{"report_id":"e848a625-2d55-44e1-b673-5cd833860071","version":6,"status":"done","tags":[],"date":"2026-03-01T18:34:22Z","url":{"schema":"https","addr":"auroramc.firestudio.online/","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"auroramc.firestudio.online/","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"title":"AuroraMC Store - Official Minecraft Store","dom":{"size":35554,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (19500)","md5":"16394dbeb9e1081f1f396269f7cd18e8","sha1":"b3af34407438abe13b44b15170f640c0d27b20be","sha256":"04a069df57fbcbf40407abfe3762fec521caaa83f3325593b1d5f9fdcd6cd1a9","sha512":"dcd965717aac224ec8c2135b38448c7f8eb894c5d343f22dc9ea8b9560ec80e2ba20a55d0afe0aead7525d99498fd82e89962c4e944ae22f2747bf22416151aa","ssdeep":"768:NsnB7cxksc64Jysq7vGNSemYVZke2M/ayUiYz8c4XH:NXx/c64Jysq7vUCez1","tlshash":"50f2d8657108013d692b9ba4fac0fb3cf026f241dfa7845ab24c0087e7c7fe569aa755","dom_hash":"domhashcdc368793683fff9a4fbf0cac6875105","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"auroramc.firestudio.online/","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-05T18:34:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-01T18:34:01Z","timestamp":1772390041,"ip_dst":{"addr":"162.159.136.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":36714,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Discord Service Domain (discord .com) in TLS SNI","source":"{\"timestamp\":\"2026-03-01T18:34:01.692210+0000\",\"flow_id\":1866427541314778,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.52\",\"src_port\":36714,\"dest_ip\":\"162.159.136.232\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2060505,\"rev\":1,\"signature\":\"ET INFO Observed Discord Service Domain (discord .com) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_02_28\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1573\"],\"mitre_technique_name\":[\"Encrypted_Channel\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Chat_Service\",\"Discord\"],\"updated_at\":[\"2025_02_28\"]}},\"tls\":{\"sni\":\"discord.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3445,\"start\":\"2026-03-01T18:34:01.679130+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-22T22:18:02.864626Z","alert_count":0,"request_count":1,"received_data":19250,"sent_data":536,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"discord.com","ip":{"addr":"162.159.136.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2000-11-06","domain_rank":220,"first_seen":"2013-06-04T18:47:24Z","last_seen":"2026-02-26T19:43:23.919848Z","alert_count":0,"request_count":1,"received_data":4279,"sent_data":493,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-22T22:14:59.650342Z","alert_count":0,"request_count":4,"received_data":164620,"sent_data":2234,"comment":"","tags":null,"fingerprints":null},{"fqdn":"auroramc.firestudio.online","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":11,"request_count":11,"received_data":2740378,"sent_data":5129,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"mc-heads.net","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2013-12-15","domain_rank":158131,"first_seen":"2014-03-21T14:04:04Z","last_seen":"2026-02-19T08:09:34.829229Z","alert_count":0,"request_count":9,"received_data":0,"sent_data":4072,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.mcsrvstat.us","ip":{"addr":"104.26.15.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-08-31","domain_rank":3114476,"first_seen":"2018-02-02T14:29:44Z","last_seen":"2026-02-22T23:18:29.882171Z","alert_count":0,"request_count":1,"received_data":2682,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"auroramc.firestudio.online/assets/index-CuNYMeBq.js","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5bdb6b424ab06065bb6eb4384c74f66","sha1":"ccca420d59e611f5b5265585ee00b9b3e087586c","sha256":"de490d0b01d6864cb3a3b02b45b76192a676201e23505a999e1e97a00435a8b2","sha512":"678acf864c7020c541d7e98a9e7451b22d97234fbe4761d1cf36b3c8c972ab5d43c81541aca6331699a80bf93220486b58281e463c60534ce6aa96383cc260d4","ssdeep":"12288:GZCzXsyeDNU6tW9T20D2JYRNVhXkOfzvIG:GgzXsyPfIYRJ1r","tlshash":"c8a46bd871a5716897a745e0806f4206b23e2911b40d84a4f13decef3bb1549a2bbffd","size":471546,"data":"","first_seen":"2026-03-01T18:34:29.437312Z","last_seen":"2026-03-01T18:34:29.437312Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://auroramc.firestudio.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 00:25:47 GMT\r\nexpires: Fri, 26 Feb 2027 00:25:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 324494\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-21T23:09:57.078241Z","times_seen":151281,"resource_available":false,"data":null}},"time_used":596,"timings":{"blocked":288,"dns":11,"connect":8,"send":0,"wait":8,"receive":4,"ssl":253},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://auroramc.firestudio.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32108\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 23 Feb 2026 21:16:21 GMT\r\nexpires: Tue, 23 Feb 2027 21:16:21 GMT\r\ncache-control: public, max-age=31536000\r\nage: 508660\r\nlast-modified: Thu, 04 Sep 2025 17:18:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32108, version 1.0","md5":"e414fe5664f376c8f145acd792939183","sha1":"5b69d46adc3a06af762193adb2dddbc359b2e786","sha256":"fa31c7981483e52cbb8b8bc1eb0dc6326f160b8699cc0899349f977f0517a9df","sha512":"51c251910e5cce616b3c336bcb63853f83c306e16e9b79e0a18f924a738ba06b3e2cb8132ff9bc6e720527234eb80e90be2625b860e1728b66d4fe86ac9bafe5","ssdeep":"768:gUX6jLkDeuAkZHs27nAflEFIapAgCauwIFPo3zjERcgmcjz:3X6tkpNAf6FIapAgCaMFozInjz","tlshash":"6ee2e14f8beb009ef3828a7812c46b3195b305d569cbfa901eef85d76b5c247c1474a8","first_seen":"2025-09-05T02:25:45.343777Z","last_seen":"2026-04-21T22:33:49.000317Z","times_seen":12375,"resource_available":false,"data":null}},"time_used":423,"timings":{"blocked":202,"dns":1,"connect":8,"send":0,"wait":9,"receive":8,"ssl":189},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/auroramc-logo.png","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET /auroramc-logo.png HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc-heads.net/avatar/BlazeFury99/64","fqdn":"mc-heads.net","domain":"mc-heads.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.580Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /avatar/BlazeFury99/64 HTTP/1.1\r\nHost: mc-heads.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc-heads.net/avatar/SkyVortex/64","fqdn":"mc-heads.net","domain":"mc-heads.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.586Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /avatar/SkyVortex/64 HTTP/1.1\r\nHost: mc-heads.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/auroramc-icon.png","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET /auroramc-icon.png HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"auroramc-icon.png\"\r\ncontent-type: image/png\r\ndate: Sun, 01 Mar 2026 18:34:01 GMT\r\netag: \"7ddd10d25cf390537f3bc9bd09f20f22\"\r\nlast-modified: Sun, 01 Mar 2026 18:34:01 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::78m8w-1772390041620-6f09b03c6ffc\r\ncontent-length: 151078\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":151078,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"7ddd10d25cf390537f3bc9bd09f20f22","sha1":"b42259c50e1579debadb663989f7e07888a6769a","sha256":"148a4609a2fbc3e0196212c9e2df643f16093534e83a758274f0b43d4438439a","sha512":"b215ab4921a9d059d43b93072cdc6c3a13aef3944ad8648fff6bcfe650a240e0614b2327c96202686d2a8653dcf442869ca0f382cbffaa920a4f81b370772958","ssdeep":"3072:3QQQcNJz3rKjCqQsxxnOlDFkd5ef6fIExhqnlXFMvJNu3M2r4V2FVgvkq5D4xrhx:3QQQcz3K2CKkd5ef6fIEal1MvJYc4/g0","tlshash":"afe3120207fdf585e61ed39efb999838af28810a833450c7fd21b27e7a206c71f95569","first_seen":"2026-03-01T18:34:29.434731Z","last_seen":"2026-03-01T18:34:29.434731Z","times_seen":1,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mcsrvstat.us/2/play.auroramc.net","fqdn":"api.mcsrvstat.us","domain":"mcsrvstat.us","tld":"us"},"ip":{"addr":"104.26.15.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mcsrvstat.us","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 15 Jan 2026 17:27:26 GMT","end":"Wed, 15 Apr 2026 18:27:22 GMT"},"fingerprint":{"sha1":"45:C3:8D:A4:4C:12:EC:73:58:1D:46:61:40:CC:7B:38:60:C2:BC:C7","sha256":"16:08:F8:81:A9:1D:85:59:3D:F4:CD:A8:B7:75:58:1F:15:56:D3:40:DD:EC:40:0E:96:63:FC:B2:70:D0:4D:3A"}}},"request":{"raw":"GET /2/play.auroramc.net HTTP/1.1\r\nHost: api.mcsrvstat.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://auroramc.firestudio.online/\r\nOrigin: https://auroramc.firestudio.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Mar 2026 18:34:03 GMT\r\ncontent-type: application/json\r\ncontent-length: 406\r\naccess-control-allow-origin: *\r\naccess-control-request-method: GET\r\ncache-control: public,must-revalidate,max-age=120\r\ncontent-encoding: gzip\r\ncontent-security-policy: default-src 'none'; img-src 'self' data: https://mcsrvstat.us https://dev.mcsrvstat.us; font-src 'self' https://cdnjs.cloudflare.com; script-src 'self' 'nonce-8446b99998d1df7c11052be7612149af905bc3ca' https://cdnjs.cloudflare.com https://static.cloudflareinsights.com; style-src 'self' 'nonce-8446b99998d1df7c11052be7612149af905bc3ca' https://cdnjs.cloudflare.com; connect-src 'self' https://cloudflareinsights.com; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests\r\nserver: cloudflare\r\nx-xss-protection: 1; mode=block\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: CL9FIWteQripvENYYqdHTg\r\naccept-ranges: bytes\r\nvia: 1.1 varnish\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1772390042.866941,VS0,VE1513\r\nvary: Accept-Encoding\r\nx-railway-cdn-edge: fastly/cache-bma-essb1270072-BMA\r\ncf-cache-status: EXPIRED\r\nlast-modified: Sun, 01 Mar 2026 18:34:03 GMT\r\nx-frame-options: DENY\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BBr%2BRKh7VH9mhes8He5S23sBvOFBhcHzbiXHl%2Bc0U96ziq9RHbG3IEMgpGLMJilg75wF1UPABPAw1aEk%2FUjhovHXICvqcI3WwBN%2FgjM9jw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=0\r\npermissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-ray: 9d5a40e11ce5be94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":756,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5579d73c52eff20e4f8c6e585bcd3418","sha1":"fc4a6d81f82c70ceec402c76ffe1800089a80dd8","sha256":"4a15d6f49cdad302c4947831145c8ea1077c920492e42835637b05c56429d285","sha512":"a9578344aeb75d19ac1c31a0a66a04a52dfe44c09fed1e111f6004983e3d1aebffef94de9603c031266295830e3228330847a6dd175b6e14e0e0623be758636f","ssdeep":"","tlshash":"6c01b82c60e297fdd1204099c256128ed2590087729e2796c0a70f0cf0db9eb743520b","first_seen":"2026-03-01T18:34:29.436335Z","last_seen":"2026-03-01T18:34:29.436335Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1825,"timings":{"blocked":98,"dns":17,"connect":9,"send":0,"wait":1613,"receive":0,"ssl":85},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/assets/index-CuNYMeBq.js","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:00.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET /assets/index-CuNYMeBq.js HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"index-CuNYMeBq.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sun, 01 Mar 2026 18:34:01 GMT\r\netag: \"98243f81afdf3c3259ececbe837bd730\"\r\nlast-modified: Sun, 01 Mar 2026 18:34:01 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::bqj4f-1772390040968-8d0a2ea63c22\r\ncontent-length: 156232\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":471546,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (37653)","md5":"b5bdb6b424ab06065bb6eb4384c74f66","sha1":"ccca420d59e611f5b5265585ee00b9b3e087586c","sha256":"de490d0b01d6864cb3a3b02b45b76192a676201e23505a999e1e97a00435a8b2","sha512":"678acf864c7020c541d7e98a9e7451b22d97234fbe4761d1cf36b3c8c972ab5d43c81541aca6331699a80bf93220486b58281e463c60534ce6aa96383cc260d4","ssdeep":"12288:GZCzXsyeDNU6tW9T20D2JYRNVhXkOfzvIG:GgzXsyPfIYRJ1r","tlshash":"c8a46bd871a5716897a745e0806f4206b23e2911b40d84a4f13decef3bb1549a2bbffd","first_seen":"2026-03-01T18:34:29.437312Z","last_seen":"2026-03-01T18:34:29.437312Z","times_seen":1,"resource_available":true,"data":null}},"time_used":361,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":355,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/auroramc-background.png","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET /auroramc-background.png HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/auroramc-logo.png","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET /auroramc-logo.png HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"auroramc-logo.png\"\r\ncontent-type: image/png\r\ndate: Sun, 01 Mar 2026 18:34:01 GMT\r\netag: \"b4eb0544af66986dfacb7a38370361d6\"\r\nlast-modified: Sun, 01 Mar 2026 18:34:01 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::prmf2-1772390041619-2d7c47f0c873\r\ncontent-length: 204222\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":204222,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"b4eb0544af66986dfacb7a38370361d6","sha1":"e67e523dd8a7a540d5f620c9dc01516b3979c64b","sha256":"123a94f114d51997b6f050fbc3fa3e29c473ca0fd88a69aefa2491f7308572a3","sha512":"cf6085f53a8595e8a768639f274f75cd219590640e05cb7d661f14428aaf01cff609a94f1d6d2052c1715f9d1e6eb3b6f746a6bdfb3c8955e3f3186cb3c545e8","ssdeep":"3072:bC7GLE5nUpDyEXfvc7fcHzCBJHPxUUvbMzetlKchsTRqtffOp32UmILaSKLX:uUpD5jcxvozIUKtHBZSg","tlshash":"1b1423b49ec9e3baf06f54f9134e182b49429c3a92d20b515534b9d225b2f84fd90fb3","first_seen":"2026-03-01T18:34:29.438157Z","last_seen":"2026-03-01T18:34:29.438157Z","times_seen":1,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://auroramc.firestudio.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32108\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 23 Feb 2026 21:16:21 GMT\r\nexpires: Tue, 23 Feb 2027 21:16:21 GMT\r\ncache-control: public, max-age=31536000\r\nage: 508660\r\nlast-modified: Thu, 04 Sep 2025 17:18:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32108, version 1.0","md5":"e414fe5664f376c8f145acd792939183","sha1":"5b69d46adc3a06af762193adb2dddbc359b2e786","sha256":"fa31c7981483e52cbb8b8bc1eb0dc6326f160b8699cc0899349f977f0517a9df","sha512":"51c251910e5cce616b3c336bcb63853f83c306e16e9b79e0a18f924a738ba06b3e2cb8132ff9bc6e720527234eb80e90be2625b860e1728b66d4fe86ac9bafe5","ssdeep":"768:gUX6jLkDeuAkZHs27nAflEFIapAgCauwIFPo3zjERcgmcjz:3X6tkpNAf6FIapAgCaMFozInjz","tlshash":"6ee2e14f8beb009ef3828a7812c46b3195b305d569cbfa901eef85d76b5c247c1474a8","first_seen":"2025-09-05T02:25:45.343777Z","last_seen":"2026-04-21T22:33:49.000317Z","times_seen":12375,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":248,"dns":1,"connect":8,"send":0,"wait":8,"receive":2,"ssl":229},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Outfit:wght@300;400;500;600;700;800;900\u0026family=Inter:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Outfit:wght@300;400;500;600;700;800;900\u0026family=Inter:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 01 Mar 2026 18:34:01 GMT\r\ndate: Sun, 01 Mar 2026 18:34:01 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18564,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2fc9649bdb7a6aba5f5c008f06d95f8b","sha1":"4083b62de1bb0aa12322b0b1d068e9d6052519bd","sha256":"6a812806e6a2bdc236846edc6fb39a96ce376799c94cf87091c7ee2a987ce7af","sha512":"90b01a8990a6a8018efe4d16193021bf596c5bf01bb2b00034e4c83647921a78a1df20e06581b54925a8114c175f7b09970634c5208b9a5b15e4397ff13ff26e","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGchbNh6Ohz:8KYXuM0p2+L","tlshash":"6282ee92002ba500ab870dc223cf7f3aae8e51846485d5799ffd0cc9acefd66436975d","first_seen":"2025-10-27T00:58:54.89967Z","last_seen":"2026-04-09T17:33:38.69155Z","times_seen":10,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":67,"dns":1,"connect":7,"send":0,"wait":22,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc-heads.net/avatar/xNitroZ/64","fqdn":"mc-heads.net","domain":"mc-heads.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.576Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /avatar/xNitroZ/64 HTTP/1.1\r\nHost: mc-heads.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/FireStudio.png","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET /FireStudio.png HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 505853\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"FireStudio.png\"\r\ncontent-type: image/png\r\ndate: Sun, 01 Mar 2026 18:34:01 GMT\r\netag: \"a9a24a988f1a266abf12ad6e8a3a023b\"\r\nlast-modified: Mon, 23 Feb 2026 22:03:07 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mbrtg-1772390041634-863c9910a578\r\ncontent-length: 761089\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":761089,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced","md5":"a9a24a988f1a266abf12ad6e8a3a023b","sha1":"b6e61ef9fcd7d9db69adef3a710201ae558789c5","sha256":"6db08d88d7188385c32b5786746dfaddd45411ea629f52802bac9916aa8a55eb","sha512":"2250520d0911240feb037751487e98ab7504b481db3169c7d529e4d048a7a6389c91fbc008a260082e07edf5072f426490c38078810e550ff6f5fffebebad97f","ssdeep":"12288:u/ewTKIMHMttSwrMIh7MHQtR56Mp8Q38TPUwNc/Yaw2cEoRQgQmMFE83RwVGEOEJ:u/ew2ICMeTVyJ+PH0pei5E83RZ1EYo8s","tlshash":"7cf423e1d8caa4a7c15616706c1f3d4cb7763cf65f7c4aa1391dc926a48fb00d226e2e","first_seen":"2026-03-01T18:34:29.440219Z","last_seen":"2026-03-01T18:34:29.440219Z","times_seen":1,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/auroramc-icon.png","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET /auroramc-icon.png HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://auroramc.firestudio.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 00:25:47 GMT\r\nexpires: Fri, 26 Feb 2027 00:25:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 324494\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-21T23:09:57.078241Z","times_seen":151281,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":219,"dns":5,"connect":10,"send":0,"wait":9,"receive":5,"ssl":205},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/assets/index-fCBZSlO3.css","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:00.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET /assets/index-fCBZSlO3.css HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"index-fCBZSlO3.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Sun, 01 Mar 2026 18:34:01 GMT\r\netag: \"b8f9f0ada0e704c344fec43a78f55408\"\r\nlast-modified: Sun, 01 Mar 2026 18:34:01 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::x2bcj-1772390040970-0b1e5105f494\r\ncontent-length: 16871\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":98693,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"78748a8d914bf8de7497acd26d316ae5","sha1":"6658f3bbd14cfd0b494d9db6bf1a0f7289f753f5","sha256":"4b1a04bd0c607293a56d0198f532acf7d5578241e934cb4d04b0c7164eb50a49","sha512":"12f04c0165b259da62a5d2bdbd2e904c446441ad5a5140dde26966f4a518da8b9adf9379f3075f92da140be61f6192a49379d0bef3aafccafe782b7c483cb554","ssdeep":"3072:yhObVR9EkT7LsUfaGHCr378VQZkt5FftKjwiW:yhObVR9Ekb9Cr378VQZkt5FftKjwiW","tlshash":"29a39629a969607f7c17a1f4c3ccb5aca51ef0d0de3a06b5bd9a412467e33f60c6b904","first_seen":"2026-03-01T18:34:29.441216Z","last_seen":"2026-03-01T18:34:29.441216Z","times_seen":1,"resource_available":false,"data":null}},"time_used":330,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc-heads.net/avatar/ItzCrafter/64","fqdn":"mc-heads.net","domain":"mc-heads.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.590Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /avatar/ItzCrafter/64 HTTP/1.1\r\nHost: mc-heads.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc-heads.net/avatar/FrostByte21/64","fqdn":"mc-heads.net","domain":"mc-heads.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.606Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /avatar/FrostByte21/64 HTTP/1.1\r\nHost: mc-heads.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc-heads.net/avatar/Ace_Phantom/64","fqdn":"mc-heads.net","domain":"mc-heads.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.584Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /avatar/Ace_Phantom/64 HTTP/1.1\r\nHost: mc-heads.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/auroramc-background.png","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET /auroramc-background.png HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"auroramc-background.png\"\r\ncontent-type: image/png\r\ndate: Sun, 01 Mar 2026 18:34:02 GMT\r\netag: \"deb439304a0171ce2ad40a12b89c2939\"\r\nlast-modified: Sun, 01 Mar 2026 18:34:02 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::jx2dg-1772390041621-2eb629fc00cf\r\ncontent-length: 896937\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":896937,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 585, 8-bit/color RGBA, non-interlaced","md5":"deb439304a0171ce2ad40a12b89c2939","sha1":"5739855b6e93e20fe1ec9ba6e41cfd2a0f4b9207","sha256":"70ccc1a54ac8d822adcf1158cec8f0fe28ffdcf88ef65dae33c8bab649a05463","sha512":"0b80b3629435621eaaf7abc32b2116c3c836f407f8433220d3b26b6e8ac70bb1d4696295743e92e57562e6e9e2999b0a471ea783d5cf4c6338b3abba23e527bb","ssdeep":"24576:N97TVxtpIaHOk6DRyi9cmvfkxdTkavkp+Gi:N9daaudtV9/M4acp/i","tlshash":"6b152359dedb1771261e4e6b91adccb30f7466f36b3ccd2a76e460dab406ac205d0328","first_seen":"2026-03-01T18:34:29.442002Z","last_seen":"2026-03-01T18:34:29.442002Z","times_seen":1,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":428,"receive":147,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-01T18:34:00.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 01 Mar 2026 18:34:00 GMT\r\netag: \"ea9b6f17acc5338113a7ac5ac6addc39\"\r\nlast-modified: Sun, 01 Mar 2026 18:34:00 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::jpkrv-1772390040406-c1d86911d28a\r\ncontent-length: 609\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1462,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"ea9b6f17acc5338113a7ac5ac6addc39","sha1":"438721152289846a8ce1c553aeffb2701bb22080","sha256":"35859c3af3d1ddc5bbc6f1def9cdde0a858c2dad06b39e01d056e4888dbf1cac","sha512":"dd57544e5be54e0a0aa4faeae76bae9e740ac18206f32f58394b6566b739b58351a6020bf9fccfbd6228d48cc89243adb756050894ff6cd0c7be99845879117a","ssdeep":"","tlshash":"a1310f23e2028c5ee378c3244dd3f0089229d187c25c9885b3eda69e15c9bc0d7fb295","first_seen":"2026-03-01T18:34:29.442989Z","last_seen":"2026-03-01T18:34:29.442989Z","times_seen":1,"resource_available":false,"data":null}},"time_used":728,"timings":{"blocked":167,"dns":73,"connect":1,"send":0,"wait":10,"receive":376,"ssl":98},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc-heads.net/avatar/Guest/40","fqdn":"mc-heads.net","domain":"mc-heads.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.536Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /avatar/Guest/40 HTTP/1.1\r\nHost: mc-heads.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":9,"connect":8,"send":0,"wait":0,"receive":0,"ssl":-1},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auroramc.firestudio.online/favicon.ico","fqdn":"auroramc.firestudio.online","domain":"firestudio.online","tld":"online"},"ip":{"addr":"216.198.79.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:02.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auroramc.firestudio.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Feb 2026 12:22:55 GMT","end":"Tue, 12 May 2026 12:22:54 GMT"},"fingerprint":{"sha1":"31:FA:FE:B3:D6:90:14:8E:66:A9:4A:D7:57:5A:CD:8E:76:45:C9:4A","sha256":"62:06:E3:10:F4:08:C8:5E:7E:5B:24:31:69:F5:CF:FF:EA:0F:10:CC:A0:E9:AB:7D:86:C1:DA:B3:7B:2E:43:4F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: auroramc.firestudio.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"favicon.ico\"\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Sun, 01 Mar 2026 18:34:02 GMT\r\netag: \"7ddd10d25cf390537f3bc9bd09f20f22\"\r\nlast-modified: Sun, 01 Mar 2026 18:34:02 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::jx2dg-1772390042305-f45b2de2a11e\r\ncontent-length: 149449\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":151078,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"7ddd10d25cf390537f3bc9bd09f20f22","sha1":"b42259c50e1579debadb663989f7e07888a6769a","sha256":"148a4609a2fbc3e0196212c9e2df643f16093534e83a758274f0b43d4438439a","sha512":"b215ab4921a9d059d43b93072cdc6c3a13aef3944ad8648fff6bcfe650a240e0614b2327c96202686d2a8653dcf442869ca0f382cbffaa920a4f81b370772958","ssdeep":"3072:3QQQcNJz3rKjCqQsxxnOlDFkd5ef6fIExhqnlXFMvJNu3M2r4V2FVgvkq5D4xrhx:3QQQcz3K2CKkd5ef6fIEal1MvJYc4/g0","tlshash":"afe3120207fdf585e61ed39efb999838af28810a833450c7fd21b27e7a206c71f95569","first_seen":"2026-03-01T18:34:29.434731Z","last_seen":"2026-03-01T18:34:29.434731Z","times_seen":1,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":261,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-01","alert":"Sinkholed","trigger":"auroramc.firestudio.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc-heads.net/avatar/DarkSerpent_/64","fqdn":"mc-heads.net","domain":"mc-heads.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.594Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /avatar/DarkSerpent_/64 HTTP/1.1\r\nHost: mc-heads.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc-heads.net/avatar/xZephyrMC/64","fqdn":"mc-heads.net","domain":"mc-heads.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.598Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /avatar/xZephyrMC/64 HTTP/1.1\r\nHost: mc-heads.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://auroramc.firestudio.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-21T23:09:27.816316Z","times_seen":14035772,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"discord.com/api/v9/invites/RRtv85zNYE?with_counts=true","fqdn":"discord.com","domain":"discord.com","tld":"com"},"ip":{"addr":"162.159.136.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://auroramc.firestudio.online/","date":"2026-03-01T18:34:01.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"discord.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 04 Jan 2026 10:58:36 GMT","end":"Sat, 04 Apr 2026 11:58:34 GMT"},"fingerprint":{"sha1":"FA:C1:D5:8B:B4:7F:EC:D5:63:EB:57:55:AE:FA:A5:C7:D0:EE:0E:4B","sha256":"0F:F8:67:A0:0A:22:A7:A4:35:F9:F6:FD:42:EE:8E:F4:D9:28:CE:76:58:7B:73:74:86:1C:5A:EB:41:BE:0C:26"}}},"request":{"raw":"GET /api/v9/invites/RRtv85zNYE?with_counts=true HTTP/1.1\r\nHost: discord.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://auroramc.firestudio.online/\r\nOrigin: https://auroramc.firestudio.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Mar 2026 18:34:02 GMT\r\ncontent-type: application/json\r\nset-cookie: __dcfduid=380b9d88159d11f1a33b439430f49df5; Expires=Fri, 28-Feb-2031 18:34:01 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax\n__sdcfduid=380b9d88159d11f1a33b439430f49df535a94afb692453420fca2698750446b595b1584473a2f0ca6f03d32ada195d78; Expires=Fri, 28-Feb-2031 18:34:01 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax\n_cfuvid=Cu3R13chB4g3KEoZO9p_VKN1aAElPUOTovrfiWysejk-1772390041.7105615-1.0.1.1-ynG56c3Nzcf0jYKzzE.E8MTIUehMvFxMjJgtR2YSuxM; HttpOnly; SameSite=None; Secure; Path=/; Domain=discord.com\r\ncf-ray: 9d5a40e0aad8a0f0-OSL\r\ncf-cache-status: BYPASS\r\naccess-control-allow-origin: https://auroramc.firestudio.online\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\ncontent-security-policy: frame-ancestors 'none'; default-src https://o64374.ingest.sentry.io; report-to csp-sentry; report-uri https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870\u0026sentry_environment=stable\r\nreporting-endpoints: csp-sentry=\"https://o64374.ingest.sentry.io/api/5441894/security/?sentry_key=8fbbce30bf5244ec9429546beef21870\u0026sentry_environment=stable\"\r\nx-content-type-options: nosniff\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Captcha-Session-Id, X-Discord-Resource-Optimization-Level, x-science-test, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision, X-Discord-Features, X-Installation-Id\r\naccess-control-allow-methods: POST, GET, PUT, PATCH, DELETE\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-discord-features: invites\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3f0wvf9zKIjmW1SoADK1RSC0ww%2FK2eHbRnfJUCg3%2Fe7np%2FUXV9e8XuNmuILD%2BbH%2B2j%2Fn%2Bt%2FRnslayz9iJb%2BSGBjykzXaqtF6JKM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1970,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e05a8e05b643e0b7d00d6f334356558d","sha1":"876f778709b0a4c4af1a61d1d25f8d55f7fecc6f","sha256":"b7c938d54d8acb657f34301834c893d145d1759a466e6233006efd6e2f8dd861","sha512":"024c9a20b5afc02d244fc7aadbae0ea2600ddc5bc6ad670c3e8c0d154ccd2ce7a97a985fc2774503893e4cfa8d9cc97a56c2a3bc00d3e139aad506d1e8c51710","ssdeep":"","tlshash":"5b4154695d2c28a3de9f646e5dc0fe4a815c30fbd659cc50dcc5072941ed3a3630a266","first_seen":"2026-03-01T18:34:29.444116Z","last_seen":"2026-03-01T18:34:29.444116Z","times_seen":1,"resource_available":false,"data":null}},"time_used":385,"timings":{"blocked":28,"dns":5,"connect":2,"send":0,"wait":322,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}