":485373,"size_decoded":165654,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"cdfeae8f2ed0e30dc12839cbec9474a5","sha1":"663945a669a12a74d7e1760cb2c734ea6c934412","sha256":"5d6ebdb38a0a71e2c80cc831ff775fe5fcb1547f2d9f17881be660c41844cd32","sha512":"a9196d7e184238021262556734fbe6f5659411a471209aa9119c4fe8ca119ea31713562f56a2dae581c96cc51cf3a4b7aad23f0769fddeb42fd483bd072bc3ee","ssdeep":"6144:7LIWtCn0dFkiqGCvJwXQd7pcxIGQznsWjfGUpEGmwvPrLi:PIWzFB0AQQUpEZEni","tlshash":"85a4f8cdb3d674265396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","first_seen":"2026-07-02T12:46:56.513593Z","last_seen":"2026-07-02T12:46:56.513593Z","times_seen":1,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":2,"connect":15,"send":0,"wait":46,"receive":55,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.net/images/icon.webp","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gom-player.net/","date":"2026-07-02T12:46:24.363Z","timestamp":1782996384363,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 19:46:38 GMT","end":"Sun, 23 Aug 2026 19:46:37 GMT"},"fingerprint":{"sha1":"ED:06:E9:30:7D:6C:CC:96:D4:7F:37:A5:7D:2E:48:6C:BA:1A:54:A4","sha256":"09:2B:9B:DC:90:CD:F0:E4:3D:07:67:4F:5D:E8:F5:ED:A4:45:39:FA:DE:41:11:05:3A:F6:AD:0B:E4:95:B8:BE"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: gom-player.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\netag: \"69eeff38-116c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BpDqqlvtYRvooe6FcAV1oUYzzQIapYwaHCx%2BU5wYLWb3F%2FLiX971m3lSxjM6URQJBTQINTfXLPJGsIizPwMFHVCPgSlCMcgLR8TnIaoOPwWX68Tjy3EsEOeGwWGICcMHUw%3D%3D\"}]}\r\ncf-ray: a14dc0ca4fc01525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 4460\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4460,"size_decoded":5196,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19f9163ccb146f269c7b0f6debffd2eb","sha1":"14adfcbef21179fdb0ad9a17313d4f48603852d3","sha256":"2c241bcbba186737815f8feaf7cc204534c48b9a5600a814713feb3f076d52b6","sha512":"2960c8c39df1a469720dfaa3279ac40077f2eec91db73024f120dbf9905bcca5c5f90de2523d6aa6ed4c568da8bdd25ca31025c979ebe8e92ffff844cd2cbc08","ssdeep":"96:/+gi4CtXzg99vvdOZVnJF4WZKRE1JmG5bKNfJoqrgFh2M2uVHcJ5ZMpo:/Hi1Dg/NBC1kNizHgz7","tlshash":"1b918d5b2c27608ade6a7441623cfe691b4c378c26edeac143441bae0e85a43d7c6379","first_seen":"2026-07-02T12:46:56.509011Z","last_seen":"2026-07-02T12:46:57.959487Z","times_seen":2,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gom-player.net/images/gomplayer_feature_03.png","fqdn":"gom-player.net","domain":"gom-player.net","tld":"net"},"ip":{"addr":"104.21.74.137","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://gom-player.net/","date":"2026-07-02T12:46:24.627Z","timestamp":1782996384627,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gom-player.net","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 19:46:38 GMT","end":"Sun, 23 Aug 2026 19:46:37 GMT"},"fingerprint":{"sha1":"ED:06:E9:30:7D:6C:CC:96:D4:7F:37:A5:7D:2E:48:6C:BA:1A:54:A4","sha256":"09:2B:9B:DC:90:CD:F0:E4:3D:07:67:4F:5D:E8:F5:ED:A4:45:39:FA:DE:41:11:05:3A:F6:AD:0B:E4:95:B8:BE"}}},"request":{"raw":"GET /images/gomplayer_feature_03.png HTTP/1.1\r\nHost: gom-player.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://gom-player.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 12:46:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff38-17033a\"\r\nexpires: Sat, 01 Aug 2026 12:46:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hXKTg7qTWS42ZJ5%2B7ovBj8yZvO50U4cuCAWk9OEipO6UDYGCfUoEAlu5M8GCtt5kxJNZZFGRPig0c8VFkGHt5%2F33iL0NMsVOpMGSwvzCukiacOI81VjlrPoH4yu%2BZ7gXIQ%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14dc0cbe8091525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1508154,"size_decoded":1495843,"mime_type":"image/png","magic":"PNG image data, 1760 x 1121, 8-bit/color RGBA, non-interlaced","md5":"29d723c640754f3dacaf793629bac88e","sha1":"6dc2ee0a767e865d0ba5d85218b39b2833220868","sha256":"3db8337dd379ea7715f5526056723a4d22aab44825981fbcc01f254885b0b720","sha512":"99aaa21c927bb3e0342bc2b91431b6f3c0f0f76dc32f0693629a00ad1351624f220596684a334f23fe554a6d4a86fa59a2d62904a1138ad5567bef32d3e7dcd2","ssdeep":"24576:E0mYRa459uOOQmg/EJNLf0lC0S4xAmPAxvVkZTZCcRUas:FZz9uJ4EJN0J6mPUt4RUas","tlshash":"b825335695f4a5b3ac7bca7c3f6106903e67722825a1bb38c95f80d8854d8bd3e03739","first_seen":"2026-07-02T12:46:56.515244Z","last_seen":"2026-07-02T12:46:56.515244Z","times_seen":1,"resource_available":false,"data":null}},"time_used":790,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":600,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"gom-player.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
