{"report_id":"00bdd432-2855-4173-bf29-aa3fa82fd743","version":6,"status":"done","tags":[],"date":"2025-10-07T08:05:11Z","url":{"schema":"http","addr":"vcc.iljmp.com/1/f-00163?lp=https://tdzebli.com/1/%23-p6J-mE","fqdn":"vcc.iljmp.com","domain":"iljmp.com","tld":"com"},"ip":{"addr":"44.213.194.167","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"title":"The most popular dating site this month"},"submit":{"url":{"schema":"http","addr":"vcc.iljmp.com/1/f-00163?lp=https://tdzebli.com/1/%23-p6J-mE","fqdn":"vcc.iljmp.com","domain":"iljmp.com","tld":"com"},"ip":{"addr":"44.213.194.167","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-11T08:05:11Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":6}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-07T08:04:45Z","timestamp":1759824285,"ip_dst":{"addr":"54.240.174.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.19","port":33260,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)","source":"{\"timestamp\":\"2025-10-07T08:04:45.260439+0000\",\"flow_id\":117878760008324,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":33260,\"dest_ip\":\"54.240.174.127\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049251,\"rev\":1,\"signature\":\"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_11_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_11_17\"]}},\"tls\":{\"sni\":\"openfpcdn.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":914,\"bytes_toclient\":4622,\"start\":\"2025-10-07T08:04:45.256644+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"befjajh.flirtosmart.com","ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"domain_registered":"2024-11-06","domain_rank":0,"first_seen":"2024-12-30T18:10:51.158169Z","last_seen":"2025-09-30T16:19:49.405285Z","alert_count":28,"request_count":7,"received_data":395709,"sent_data":27617,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"jQuery:3.2.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"tdzebli.com","ip":{"addr":"88.214.27.56","port":443,"asn":209272,"as":"Alviva Holding Limited","country":"Germany","country_code":"DE"},"domain_registered":"2025-08-13","domain_rank":0,"first_seen":"2025-08-13T21:10:41.256815Z","last_seen":"2025-10-06T01:40:19.719813Z","alert_count":4,"request_count":2,"received_data":2633,"sent_data":913,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server:2","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-05T22:12:07.524768Z","alert_count":0,"request_count":1,"received_data":24415,"sent_data":536,"comment":"","tags":null,"fingerprints":null},{"fqdn":"vcc.iljmp.com","ip":{"addr":"52.7.37.178","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2012-06-13","domain_rank":0,"first_seen":"2022-08-08T09:37:35Z","last_seen":"2025-10-02T16:01:16.687869Z","alert_count":0,"request_count":1,"received_data":2654,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.3.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"openfpcdn.io","ip":{"addr":"54.240.174.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-11-10","domain_rank":9255,"first_seen":"2021-11-11T13:02:44Z","last_seen":"2025-10-05T23:32:09.773313Z","alert_count":0,"request_count":1,"received_data":15897,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2025-10-05T22:14:21.734265Z","alert_count":0,"request_count":1,"received_data":29245,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-05T22:12:06.373682Z","alert_count":0,"request_count":1,"received_data":2242,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-07T08:04:45Z","timestamp":1759824285,"ip_dst":{"addr":"54.240.174.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.19","port":33260,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)","source":"{\"timestamp\":\"2025-10-07T08:04:45.260439+0000\",\"flow_id\":117878760008324,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":33260,\"dest_ip\":\"54.240.174.127\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2049251,\"rev\":1,\"signature\":\"ET INFO Observed FingerprintJS Domain (openfpcdn .io in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_11_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_11_17\"]}},\"tls\":{\"sni\":\"openfpcdn.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":914,\"bytes_toclient\":4622,\"start\":\"2025-10-07T08:04:45.256644+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tdzebli.com/1/#-p6J-mE","fqdn":"tdzebli.com","domain":"tdzebli.com","tld":"com"},"ip":{"addr":"88.214.27.56","port":443,"asn":209272,"as":"Alviva Holding Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"081c57654359c9e98068f585d63f6f32","sha1":"daa034a3062372016572618110ae892e9ba48dac","sha256":"51d0aca0b92ffaf13ee49cad5f8dd0bda4352a93fbe614ab6b7c98cbe0ecaf6a","sha512":"26519650edf17286aae37d3228a06e5763fb338213e8062a76a3821b3ca0d113a817fc31418294609864e67ea5fcca03247151c52868fae66dfe29a513e86cd4","ssdeep":"","tlshash":"38211c671897002e2f93005e3b6fb6ab70a264272449f409b0ae8f2d1fd0e21e4b35dc","size":1243,"data":"","first_seen":"2025-08-26T14:55:44.85854Z","last_seen":"2025-10-15T18:50:56.022624Z","times_seen":2250,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openfpcdn.io/botd/v1","fqdn":"openfpcdn.io","domain":"openfpcdn.io","tld":"io"},"ip":{"addr":"54.240.174.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"234a8c1c15df9b03c65e9e14c82fc872","sha1":"e5ca36727846aede7dfbc07e88b2b025eb0cae90","sha256":"29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89","sha512":"9aeee4e620de49e0ed303917e9afc1806da0815896bc5feef3add9f89e0429678bfe0d9f0ad3fc940bd8e48f7e235e5c8d23463407c42b6fbc740b50c43a0b53","ssdeep":"384:/yKlnAKXPD899vDMKXExXI7EhgKkVGVXvPGt7MD:hfPD899vDMKHLVGVXvPGNA","tlshash":"bd62a4cef996b07553bb34a1503f2206b2362655745e84a0cf2bc2c16879e5ac23bf6d","size":15196,"data":"","first_seen":"2024-04-04T09:37:24Z","last_seen":"2026-06-02T15:11:44.208616Z","times_seen":13436,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/44/assets/js/js.js","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e46de74d1bdfda878c542f3eafd6430f","sha1":"04174b7fcb23a76f5fe923e2e565a81652569402","sha256":"54bad1d3ee7350421b67a4fdfd7f5e16e0fae60748ad0308ba0b78f745c50595","sha512":"b4229c502997fbea62bce47000ebe10aa9bcbb35693b2a9a0ef1fe0e4a9599edd837814d62b03dffcea2b15044b0ba85568218ef0e882d81085abfe001c9db13","ssdeep":"","tlshash":"e2c08c2cf3fc896200bf70ad0827c84c15322441364b2b01c0ac16102ea951c3666a52","size":151,"data":"","first_seen":"2023-08-06T21:26:39Z","last_seen":"2026-05-13T12:34:59.258964Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"27db4b481a190c20f5762916101cbbff","sha1":"6bc98590b94a05832804f8bea9b0967b85ab32a2","sha256":"2424d8156c101da8d5799ef925bcd83521cc2625c624ca4907449ff9ca440baa","sha512":"3753ea67ffce2cc67587b29045452dcef6a058a83aa20cbb0bef76c0288c7ee7d00e01a2ff1f1edc51ed0a78fb54904bdfbad8df609b07ef33b31930885306f1","ssdeep":"","tlshash":"b7815cc63e0b3ade3484b1188ae63f2172dfb76061d9a8e29ab4fd1e0d59e437475d40","size":3879,"data":"","first_seen":"2025-10-07T08:05:13.627111Z","last_seen":"2025-10-07T08:05:13.627111Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/44/assets/js/jquery-3.2.1.min.js","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9f5aeeca3ad37bf2aa006139b935f0a","sha1":"1055018c28ab41087ef9ccefe411606893dabea2","sha256":"87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de","sha512":"dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58","ssdeep":"1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9","tlshash":"4483e6d9b2c67062977730b950bf410bb17a98dab44c8c60f158d9d47eb8a8d907bf2c","size":86659,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-02T16:33:57.638348Z","times_seen":92154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"e7d6b85edb141824af8951e19333337c","sha1":"76600b2cb1978ca24d9fe39b1412f052da855ddb","sha256":"6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e","sha512":"caeece2e9f68aeb3ae0f077644afc417304c4c867674e779cc0acaa30e372ccf7cd42080fea47f986508082f15f7dfca6071def8dc77206af61167220c34c686","ssdeep":"384:JUr/AGPMPeRBiJRBxdMCD6AvSEzZMOC51MACXvAbXIORv1QpjXuBsb6ec3x7ZonL:JqAPbBRvB3ACfaYOTQpz0eEdAL","tlshash":"bed23a4d30df343a03a266d5212fe508b5795ec4700d4440eaba9a943df4eab627ffe9","size":30685,"data":"","first_seen":"2023-03-07T01:14:35Z","last_seen":"2026-06-02T09:02:49.942196Z","times_seen":8054,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"0cfd65ff49922840ca64af529f37ee95","sha1":"bfd94eb90d17c39597248dede47c83ba4e2ced72","sha256":"55ec1f09294dff1b44d52e326535f06024025ca63bb6fe48882a126421298a15","sha512":"5aef95c803a1c71d52a841eeedb3125377d7fe1cc918c1509056d6cb79d3971e34fabef2ff6fb13e90010158c847a5f9fd6a7274b0a2426094701fe9dfcb7f59","ssdeep":"192:5pj5FsCEQ0p7/OorR2X1Yiubp7A9M1TKXjyLNLwzTLWI:zHupIYiubp09Md9M","tlshash":"e7e1dc9924f2616509bb70bc9fdf9224317a541f24899a10bc5c07d4afacd7ca3b0fe8","size":7438,"data":"","first_seen":"2025-10-01T14:30:08.801322Z","last_seen":"2025-10-21T10:02:02.639533Z","times_seen":826,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"149056fccb5063e0260d8fb1f9e14966","sha1":"46cab50b3ca932a0ddaec7140a583f4d9a5ed11e","sha256":"a6e396bf650118b365fa4d73f3669a524d18f2af0905a8b36701d50c477967f8","sha512":"0c01b1d7121e9ba3d5d3b151b82e23cacac0b64ef34ebe757033e7b2d5f95cab8a96112dce0903d491ce07788567735cb70896478d373e9049ca4d06c35e2603","ssdeep":"","tlshash":"03d08069476505700d33f57d030ee74131fb90571144cd56b5ec01441f4074981f41d0","size":268,"data":"","first_seen":"2025-09-30T17:44:21.39311Z","last_seen":"2026-06-01T16:55:55.053833Z","times_seen":5179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"41d3ca5bc39fdba48b5e6c0db52c7e1a","sha1":"3a20a6949e1fe331ba65a7be90cff19e72ea4267","sha256":"262d4d16bbaddf27125175b4096ed1f82fee2e6010b3749626749d7b6193ecb7","sha512":"d3e5454f541945870b5d8da97802533f6fd4afaac276de39eb0293d7901e6f86bfcd470ac9c8b719f85c012600d542b126e8fb6ec16776e7d4e8e284178c36bf","ssdeep":"","tlshash":"9d21cb5d6091707435f7b0b6aa1e62503133028f202facd2b9dc3305af39e0e0b83b41","size":1225,"data":"","first_seen":"2025-07-05T17:30:26.75814Z","last_seen":"2026-03-23T22:03:17.435522Z","times_seen":3562,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/just-validate@4.1.0/dist/just-validate.production.min.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"713352ee6a16034c696a6e2785b92280","sha1":"6289cf9b1f0e775ad3feb36b0fcfe5af301a0e5b","sha256":"c08b11b232cea03b467d40d5b0990d7deaee04ae1de7af2d4eb94c3544b4c1a5","sha512":"8c42085cda5010ff9eb71174f3f5af3f94f276ab1b134241ed70cd37b3c8d7b8efc7a0899e964be8cef88474da2bee314158b86e45a64ecc0294f8dd628de2fa","ssdeep":"768:VkW++Jv/0btODUsl7dMrXfSCiwgRgpZ1UuVvw1CByfDwty0HD/h7PCByCrCagSZi:mCsRXaCiwgRgysnY3gSK6U","tlshash":"0ad2d606267109234dd94ae9e08b9543b3d1375da518a4ccf73dacfb9a8dec630937b2","size":28389,"data":"","first_seen":"2025-09-05T11:13:19.031002Z","last_seen":"2026-06-01T17:48:08.859661Z","times_seen":8680,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato:400,700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-10-07T08:04:46.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"54:09:EF:2E:96:03:5C:86:DF:F0:DA:AC:A6:7A:0D:35:49:4E:68:90","sha256":"0E:84:83:07:1D:C1:46:17:EB:EA:2F:15:CE:88:56:D2:FF:9E:AE:31:D2:C3:FC:DA:00:24:46:48:43:CD:11:1F"}}},"request":{"raw":"GET /css?family=Lato:400,700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 07 Oct 2025 08:04:47 GMT\r\ndate: Tue, 07 Oct 2025 08:04:47 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1556,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"fb11803945991f23c6f306b6943b1012","sha1":"fed43f9f939246591860130c7cbfb84ce282614e","sha256":"3f7a1dddeb3c904b5573a2f03f3dbeb9ed69bb8cd30e4917f9f1e422ee51e0bc","sha512":"249034099f738fe88da46e5ee62dc04c4a1f368c26986abcaee477b53aeaa52e6b46573eae2b9b17ca5430a6b5c85573a27af7ff72eba2430e373ab7ab98f0ef","ssdeep":"","tlshash":"9431bd91096fb508db830cc212c97d32ef0f625064499831aeff14d8bca7c699362b0d","first_seen":"2025-09-17T01:18:38.016711Z","last_seen":"2026-06-02T16:36:29.736074Z","times_seen":4759,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":90,"dns":1,"connect":7,"send":0,"wait":17,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/44/assets/img/u1.jpg","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-10-07T08:04:47.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/44/assets/img/u1.jpg HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/bundle/44/assets/css/style.css\r\nCookie: s=0OZPB3vJk4YoiN%2BbnYNjc1FGjKucIcdGgmsmeizDsUewylF0SXxHVAL9Qqh3ZWKweh2Gb7wNaVioBPPjjakTzyB%2BNvQRH5xb%2FzdQQqWb1QiPBl3P1K6uIMm1hSimYAp4T%2BBCh%2BMrSB2YKBDKYzjUabOYYb94mLh4gjXAbyQY9kfzJG28kecjDtYFGv6ap0dC7upRWk4lbyD7h%2BdoSm4tWee%2FK0I7jzRpSvx42X1xu9P12TSjCfZUuA0M%2FiEehmVXGJ%2BGdo7w9f2HxgGnnQPYK0rpaGG7DnIBeyx0u1nFMVgDNEz3UDe9gphBYNVKxsvOCkHi5oyJL98E2eH3y7fCLZWYghIP7KR11ZMSClymVLO3%2B0hGRcCTbgJu56uVTa56YfRQ64yPD329M6SdQSsuVcizejOlNSaZUkMvTsutUXgFx%2BAriIfYldsaz%2B81QjDYATbo2xn%2Fb54jpLW1norj4LlGXav179%2Bj5CpMFNvHRywuDnfkiE5NvsHE5QN%2BoXQ1GOUCBtRmMDFnG8jJmcM0Z2nHQc1hpE7idyhHJAX%2Bxh93%2FZMyvu5hM0Cntjj4F1r5R0ooc5qOlZVR1qFoXrlAopOWth%2BRQ69XB%2F%2BVZWUZ6UuicOU%2BqEKScJxDncekBQSsIWTyQmWQq9HK4erg8qZgTPKQUMJempRKRKMkg4attzIjli3b3mKG1%2FRtmSSXnBjV1GjH5TskLhr0OgS8FMDtZcWqKa0B2YZ6aEjFu3TKG9LQnPJueWC6ji3r9PfIqtrT%2B35RuT413N3EcfK0HiLjBaHQgRcBvZvWpM98l0dwjD%2BWo0YezlH3tHxYRLx5%2F1wJhLwxap8APiZwP8Cw4%2BC3LIjR8Ne2RWkNBYjGIgpoRx2AWwJ7S2fvmEV0sU3tBOUP984DfD31ehK1XBYkEio8MjOVovcVvY6PZAOp%2FL2Bo3tRTupAdCxqrS7N8%2FFBxr%2B4dbMqnQfj%2B1QuxUAkk49YRYwL61c3VyvujdXbMUowmwnRcLxC%2F4cjuB1eegyH6U2K36mhnbCvLk8LQPyPuUbwQ3n6bc2MYY%2BpxzJej1z9%2BNgs8d809TQluV29CJnJheqG5fdsryIbwBUB8yUsoxG0BmNAK4wrp7MJY7J0G%2B%2BkQuA6V9ANRr2IZg6pOY2SDtxfEK5HWKfPnv%2BKdQKSOPqMn1hIvlz8%2Fo9CIPXzPh%2BoZoIiitjbHO0R0pxCU4qzkJS%2BrUYynts8EZOZ8sfUmwh1gumRuY%2FRNFUMkOBIy5zmctvdnzgpQYa4qEwphRUwf0Ue%2BePgG5Wc1rXxOv2wnIDiQ2s8QohpMTY9UMQfCjKZHSe9lXwP4wtfSbZo6aspWqYG6GgLZCVJvbMDl8N83Ph7DETjGd7zDW4k6k97zkvIGYXTQO7ULwMGknTAgfy6%2FsfNxUdomSn4EPW3UT44VbCV8D7VbdkTqBdBEscH6EdKYcf6KDf%2Fm4sX431Q6nha7%2F32YLRif6XFudGLxpsDS8tq%2BEQeELuE0Po5Fok5gNS4FytTQQ78KcqDmglPQFie54msEZ6wIgkszFBaUBvntFfJHKJoZ5jRk8v185DnSUK%2FH9eq5tOlKGLdXganAqInAU62x4M2QwhAStCxWyq7eTwdu3gaiULzTJ%2FAmEbZvlfr9Ts1pjSORvBmkOmK%2BBnbidhJzIX21rtcGfq2oiUYxnEimbHKA91eZo1a96K1tZKpm7p7PDC3s5wPqPsp4Gnk4pNohKlo7bMh%2FqbYNPPCm9woqul4USNo6ZIqqAoCspY87pJCJ%2FODcNyS7boafFea5uH3R4GlPESzYo1RSVOrhGj60Zj5RkwhUN6DfzLJcMWvEKO5DAt%2BOjNZ3FimHrqPrlsf5vN1ETFglT7M2xujVEu4gBvuEHeQJpited3BHHJTFcu3DVkS9j%2BqGXat23Ix5MZHotJCtDM3WxDshNzahAATxAhfJePqgGM22vNRri6Haf0mkpwm5vOHs1zBoknYjdVY4oYuzCA%2Bu4ItA%2FFIK9JXsuf48Aq3xft6N3Q4S%2BCHakGrpkzocW8PXGoLPHvfOcPrqIp6bOiBiHev1ihhYu6DdAzkcLiL4TAnNYN%2FO5VQdWVqnLiaFd9c7JCa6BTOZXammSe2OZJN8fxiefVydCjuT%2FCKrhEdHyq0iQ3iEjwlfjCsOkaqf2affGU7CFgpS1rhdUlPVBt%2FfJmb0ChE%2FuY%2B524DHBphtKWm38F%2Bxs6%2FvY75HZYLmKBNGkhuZYi5P3LmpKSb4rvZtMewBU0BcFRR%2FYx3qD8z5PJWxRAV7Vj3ddWw6%2FvCU8c1DWGJE0YBiKbTtKhxvPzTEF43rLi2MjbTPob25jV5UgiexFlfC%2FQZ2OjcAHgqo7wGimk2x6NIzp151O8r1jJtvK98MSoxVU%2F8PSeCv4OjqLzDeFPz2dogzBiNvX9c7n5Vr1KatWgZE9ZoAQS%2B%2Bqf7pfT7uPRa%2FxraZw%2F21t1lTW7DTgAO2RsHUKAAr2h1tBwOAxlknihdh6Pr6HyQs8x3IytK65PmvCO5nesmrpPFWeC%2FirQfJGapTBuYCCjoSwCil5vPaQOgMfO349slFEd%2FT1j5wC2heMsukKTWO01D9CW2dcOAZakrCnGIqqAZ1KMc1mVXzTinpdMDp1XD2ka6oGwLWkEzOhZdKpVvrut1rep07ZKJGSabGpA1h%2Frk2Ns0Fo4M9l7CMOeoUcbb8dCw1YVBICod5Be5G6fz%2Fk9CS8nVq6uUZNru9bdaxmWJ5yYupGoGwNQYY7xi99RstEaTANLhqe3B6rSuzTdZfaRjayxsOkeMafWvmfvAN3J7JGzWMb%2BdjACLLBQByoW9rXgyZuy%2FwgqUJDhd4O9v90kkBGmTeft9TlZgVs72X2g89I90b1z0Odp8o3Y5Qm6JswEy7DgjpAU35rKmZFjLycioL0QraL1u5gQEv4vSBc%2BKOssKbbATmKTK4aaix%2FgQu%2BG1pjmgmE2e5XLtT8UE9Mg7du%2Fj2Md688vpWYMQBejjq%2BOR%2FJEVFKxQB%2BuM25cL%2BVyRWAfJ32g0%2BQjdRKhMZiDF3E84EpR8QpnFZvdVw%2BgjBz9RGw2mjGvhOrL%2BGu0ooHwOtRABeYn0KJvZO9W%2FofatosC7Qxh36Bx58ysiWaqQbim1H%2FI8UEmviO4FXlqrbPlzReAG5OvBmyR5pa0cBQ1Hkxp1vUHd01%2BjU%2FAflcAugDGybdWFa3jnAQXlc%2FnzzsQPb2JUu0AeRXMjlR7BCFXx4ubMwpqDlbxB2crl7mubSV0%2BkVFGHONGZMb14cFWQQmNV3RhRrO6Kdcm5ueepktjGrSV3UWOGaLRw4EH78nVKuYoGxsi49lQPj0IH%2FU7VUW8egwBJdRB4WvRwcOtycE5Bs2G4%2FqqPJZijZko6eOT8j%2B4YnDUUIMZPHvQ18x1n8bcBOPZcQNF8G9AZu7E4CM8bV2HdHlrcTv4ULrksNgg3cbkrr32aQmaDcEdMWxxmurYUGj7uHWqiQx1mfs3tIQKcC0DpCBn7gSqmy6FXDBc25y9StARif0hc34xJWdH89XRab%2Fze%2BBNUMd0RemspnrKlO8%2FErXvBpLfnV0qohPj8mrJMi04EMgMdU3Ul0exMvNjpWwtbdfhb45Ady2n2HuacANioh41tZimz6CbiMCI5WKU5%2F7RF4sSpaxt%2Bv2ZVlktiwIXTJCunVHrZ8bTsaLieX2rLw1ZITA09XUZ6RbeaV9vcIVbC5HdXvnaVuNz9%2FeMyNW2IdlE7FcFD0AHb6Q4TediHmAO5671qf7QfErpcSTGRCyfWMY2fZgKM4SWEPxK4%2FVNwjHyFd0HXRaLM5vn4QfrwFWsLg%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 07 Oct 2025 08:04:47 GMT\r\ncontent-type: image/jpeg\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32612,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x667, components 3","md5":"5d1b17315ed808bd0f8d82ddfb28e590","sha1":"eb8d1da39d8a7c09d24609e79abf75478a4ffbd3","sha256":"884a7432cad6a5c960352e970a53f7c17a8208eced5f58c43f727f0bed806176","sha512":"2c42c59a9351cb67f74ba6b203b2ec52faaa93470c3ca9b8b352868852942211b594332abaaf4d42d9af323888d5e606773afd7ff0d8872b3377517cdc7abd30","ssdeep":"768:MikL03N+e7idZLgqyD1lBSqFdCJKvHqa644dlal/Pd4ntH0:B+03c3LgqyD1lMedCJK/qj4hN","tlshash":"fee2e0a2576b4d07c1e5e8fd261892b2a7bab49a8f2917243a073f040c247f47fc5f49","first_seen":"2023-08-06T21:26:39Z","last_seen":"2026-05-13T12:34:59.254652Z","times_seen":79,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/favicon.ico","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-10-07T08:04:47.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=0OZPB3vJk4YoiN%2BbnYNjc1FGjKucIcdGgmsmeizDsUewylF0SXxHVAL9Qqh3ZWKweh2Gb7wNaVioBPPjjakTzyB%2BNvQRH5xb%2FzdQQqWb1QiPBl3P1K6uIMm1hSimYAp4T%2BBCh%2BMrSB2YKBDKYzjUabOYYb94mLh4gjXAbyQY9kfzJG28kecjDtYFGv6ap0dC7upRWk4lbyD7h%2BdoSm4tWee%2FK0I7jzRpSvx42X1xu9P12TSjCfZUuA0M%2FiEehmVXGJ%2BGdo7w9f2HxgGnnQPYK0rpaGG7DnIBeyx0u1nFMVgDNEz3UDe9gphBYNVKxsvOCkHi5oyJL98E2eH3y7fCLZWYghIP7KR11ZMSClymVLO3%2B0hGRcCTbgJu56uVTa56YfRQ64yPD329M6SdQSsuVcizejOlNSaZUkMvTsutUXgFx%2BAriIfYldsaz%2B81QjDYATbo2xn%2Fb54jpLW1norj4LlGXav179%2Bj5CpMFNvHRywuDnfkiE5NvsHE5QN%2BoXQ1GOUCBtRmMDFnG8jJmcM0Z2nHQc1hpE7idyhHJAX%2Bxh93%2FZMyvu5hM0Cntjj4F1r5R0ooc5qOlZVR1qFoXrlAopOWth%2BRQ69XB%2F%2BVZWUZ6UuicOU%2BqEKScJxDncekBQSsIWTyQmWQq9HK4erg8qZgTPKQUMJempRKRKMkg4attzIjli3b3mKG1%2FRtmSSXnBjV1GjH5TskLhr0OgS8FMDtZcWqKa0B2YZ6aEjFu3TKG9LQnPJueWC6ji3r9PfIqtrT%2B35RuT413N3EcfK0HiLjBaHQgRcBvZvWpM98l0dwjD%2BWo0YezlH3tHxYRLx5%2F1wJhLwxap8APiZwP8Cw4%2BC3LIjR8Ne2RWkNBYjGIgpoRx2AWwJ7S2fvmEV0sU3tBOUP984DfD31ehK1XBYkEio8MjOVovcVvY6PZAOp%2FL2Bo3tRTupAdCxqrS7N8%2FFBxr%2B4dbMqnQfj%2B1QuxUAkk49YRYwL61c3VyvujdXbMUowmwnRcLxC%2F4cjuB1eegyH6U2K36mhnbCvLk8LQPyPuUbwQ3n6bc2MYY%2BpxzJej1z9%2BNgs8d809TQluV29CJnJheqG5fdsryIbwBUB8yUsoxG0BmNAK4wrp7MJY7J0G%2B%2BkQuA6V9ANRr2IZg6pOY2SDtxfEK5HWKfPnv%2BKdQKSOPqMn1hIvlz8%2Fo9CIPXzPh%2BoZoIiitjbHO0R0pxCU4qzkJS%2BrUYynts8EZOZ8sfUmwh1gumRuY%2FRNFUMkOBIy5zmctvdnzgpQYa4qEwphRUwf0Ue%2BePgG5Wc1rXxOv2wnIDiQ2s8QohpMTY9UMQfCjKZHSe9lXwP4wtfSbZo6aspWqYG6GgLZCVJvbMDl8N83Ph7DETjGd7zDW4k6k97zkvIGYXTQO7ULwMGknTAgfy6%2FsfNxUdomSn4EPW3UT44VbCV8D7VbdkTqBdBEscH6EdKYcf6KDf%2Fm4sX431Q6nha7%2F32YLRif6XFudGLxpsDS8tq%2BEQeELuE0Po5Fok5gNS4FytTQQ78KcqDmglPQFie54msEZ6wIgkszFBaUBvntFfJHKJoZ5jRk8v185DnSUK%2FH9eq5tOlKGLdXganAqInAU62x4M2QwhAStCxWyq7eTwdu3gaiULzTJ%2FAmEbZvlfr9Ts1pjSORvBmkOmK%2BBnbidhJzIX21rtcGfq2oiUYxnEimbHKA91eZo1a96K1tZKpm7p7PDC3s5wPqPsp4Gnk4pNohKlo7bMh%2FqbYNPPCm9woqul4USNo6ZIqqAoCspY87pJCJ%2FODcNyS7boafFea5uH3R4GlPESzYo1RSVOrhGj60Zj5RkwhUN6DfzLJcMWvEKO5DAt%2BOjNZ3FimHrqPrlsf5vN1ETFglT7M2xujVEu4gBvuEHeQJpited3BHHJTFcu3DVkS9j%2BqGXat23Ix5MZHotJCtDM3WxDshNzahAATxAhfJePqgGM22vNRri6Haf0mkpwm5vOHs1zBoknYjdVY4oYuzCA%2Bu4ItA%2FFIK9JXsuf48Aq3xft6N3Q4S%2BCHakGrpkzocW8PXGoLPHvfOcPrqIp6bOiBiHev1ihhYu6DdAzkcLiL4TAnNYN%2FO5VQdWVqnLiaFd9c7JCa6BTOZXammSe2OZJN8fxiefVydCjuT%2FCKrhEdHyq0iQ3iEjwlfjCsOkaqf2affGU7CFgpS1rhdUlPVBt%2FfJmb0ChE%2FuY%2B524DHBphtKWm38F%2Bxs6%2FvY75HZYLmKBNGkhuZYi5P3LmpKSb4rvZtMewBU0BcFRR%2FYx3qD8z5PJWxRAV7Vj3ddWw6%2FvCU8c1DWGJE0YBiKbTtKhxvPzTEF43rLi2MjbTPob25jV5UgiexFlfC%2FQZ2OjcAHgqo7wGimk2x6NIzp151O8r1jJtvK98MSoxVU%2F8PSeCv4OjqLzDeFPz2dogzBiNvX9c7n5Vr1KatWgZE9ZoAQS%2B%2Bqf7pfT7uPRa%2FxraZw%2F21t1lTW7DTgAO2RsHUKAAr2h1tBwOAxlknihdh6Pr6HyQs8x3IytK65PmvCO5nesmrpPFWeC%2FirQfJGapTBuYCCjoSwCil5vPaQOgMfO349slFEd%2FT1j5wC2heMsukKTWO01D9CW2dcOAZakrCnGIqqAZ1KMc1mVXzTinpdMDp1XD2ka6oGwLWkEzOhZdKpVvrut1rep07ZKJGSabGpA1h%2Frk2Ns0Fo4M9l7CMOeoUcbb8dCw1YVBICod5Be5G6fz%2Fk9CS8nVq6uUZNru9bdaxmWJ5yYupGoGwNQYY7xi99RstEaTANLhqe3B6rSuzTdZfaRjayxsOkeMafWvmfvAN3J7JGzWMb%2BdjACLLBQByoW9rXgyZuy%2FwgqUJDhd4O9v90kkBGmTeft9TlZgVs72X2g89I90b1z0Odp8o3Y5Qm6JswEy7DgjpAU35rKmZFjLycioL0QraL1u5gQEv4vSBc%2BKOssKbbATmKTK4aaix%2FgQu%2BG1pjmgmE2e5XLtT8UE9Mg7du%2Fj2Md688vpWYMQBejjq%2BOR%2FJEVFKxQB%2BuM25cL%2BVyRWAfJ32g0%2BQjdRKhMZiDF3E84EpR8QpnFZvdVw%2BgjBz9RGw2mjGvhOrL%2BGu0ooHwOtRABeYn0KJvZO9W%2FofatosC7Qxh36Bx58ysiWaqQbim1H%2FI8UEmviO4FXlqrbPlzReAG5OvBmyR5pa0cBQ1Hkxp1vUHd01%2BjU%2FAflcAugDGybdWFa3jnAQXlc%2FnzzsQPb2JUu0AeRXMjlR7BCFXx4ubMwpqDlbxB2crl7mubSV0%2BkVFGHONGZMb14cFWQQmNV3RhRrO6Kdcm5ueepktjGrSV3UWOGaLRw4EH78nVKuYoGxsi49lQPj0IH%2FU7VUW8egwBJdRB4WvRwcOtycE5Bs2G4%2FqqPJZijZko6eOT8j%2B4YnDUUIMZPHvQ18x1n8bcBOPZcQNF8G9AZu7E4CM8bV2HdHlrcTv4ULrksNgg3cbkrr32aQmaDcEdMWxxmurYUGj7uHWqiQx1mfs3tIQKcC0DpCBn7gSqmy6FXDBc25y9StARif0hc34xJWdH89XRab%2Fze%2BBNUMd0RemspnrKlO8%2FErXvBpLfnV0qohPj8mrJMi04EMgMdU3Ul0exMvNjpWwtbdfhb45Ady2n2HuacANioh41tZimz6CbiMCI5WKU5%2F7RF4sSpaxt%2Bv2ZVlktiwIXTJCunVHrZ8bTsaLieX2rLw1ZITA09XUZ6RbeaV9vcIVbC5HdXvnaVuNz9%2FeMyNW2IdlE7FcFD0AHb6Q4TediHmAO5671qf7QfErpcSTGRCyfWMY2fZgKM4SWEPxK4%2FVNwjHyFd0HXRaLM5vn4QfrwFWsLg%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 07 Oct 2025 08:04:47 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 15406\r\nlast-modified: Mon, 07 Apr 2025 10:40:14 GMT\r\netag: \"67f3ab8e-3c2e\"\r\nexpires: Tue, 14 Oct 2025 08:04:47 GMT\r\ncache-control: max-age=604800, public\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"3dee16bbbc5f6765d0f7f5af5b0a854d","sha1":"6df4c718df2c6e96be91c7f7c6b96ec0a9f085cd","sha256":"77b36f6189bd94a6b360681983a60bfe4c3f33f2e1746a08b1520777e378212d","sha512":"74893d14b6b9c16c3f7e0c1c59af33f63b4326a59d81df6c3a79eae78a879dc8765bd13d396693a86096efe8402b5ce81344110c6c613e0e5ecb05d42ed16df2","ssdeep":"96:nvy3aVUX8WgWuao80oyAWyN6Q9qkNXC2v:6+mTGaV05Fy19PV3v","tlshash":"156230b6840131b8ecadb1758336956e60b79c546ce2754fe23839344f72e42fb6e60a","first_seen":"2025-04-07T11:27:09.63149Z","last_seen":"2026-06-02T13:57:52.066403Z","times_seen":4891,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tdzebli.com/1/#-p6J-mE","fqdn":"tdzebli.com","domain":"tdzebli.com","tld":"com"},"ip":{"addr":"88.214.27.56","port":443,"asn":209272,"as":"Alviva Holding Limited","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-07T08:04:44.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tdzebli.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Thu, 13 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6B:CF:51:C0:07:A6:AB:B1:31:F3:75:5C:9E:6C:A2:90:7E:9C:BB:DD","sha256":"FC:CA:17:A5:17:E6:93:7B:E9:36:BD:D2:95:00:67:38:12:F3:92:28:5A:4E:21:4C:78:B4:08:37:F0:13:0F:FB"}}},"request":{"raw":"GET /1/ HTTP/1.1\r\nHost: tdzebli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 07 Oct 2025 08:04:44 GMT\r\nServer: Apache/2\r\nUpgrade: h2,h2c\r\nConnection: Upgrade, Keep-Alive\r\nLast-Modified: Tue, 26 Aug 2025 14:41:22 GMT\r\nETag: \"6dc-63d45aa738880-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding,User-Agent\r\nContent-Encoding: gzip\r\nContent-Length: 701\r\nKeep-Alive: timeout=2, max=100\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1756,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"9e59d2085fbd522816ad5070068cdd43","sha1":"1ba814b9d1fdd9a50851cb776bf7b11d1a12d660","sha256":"e8ce51106238701772193096dc28a411356eb152398117fc3a00e56adfa49569","sha512":"6d9ec1064d89a4d1b1129b067a260466cbd2cf8b6d028bf276629456527e5df48a2a45867835ea6fea4ab4edb947fb704c683246b7eeda12a824f48814ffcc08","ssdeep":"","tlshash":"7531535789c9045b6a730139f7b1f3a7f4a225231681f118b09dab3a1ff0e40d863ac8","first_seen":"2025-08-26T14:55:44.850355Z","last_seen":"2025-10-15T18:50:55.962421Z","times_seen":2250,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":231,"dns":54,"connect":44,"send":0,"wait":45,"receive":0,"ssl":130},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/44/assets/css/style.css","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-10-07T08:04:46.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/44/assets/css/style.css HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=0OZPB3vJk4YoiN%2BbnYNjc1FGjKucIcdGgmsmeizDsUewylF0SXxHVAL9Qqh3ZWKweh2Gb7wNaVioBPPjjakTzyB%2BNvQRH5xb%2FzdQQqWb1QiPBl3P1K6uIMm1hSimYAp4T%2BBCh%2BMrSB2YKBDKYzjUabOYYb94mLh4gjXAbyQY9kfzJG28kecjDtYFGv6ap0dC7upRWk4lbyD7h%2BdoSm4tWee%2FK0I7jzRpSvx42X1xu9P12TSjCfZUuA0M%2FiEehmVXGJ%2BGdo7w9f2HxgGnnQPYK0rpaGG7DnIBeyx0u1nFMVgDNEz3UDe9gphBYNVKxsvOCkHi5oyJL98E2eH3y7fCLZWYghIP7KR11ZMSClymVLO3%2B0hGRcCTbgJu56uVTa56YfRQ64yPD329M6SdQSsuVcizejOlNSaZUkMvTsutUXgFx%2BAriIfYldsaz%2B81QjDYATbo2xn%2Fb54jpLW1norj4LlGXav179%2Bj5CpMFNvHRywuDnfkiE5NvsHE5QN%2BoXQ1GOUCBtRmMDFnG8jJmcM0Z2nHQc1hpE7idyhHJAX%2Bxh93%2FZMyvu5hM0Cntjj4F1r5R0ooc5qOlZVR1qFoXrlAopOWth%2BRQ69XB%2F%2BVZWUZ6UuicOU%2BqEKScJxDncekBQSsIWTyQmWQq9HK4erg8qZgTPKQUMJempRKRKMkg4attzIjli3b3mKG1%2FRtmSSXnBjV1GjH5TskLhr0OgS8FMDtZcWqKa0B2YZ6aEjFu3TKG9LQnPJueWC6ji3r9PfIqtrT%2B35RuT413N3EcfK0HiLjBaHQgRcBvZvWpM98l0dwjD%2BWo0YezlH3tHxYRLx5%2F1wJhLwxap8APiZwP8Cw4%2BC3LIjR8Ne2RWkNBYjGIgpoRx2AWwJ7S2fvmEV0sU3tBOUP984DfD31ehK1XBYkEio8MjOVovcVvY6PZAOp%2FL2Bo3tRTupAdCxqrS7N8%2FFBxr%2B4dbMqnQfj%2B1QuxUAkk49YRYwL61c3VyvujdXbMUowmwnRcLxC%2F4cjuB1eegyH6U2K36mhnbCvLk8LQPyPuUbwQ3n6bc2MYY%2BpxzJej1z9%2BNgs8d809TQluV29CJnJheqG5fdsryIbwBUB8yUsoxG0BmNAK4wrp7MJY7J0G%2B%2BkQuA6V9ANRr2IZg6pOY2SDtxfEK5HWKfPnv%2BKdQKSOPqMn1hIvlz8%2Fo9CIPXzPh%2BoZoIiitjbHO0R0pxCU4qzkJS%2BrUYynts8EZOZ8sfUmwh1gumRuY%2FRNFUMkOBIy5zmctvdnzgpQYa4qEwphRUwf0Ue%2BePgG5Wc1rXxOv2wnIDiQ2s8QohpMTY9UMQfCjKZHSe9lXwP4wtfSbZo6aspWqYG6GgLZCVJvbMDl8N83Ph7DETjGd7zDW4k6k97zkvIGYXTQO7ULwMGknTAgfy6%2FsfNxUdomSn4EPW3UT44VbCV8D7VbdkTqBdBEscH6EdKYcf6KDf%2Fm4sX431Q6nha7%2F32YLRif6XFudGLxpsDS8tq%2BEQeELuE0Po5Fok5gNS4FytTQQ78KcqDmglPQFie54msEZ6wIgkszFBaUBvntFfJHKJoZ5jRk8v185DnSUK%2FH9eq5tOlKGLdXganAqInAU62x4M2QwhAStCxWyq7eTwdu3gaiULzTJ%2FAmEbZvlfr9Ts1pjSORvBmkOmK%2BBnbidhJzIX21rtcGfq2oiUYxnEimbHKA91eZo1a96K1tZKpm7p7PDC3s5wPqPsp4Gnk4pNohKlo7bMh%2FqbYNPPCm9woqul4USNo6ZIqqAoCspY87pJCJ%2FODcNyS7boafFea5uH3R4GlPESzYo1RSVOrhGj60Zj5RkwhUN6DfzLJcMWvEKO5DAt%2BOjNZ3FimHrqPrlsf5vN1ETFglT7M2xujVEu4gBvuEHeQJpited3BHHJTFcu3DVkS9j%2BqGXat23Ix5MZHotJCtDM3WxDshNzahAATxAhfJePqgGM22vNRri6Haf0mkpwm5vOHs1zBoknYjdVY4oYuzCA%2Bu4ItA%2FFIK9JXsuf48Aq3xft6N3Q4S%2BCHakGrpkzocW8PXGoLPHvfOcPrqIp6bOiBiHev1ihhYu6DdAzkcLiL4TAnNYN%2FO5VQdWVqnLiaFd9c7JCa6BTOZXammSe2OZJN8fxiefVydCjuT%2FCKrhEdHyq0iQ3iEjwlfjCsOkaqf2affGU7CFgpS1rhdUlPVBt%2FfJmb0ChE%2FuY%2B524DHBphtKWm38F%2Bxs6%2FvY75HZYLmKBNGkhuZYi5P3LmpKSb4rvZtMewBU0BcFRR%2FYx3qD8z5PJWxRAV7Vj3ddWw6%2FvCU8c1DWGJE0YBiKbTtKhxvPzTEF43rLi2MjbTPob25jV5UgiexFlfC%2FQZ2OjcAHgqo7wGimk2x6NIzp151O8r1jJtvK98MSoxVU%2F8PSeCv4OjqLzDeFPz2dogzBiNvX9c7n5Vr1KatWgZE9ZoAQS%2B%2Bqf7pfT7uPRa%2FxraZw%2F21t1lTW7DTgAO2RsHUKAAr2h1tBwOAxlknihdh6Pr6HyQs8x3IytK65PmvCO5nesmrpPFWeC%2FirQfJGapTBuYCCjoSwCil5vPaQOgMfO349slFEd%2FT1j5wC2heMsukKTWO01D9CW2dcOAZakrCnGIqqAZ1KMc1mVXzTinpdMDp1XD2ka6oGwLWkEzOhZdKpVvrut1rep07ZKJGSabGpA1h%2Frk2Ns0Fo4M9l7CMOeoUcbb8dCw1YVBICod5Be5G6fz%2Fk9CS8nVq6uUZNru9bdaxmWJ5yYupGoGwNQYY7xi99RstEaTANLhqe3B6rSuzTdZfaRjayxsOkeMafWvmfvAN3J7JGzWMb%2BdjACLLBQByoW9rXgyZuy%2FwgqUJDhd4O9v90kkBGmTeft9TlZgVs72X2g89I90b1z0Odp8o3Y5Qm6JswEy7DgjpAU35rKmZFjLycioL0QraL1u5gQEv4vSBc%2BKOssKbbATmKTK4aaix%2FgQu%2BG1pjmgmE2e5XLtT8UE9Mg7du%2Fj2Md688vpWYMQBejjq%2BOR%2FJEVFKxQB%2BuM25cL%2BVyRWAfJ32g0%2BQjdRKhMZiDF3E84EpR8QpnFZvdVw%2BgjBz9RGw2mjGvhOrL%2BGu0ooHwOtRABeYn0KJvZO9W%2FofatosC7Qxh36Bx58ysiWaqQbim1H%2FI8UEmviO4FXlqrbPlzReAG5OvBmyR5pa0cBQ1Hkxp1vUHd01%2BjU%2FAflcAugDGybdWFa3jnAQXlc%2FnzzsQPb2JUu0AeRXMjlR7BCFXx4ubMwpqDlbxB2crl7mubSV0%2BkVFGHONGZMb14cFWQQmNV3RhRrO6Kdcm5ueepktjGrSV3UWOGaLRw4EH78nVKuYoGxsi49lQPj0IH%2FU7VUW8egwBJdRB4WvRwcOtycE5Bs2G4%2FqqPJZijZko6eOT8j%2B4YnDUUIMZPHvQ18x1n8bcBOPZcQNF8G9AZu7E4CM8bV2HdHlrcTv4ULrksNgg3cbkrr32aQmaDcEdMWxxmurYUGj7uHWqiQx1mfs3tIQKcC0DpCBn7gSqmy6FXDBc25y9StARif0hc34xJWdH89XRab%2Fze%2BBNUMd0RemspnrKlO8%2FErXvBpLfnV0qohPj8mrJMi04EMgMdU3Ul0exMvNjpWwtbdfhb45Ady2n2HuacANioh41tZimz6CbiMCI5WKU5%2F7RF4sSpaxt%2Bv2ZVlktiwIXTJCunVHrZ8bTsaLieX2rLw1ZITA09XUZ6RbeaV9vcIVbC5HdXvnaVuNz9%2FeMyNW2IdlE7FcFD0AHb6Q4TediHmAO5671qf7QfErpcSTGRCyfWMY2fZgKM4SWEPxK4%2FVNwjHyFd0HXRaLM5vn4QfrwFWsLg%3D%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 07 Oct 2025 08:04:46 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5646,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (5575)","md5":"e155b0fbc0c8e1a6cac6ce6f13b8e951","sha1":"9f0374f0fc14ec8a258f33c58a12b7ec46cc4b0d","sha256":"2c0b9e72365350d9f58bd8aabcb877f35a5f5e2500916eeef340a3955543dadb","sha512":"1ac22d05cf6abbd6d705160df884375a1e464e264f52f78076c301ae879c2e78172cee66ce179242bb05085e8ce1347f935c1a810b2d1dc7e48730cb969d5f84","ssdeep":"96:nMbtWglgDUeJAE2lLVRlJKgcuf8dRlYwQIhJkSo4b:n6WgQEGgcI8dRlYwQ2s4b","tlshash":"12c18472e605207db537caa9f5d06bdd221cc103d9170ffde965b9a0cfad0aa2072786","first_seen":"2023-08-06T21:26:39Z","last_seen":"2026-05-13T12:34:59.247235Z","times_seen":78,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/44/assets/js/jquery-3.2.1.min.js","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-10-07T08:04:46.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/44/assets/js/jquery-3.2.1.min.js HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=0OZPB3vJk4YoiN%2BbnYNjc1FGjKucIcdGgmsmeizDsUewylF0SXxHVAL9Qqh3ZWKweh2Gb7wNaVioBPPjjakTzyB%2BNvQRH5xb%2FzdQQqWb1QiPBl3P1K6uIMm1hSimYAp4T%2BBCh%2BMrSB2YKBDKYzjUabOYYb94mLh4gjXAbyQY9kfzJG28kecjDtYFGv6ap0dC7upRWk4lbyD7h%2BdoSm4tWee%2FK0I7jzRpSvx42X1xu9P12TSjCfZUuA0M%2FiEehmVXGJ%2BGdo7w9f2HxgGnnQPYK0rpaGG7DnIBeyx0u1nFMVgDNEz3UDe9gphBYNVKxsvOCkHi5oyJL98E2eH3y7fCLZWYghIP7KR11ZMSClymVLO3%2B0hGRcCTbgJu56uVTa56YfRQ64yPD329M6SdQSsuVcizejOlNSaZUkMvTsutUXgFx%2BAriIfYldsaz%2B81QjDYATbo2xn%2Fb54jpLW1norj4LlGXav179%2Bj5CpMFNvHRywuDnfkiE5NvsHE5QN%2BoXQ1GOUCBtRmMDFnG8jJmcM0Z2nHQc1hpE7idyhHJAX%2Bxh93%2FZMyvu5hM0Cntjj4F1r5R0ooc5qOlZVR1qFoXrlAopOWth%2BRQ69XB%2F%2BVZWUZ6UuicOU%2BqEKScJxDncekBQSsIWTyQmWQq9HK4erg8qZgTPKQUMJempRKRKMkg4attzIjli3b3mKG1%2FRtmSSXnBjV1GjH5TskLhr0OgS8FMDtZcWqKa0B2YZ6aEjFu3TKG9LQnPJueWC6ji3r9PfIqtrT%2B35RuT413N3EcfK0HiLjBaHQgRcBvZvWpM98l0dwjD%2BWo0YezlH3tHxYRLx5%2F1wJhLwxap8APiZwP8Cw4%2BC3LIjR8Ne2RWkNBYjGIgpoRx2AWwJ7S2fvmEV0sU3tBOUP984DfD31ehK1XBYkEio8MjOVovcVvY6PZAOp%2FL2Bo3tRTupAdCxqrS7N8%2FFBxr%2B4dbMqnQfj%2B1QuxUAkk49YRYwL61c3VyvujdXbMUowmwnRcLxC%2F4cjuB1eegyH6U2K36mhnbCvLk8LQPyPuUbwQ3n6bc2MYY%2BpxzJej1z9%2BNgs8d809TQluV29CJnJheqG5fdsryIbwBUB8yUsoxG0BmNAK4wrp7MJY7J0G%2B%2BkQuA6V9ANRr2IZg6pOY2SDtxfEK5HWKfPnv%2BKdQKSOPqMn1hIvlz8%2Fo9CIPXzPh%2BoZoIiitjbHO0R0pxCU4qzkJS%2BrUYynts8EZOZ8sfUmwh1gumRuY%2FRNFUMkOBIy5zmctvdnzgpQYa4qEwphRUwf0Ue%2BePgG5Wc1rXxOv2wnIDiQ2s8QohpMTY9UMQfCjKZHSe9lXwP4wtfSbZo6aspWqYG6GgLZCVJvbMDl8N83Ph7DETjGd7zDW4k6k97zkvIGYXTQO7ULwMGknTAgfy6%2FsfNxUdomSn4EPW3UT44VbCV8D7VbdkTqBdBEscH6EdKYcf6KDf%2Fm4sX431Q6nha7%2F32YLRif6XFudGLxpsDS8tq%2BEQeELuE0Po5Fok5gNS4FytTQQ78KcqDmglPQFie54msEZ6wIgkszFBaUBvntFfJHKJoZ5jRk8v185DnSUK%2FH9eq5tOlKGLdXganAqInAU62x4M2QwhAStCxWyq7eTwdu3gaiULzTJ%2FAmEbZvlfr9Ts1pjSORvBmkOmK%2BBnbidhJzIX21rtcGfq2oiUYxnEimbHKA91eZo1a96K1tZKpm7p7PDC3s5wPqPsp4Gnk4pNohKlo7bMh%2FqbYNPPCm9woqul4USNo6ZIqqAoCspY87pJCJ%2FODcNyS7boafFea5uH3R4GlPESzYo1RSVOrhGj60Zj5RkwhUN6DfzLJcMWvEKO5DAt%2BOjNZ3FimHrqPrlsf5vN1ETFglT7M2xujVEu4gBvuEHeQJpited3BHHJTFcu3DVkS9j%2BqGXat23Ix5MZHotJCtDM3WxDshNzahAATxAhfJePqgGM22vNRri6Haf0mkpwm5vOHs1zBoknYjdVY4oYuzCA%2Bu4ItA%2FFIK9JXsuf48Aq3xft6N3Q4S%2BCHakGrpkzocW8PXGoLPHvfOcPrqIp6bOiBiHev1ihhYu6DdAzkcLiL4TAnNYN%2FO5VQdWVqnLiaFd9c7JCa6BTOZXammSe2OZJN8fxiefVydCjuT%2FCKrhEdHyq0iQ3iEjwlfjCsOkaqf2affGU7CFgpS1rhdUlPVBt%2FfJmb0ChE%2FuY%2B524DHBphtKWm38F%2Bxs6%2FvY75HZYLmKBNGkhuZYi5P3LmpKSb4rvZtMewBU0BcFRR%2FYx3qD8z5PJWxRAV7Vj3ddWw6%2FvCU8c1DWGJE0YBiKbTtKhxvPzTEF43rLi2MjbTPob25jV5UgiexFlfC%2FQZ2OjcAHgqo7wGimk2x6NIzp151O8r1jJtvK98MSoxVU%2F8PSeCv4OjqLzDeFPz2dogzBiNvX9c7n5Vr1KatWgZE9ZoAQS%2B%2Bqf7pfT7uPRa%2FxraZw%2F21t1lTW7DTgAO2RsHUKAAr2h1tBwOAxlknihdh6Pr6HyQs8x3IytK65PmvCO5nesmrpPFWeC%2FirQfJGapTBuYCCjoSwCil5vPaQOgMfO349slFEd%2FT1j5wC2heMsukKTWO01D9CW2dcOAZakrCnGIqqAZ1KMc1mVXzTinpdMDp1XD2ka6oGwLWkEzOhZdKpVvrut1rep07ZKJGSabGpA1h%2Frk2Ns0Fo4M9l7CMOeoUcbb8dCw1YVBICod5Be5G6fz%2Fk9CS8nVq6uUZNru9bdaxmWJ5yYupGoGwNQYY7xi99RstEaTANLhqe3B6rSuzTdZfaRjayxsOkeMafWvmfvAN3J7JGzWMb%2BdjACLLBQByoW9rXgyZuy%2FwgqUJDhd4O9v90kkBGmTeft9TlZgVs72X2g89I90b1z0Odp8o3Y5Qm6JswEy7DgjpAU35rKmZFjLycioL0QraL1u5gQEv4vSBc%2BKOssKbbATmKTK4aaix%2FgQu%2BG1pjmgmE2e5XLtT8UE9Mg7du%2Fj2Md688vpWYMQBejjq%2BOR%2FJEVFKxQB%2BuM25cL%2BVyRWAfJ32g0%2BQjdRKhMZiDF3E84EpR8QpnFZvdVw%2BgjBz9RGw2mjGvhOrL%2BGu0ooHwOtRABeYn0KJvZO9W%2FofatosC7Qxh36Bx58ysiWaqQbim1H%2FI8UEmviO4FXlqrbPlzReAG5OvBmyR5pa0cBQ1Hkxp1vUHd01%2BjU%2FAflcAugDGybdWFa3jnAQXlc%2FnzzsQPb2JUu0AeRXMjlR7BCFXx4ubMwpqDlbxB2crl7mubSV0%2BkVFGHONGZMb14cFWQQmNV3RhRrO6Kdcm5ueepktjGrSV3UWOGaLRw4EH78nVKuYoGxsi49lQPj0IH%2FU7VUW8egwBJdRB4WvRwcOtycE5Bs2G4%2FqqPJZijZko6eOT8j%2B4YnDUUIMZPHvQ18x1n8bcBOPZcQNF8G9AZu7E4CM8bV2HdHlrcTv4ULrksNgg3cbkrr32aQmaDcEdMWxxmurYUGj7uHWqiQx1mfs3tIQKcC0DpCBn7gSqmy6FXDBc25y9StARif0hc34xJWdH89XRab%2Fze%2BBNUMd0RemspnrKlO8%2FErXvBpLfnV0qohPj8mrJMi04EMgMdU3Ul0exMvNjpWwtbdfhb45Ady2n2HuacANioh41tZimz6CbiMCI5WKU5%2F7RF4sSpaxt%2Bv2ZVlktiwIXTJCunVHrZ8bTsaLieX2rLw1ZITA09XUZ6RbeaV9vcIVbC5HdXvnaVuNz9%2FeMyNW2IdlE7FcFD0AHb6Q4TediHmAO5671qf7QfErpcSTGRCyfWMY2fZgKM4SWEPxK4%2FVNwjHyFd0HXRaLM5vn4QfrwFWsLg%3D%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 07 Oct 2025 08:04:46 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86659,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32058)","md5":"c9f5aeeca3ad37bf2aa006139b935f0a","sha1":"1055018c28ab41087ef9ccefe411606893dabea2","sha256":"87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de","sha512":"dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58","ssdeep":"1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9","tlshash":"4483e6d9b2c67062977730b950bf410bb17a98dab44c8c60f158d9d47eb8a8d907bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-02T16:33:57.638348Z","times_seen":92154,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/44/assets/js/js.js","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-10-07T08:04:46.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/44/assets/js/js.js HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=0OZPB3vJk4YoiN%2BbnYNjc1FGjKucIcdGgmsmeizDsUewylF0SXxHVAL9Qqh3ZWKweh2Gb7wNaVioBPPjjakTzyB%2BNvQRH5xb%2FzdQQqWb1QiPBl3P1K6uIMm1hSimYAp4T%2BBCh%2BMrSB2YKBDKYzjUabOYYb94mLh4gjXAbyQY9kfzJG28kecjDtYFGv6ap0dC7upRWk4lbyD7h%2BdoSm4tWee%2FK0I7jzRpSvx42X1xu9P12TSjCfZUuA0M%2FiEehmVXGJ%2BGdo7w9f2HxgGnnQPYK0rpaGG7DnIBeyx0u1nFMVgDNEz3UDe9gphBYNVKxsvOCkHi5oyJL98E2eH3y7fCLZWYghIP7KR11ZMSClymVLO3%2B0hGRcCTbgJu56uVTa56YfRQ64yPD329M6SdQSsuVcizejOlNSaZUkMvTsutUXgFx%2BAriIfYldsaz%2B81QjDYATbo2xn%2Fb54jpLW1norj4LlGXav179%2Bj5CpMFNvHRywuDnfkiE5NvsHE5QN%2BoXQ1GOUCBtRmMDFnG8jJmcM0Z2nHQc1hpE7idyhHJAX%2Bxh93%2FZMyvu5hM0Cntjj4F1r5R0ooc5qOlZVR1qFoXrlAopOWth%2BRQ69XB%2F%2BVZWUZ6UuicOU%2BqEKScJxDncekBQSsIWTyQmWQq9HK4erg8qZgTPKQUMJempRKRKMkg4attzIjli3b3mKG1%2FRtmSSXnBjV1GjH5TskLhr0OgS8FMDtZcWqKa0B2YZ6aEjFu3TKG9LQnPJueWC6ji3r9PfIqtrT%2B35RuT413N3EcfK0HiLjBaHQgRcBvZvWpM98l0dwjD%2BWo0YezlH3tHxYRLx5%2F1wJhLwxap8APiZwP8Cw4%2BC3LIjR8Ne2RWkNBYjGIgpoRx2AWwJ7S2fvmEV0sU3tBOUP984DfD31ehK1XBYkEio8MjOVovcVvY6PZAOp%2FL2Bo3tRTupAdCxqrS7N8%2FFBxr%2B4dbMqnQfj%2B1QuxUAkk49YRYwL61c3VyvujdXbMUowmwnRcLxC%2F4cjuB1eegyH6U2K36mhnbCvLk8LQPyPuUbwQ3n6bc2MYY%2BpxzJej1z9%2BNgs8d809TQluV29CJnJheqG5fdsryIbwBUB8yUsoxG0BmNAK4wrp7MJY7J0G%2B%2BkQuA6V9ANRr2IZg6pOY2SDtxfEK5HWKfPnv%2BKdQKSOPqMn1hIvlz8%2Fo9CIPXzPh%2BoZoIiitjbHO0R0pxCU4qzkJS%2BrUYynts8EZOZ8sfUmwh1gumRuY%2FRNFUMkOBIy5zmctvdnzgpQYa4qEwphRUwf0Ue%2BePgG5Wc1rXxOv2wnIDiQ2s8QohpMTY9UMQfCjKZHSe9lXwP4wtfSbZo6aspWqYG6GgLZCVJvbMDl8N83Ph7DETjGd7zDW4k6k97zkvIGYXTQO7ULwMGknTAgfy6%2FsfNxUdomSn4EPW3UT44VbCV8D7VbdkTqBdBEscH6EdKYcf6KDf%2Fm4sX431Q6nha7%2F32YLRif6XFudGLxpsDS8tq%2BEQeELuE0Po5Fok5gNS4FytTQQ78KcqDmglPQFie54msEZ6wIgkszFBaUBvntFfJHKJoZ5jRk8v185DnSUK%2FH9eq5tOlKGLdXganAqInAU62x4M2QwhAStCxWyq7eTwdu3gaiULzTJ%2FAmEbZvlfr9Ts1pjSORvBmkOmK%2BBnbidhJzIX21rtcGfq2oiUYxnEimbHKA91eZo1a96K1tZKpm7p7PDC3s5wPqPsp4Gnk4pNohKlo7bMh%2FqbYNPPCm9woqul4USNo6ZIqqAoCspY87pJCJ%2FODcNyS7boafFea5uH3R4GlPESzYo1RSVOrhGj60Zj5RkwhUN6DfzLJcMWvEKO5DAt%2BOjNZ3FimHrqPrlsf5vN1ETFglT7M2xujVEu4gBvuEHeQJpited3BHHJTFcu3DVkS9j%2BqGXat23Ix5MZHotJCtDM3WxDshNzahAATxAhfJePqgGM22vNRri6Haf0mkpwm5vOHs1zBoknYjdVY4oYuzCA%2Bu4ItA%2FFIK9JXsuf48Aq3xft6N3Q4S%2BCHakGrpkzocW8PXGoLPHvfOcPrqIp6bOiBiHev1ihhYu6DdAzkcLiL4TAnNYN%2FO5VQdWVqnLiaFd9c7JCa6BTOZXammSe2OZJN8fxiefVydCjuT%2FCKrhEdHyq0iQ3iEjwlfjCsOkaqf2affGU7CFgpS1rhdUlPVBt%2FfJmb0ChE%2FuY%2B524DHBphtKWm38F%2Bxs6%2FvY75HZYLmKBNGkhuZYi5P3LmpKSb4rvZtMewBU0BcFRR%2FYx3qD8z5PJWxRAV7Vj3ddWw6%2FvCU8c1DWGJE0YBiKbTtKhxvPzTEF43rLi2MjbTPob25jV5UgiexFlfC%2FQZ2OjcAHgqo7wGimk2x6NIzp151O8r1jJtvK98MSoxVU%2F8PSeCv4OjqLzDeFPz2dogzBiNvX9c7n5Vr1KatWgZE9ZoAQS%2B%2Bqf7pfT7uPRa%2FxraZw%2F21t1lTW7DTgAO2RsHUKAAr2h1tBwOAxlknihdh6Pr6HyQs8x3IytK65PmvCO5nesmrpPFWeC%2FirQfJGapTBuYCCjoSwCil5vPaQOgMfO349slFEd%2FT1j5wC2heMsukKTWO01D9CW2dcOAZakrCnGIqqAZ1KMc1mVXzTinpdMDp1XD2ka6oGwLWkEzOhZdKpVvrut1rep07ZKJGSabGpA1h%2Frk2Ns0Fo4M9l7CMOeoUcbb8dCw1YVBICod5Be5G6fz%2Fk9CS8nVq6uUZNru9bdaxmWJ5yYupGoGwNQYY7xi99RstEaTANLhqe3B6rSuzTdZfaRjayxsOkeMafWvmfvAN3J7JGzWMb%2BdjACLLBQByoW9rXgyZuy%2FwgqUJDhd4O9v90kkBGmTeft9TlZgVs72X2g89I90b1z0Odp8o3Y5Qm6JswEy7DgjpAU35rKmZFjLycioL0QraL1u5gQEv4vSBc%2BKOssKbbATmKTK4aaix%2FgQu%2BG1pjmgmE2e5XLtT8UE9Mg7du%2Fj2Md688vpWYMQBejjq%2BOR%2FJEVFKxQB%2BuM25cL%2BVyRWAfJ32g0%2BQjdRKhMZiDF3E84EpR8QpnFZvdVw%2BgjBz9RGw2mjGvhOrL%2BGu0ooHwOtRABeYn0KJvZO9W%2FofatosC7Qxh36Bx58ysiWaqQbim1H%2FI8UEmviO4FXlqrbPlzReAG5OvBmyR5pa0cBQ1Hkxp1vUHd01%2BjU%2FAflcAugDGybdWFa3jnAQXlc%2FnzzsQPb2JUu0AeRXMjlR7BCFXx4ubMwpqDlbxB2crl7mubSV0%2BkVFGHONGZMb14cFWQQmNV3RhRrO6Kdcm5ueepktjGrSV3UWOGaLRw4EH78nVKuYoGxsi49lQPj0IH%2FU7VUW8egwBJdRB4WvRwcOtycE5Bs2G4%2FqqPJZijZko6eOT8j%2B4YnDUUIMZPHvQ18x1n8bcBOPZcQNF8G9AZu7E4CM8bV2HdHlrcTv4ULrksNgg3cbkrr32aQmaDcEdMWxxmurYUGj7uHWqiQx1mfs3tIQKcC0DpCBn7gSqmy6FXDBc25y9StARif0hc34xJWdH89XRab%2Fze%2BBNUMd0RemspnrKlO8%2FErXvBpLfnV0qohPj8mrJMi04EMgMdU3Ul0exMvNjpWwtbdfhb45Ady2n2HuacANioh41tZimz6CbiMCI5WKU5%2F7RF4sSpaxt%2Bv2ZVlktiwIXTJCunVHrZ8bTsaLieX2rLw1ZITA09XUZ6RbeaV9vcIVbC5HdXvnaVuNz9%2FeMyNW2IdlE7FcFD0AHb6Q4TediHmAO5671qf7QfErpcSTGRCyfWMY2fZgKM4SWEPxK4%2FVNwjHyFd0HXRaLM5vn4QfrwFWsLg%3D%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 07 Oct 2025 08:04:46 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":151,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"e46de74d1bdfda878c542f3eafd6430f","sha1":"04174b7fcb23a76f5fe923e2e565a81652569402","sha256":"54bad1d3ee7350421b67a4fdfd7f5e16e0fae60748ad0308ba0b78f745c50595","sha512":"b4229c502997fbea62bce47000ebe10aa9bcbb35693b2a9a0ef1fe0e4a9599edd837814d62b03dffcea2b15044b0ba85568218ef0e882d81085abfe001c9db13","ssdeep":"","tlshash":"e2c08c2cf3fc896200bf70ad0827c84c15322441364b2b01c0ac16102ea951c3666a52","first_seen":"2023-08-06T21:26:39Z","last_seen":"2026-05-13T12:34:59.258964Z","times_seen":80,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/44/assets/img/bg.jpg","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-10-07T08:04:47.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/44/assets/img/bg.jpg HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/bundle/44/assets/css/style.css\r\nCookie: s=0OZPB3vJk4YoiN%2BbnYNjc1FGjKucIcdGgmsmeizDsUewylF0SXxHVAL9Qqh3ZWKweh2Gb7wNaVioBPPjjakTzyB%2BNvQRH5xb%2FzdQQqWb1QiPBl3P1K6uIMm1hSimYAp4T%2BBCh%2BMrSB2YKBDKYzjUabOYYb94mLh4gjXAbyQY9kfzJG28kecjDtYFGv6ap0dC7upRWk4lbyD7h%2BdoSm4tWee%2FK0I7jzRpSvx42X1xu9P12TSjCfZUuA0M%2FiEehmVXGJ%2BGdo7w9f2HxgGnnQPYK0rpaGG7DnIBeyx0u1nFMVgDNEz3UDe9gphBYNVKxsvOCkHi5oyJL98E2eH3y7fCLZWYghIP7KR11ZMSClymVLO3%2B0hGRcCTbgJu56uVTa56YfRQ64yPD329M6SdQSsuVcizejOlNSaZUkMvTsutUXgFx%2BAriIfYldsaz%2B81QjDYATbo2xn%2Fb54jpLW1norj4LlGXav179%2Bj5CpMFNvHRywuDnfkiE5NvsHE5QN%2BoXQ1GOUCBtRmMDFnG8jJmcM0Z2nHQc1hpE7idyhHJAX%2Bxh93%2FZMyvu5hM0Cntjj4F1r5R0ooc5qOlZVR1qFoXrlAopOWth%2BRQ69XB%2F%2BVZWUZ6UuicOU%2BqEKScJxDncekBQSsIWTyQmWQq9HK4erg8qZgTPKQUMJempRKRKMkg4attzIjli3b3mKG1%2FRtmSSXnBjV1GjH5TskLhr0OgS8FMDtZcWqKa0B2YZ6aEjFu3TKG9LQnPJueWC6ji3r9PfIqtrT%2B35RuT413N3EcfK0HiLjBaHQgRcBvZvWpM98l0dwjD%2BWo0YezlH3tHxYRLx5%2F1wJhLwxap8APiZwP8Cw4%2BC3LIjR8Ne2RWkNBYjGIgpoRx2AWwJ7S2fvmEV0sU3tBOUP984DfD31ehK1XBYkEio8MjOVovcVvY6PZAOp%2FL2Bo3tRTupAdCxqrS7N8%2FFBxr%2B4dbMqnQfj%2B1QuxUAkk49YRYwL61c3VyvujdXbMUowmwnRcLxC%2F4cjuB1eegyH6U2K36mhnbCvLk8LQPyPuUbwQ3n6bc2MYY%2BpxzJej1z9%2BNgs8d809TQluV29CJnJheqG5fdsryIbwBUB8yUsoxG0BmNAK4wrp7MJY7J0G%2B%2BkQuA6V9ANRr2IZg6pOY2SDtxfEK5HWKfPnv%2BKdQKSOPqMn1hIvlz8%2Fo9CIPXzPh%2BoZoIiitjbHO0R0pxCU4qzkJS%2BrUYynts8EZOZ8sfUmwh1gumRuY%2FRNFUMkOBIy5zmctvdnzgpQYa4qEwphRUwf0Ue%2BePgG5Wc1rXxOv2wnIDiQ2s8QohpMTY9UMQfCjKZHSe9lXwP4wtfSbZo6aspWqYG6GgLZCVJvbMDl8N83Ph7DETjGd7zDW4k6k97zkvIGYXTQO7ULwMGknTAgfy6%2FsfNxUdomSn4EPW3UT44VbCV8D7VbdkTqBdBEscH6EdKYcf6KDf%2Fm4sX431Q6nha7%2F32YLRif6XFudGLxpsDS8tq%2BEQeELuE0Po5Fok5gNS4FytTQQ78KcqDmglPQFie54msEZ6wIgkszFBaUBvntFfJHKJoZ5jRk8v185DnSUK%2FH9eq5tOlKGLdXganAqInAU62x4M2QwhAStCxWyq7eTwdu3gaiULzTJ%2FAmEbZvlfr9Ts1pjSORvBmkOmK%2BBnbidhJzIX21rtcGfq2oiUYxnEimbHKA91eZo1a96K1tZKpm7p7PDC3s5wPqPsp4Gnk4pNohKlo7bMh%2FqbYNPPCm9woqul4USNo6ZIqqAoCspY87pJCJ%2FODcNyS7boafFea5uH3R4GlPESzYo1RSVOrhGj60Zj5RkwhUN6DfzLJcMWvEKO5DAt%2BOjNZ3FimHrqPrlsf5vN1ETFglT7M2xujVEu4gBvuEHeQJpited3BHHJTFcu3DVkS9j%2BqGXat23Ix5MZHotJCtDM3WxDshNzahAATxAhfJePqgGM22vNRri6Haf0mkpwm5vOHs1zBoknYjdVY4oYuzCA%2Bu4ItA%2FFIK9JXsuf48Aq3xft6N3Q4S%2BCHakGrpkzocW8PXGoLPHvfOcPrqIp6bOiBiHev1ihhYu6DdAzkcLiL4TAnNYN%2FO5VQdWVqnLiaFd9c7JCa6BTOZXammSe2OZJN8fxiefVydCjuT%2FCKrhEdHyq0iQ3iEjwlfjCsOkaqf2affGU7CFgpS1rhdUlPVBt%2FfJmb0ChE%2FuY%2B524DHBphtKWm38F%2Bxs6%2FvY75HZYLmKBNGkhuZYi5P3LmpKSb4rvZtMewBU0BcFRR%2FYx3qD8z5PJWxRAV7Vj3ddWw6%2FvCU8c1DWGJE0YBiKbTtKhxvPzTEF43rLi2MjbTPob25jV5UgiexFlfC%2FQZ2OjcAHgqo7wGimk2x6NIzp151O8r1jJtvK98MSoxVU%2F8PSeCv4OjqLzDeFPz2dogzBiNvX9c7n5Vr1KatWgZE9ZoAQS%2B%2Bqf7pfT7uPRa%2FxraZw%2F21t1lTW7DTgAO2RsHUKAAr2h1tBwOAxlknihdh6Pr6HyQs8x3IytK65PmvCO5nesmrpPFWeC%2FirQfJGapTBuYCCjoSwCil5vPaQOgMfO349slFEd%2FT1j5wC2heMsukKTWO01D9CW2dcOAZakrCnGIqqAZ1KMc1mVXzTinpdMDp1XD2ka6oGwLWkEzOhZdKpVvrut1rep07ZKJGSabGpA1h%2Frk2Ns0Fo4M9l7CMOeoUcbb8dCw1YVBICod5Be5G6fz%2Fk9CS8nVq6uUZNru9bdaxmWJ5yYupGoGwNQYY7xi99RstEaTANLhqe3B6rSuzTdZfaRjayxsOkeMafWvmfvAN3J7JGzWMb%2BdjACLLBQByoW9rXgyZuy%2FwgqUJDhd4O9v90kkBGmTeft9TlZgVs72X2g89I90b1z0Odp8o3Y5Qm6JswEy7DgjpAU35rKmZFjLycioL0QraL1u5gQEv4vSBc%2BKOssKbbATmKTK4aaix%2FgQu%2BG1pjmgmE2e5XLtT8UE9Mg7du%2Fj2Md688vpWYMQBejjq%2BOR%2FJEVFKxQB%2BuM25cL%2BVyRWAfJ32g0%2BQjdRKhMZiDF3E84EpR8QpnFZvdVw%2BgjBz9RGw2mjGvhOrL%2BGu0ooHwOtRABeYn0KJvZO9W%2FofatosC7Qxh36Bx58ysiWaqQbim1H%2FI8UEmviO4FXlqrbPlzReAG5OvBmyR5pa0cBQ1Hkxp1vUHd01%2BjU%2FAflcAugDGybdWFa3jnAQXlc%2FnzzsQPb2JUu0AeRXMjlR7BCFXx4ubMwpqDlbxB2crl7mubSV0%2BkVFGHONGZMb14cFWQQmNV3RhRrO6Kdcm5ueepktjGrSV3UWOGaLRw4EH78nVKuYoGxsi49lQPj0IH%2FU7VUW8egwBJdRB4WvRwcOtycE5Bs2G4%2FqqPJZijZko6eOT8j%2B4YnDUUIMZPHvQ18x1n8bcBOPZcQNF8G9AZu7E4CM8bV2HdHlrcTv4ULrksNgg3cbkrr32aQmaDcEdMWxxmurYUGj7uHWqiQx1mfs3tIQKcC0DpCBn7gSqmy6FXDBc25y9StARif0hc34xJWdH89XRab%2Fze%2BBNUMd0RemspnrKlO8%2FErXvBpLfnV0qohPj8mrJMi04EMgMdU3Ul0exMvNjpWwtbdfhb45Ady2n2HuacANioh41tZimz6CbiMCI5WKU5%2F7RF4sSpaxt%2Bv2ZVlktiwIXTJCunVHrZ8bTsaLieX2rLw1ZITA09XUZ6RbeaV9vcIVbC5HdXvnaVuNz9%2FeMyNW2IdlE7FcFD0AHb6Q4TediHmAO5671qf7QfErpcSTGRCyfWMY2fZgKM4SWEPxK4%2FVNwjHyFd0HXRaLM5vn4QfrwFWsLg%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 07 Oct 2025 08:04:47 GMT\r\ncontent-type: image/jpeg\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":201964,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3","md5":"8d4702e68d0a5be687984f1e51dd9fc4","sha1":"ea7f36e3efb63f6d8c005cb599059d52e3009622","sha256":"780f083aca765f3ccf0aabf16263a794051aaaf73fa074efb469c8bec61643db","sha512":"f04e3c4a258ad90c3c51cb57f6d1a542924dd01d207209911c39af566e423c17b7aa502bb9432e40da1e87e6dc418a3a2f3f3719d276b5a819a00a6334e28d6a","ssdeep":"3072:L69MJuFBm899tTv6owzzdJ6uphLcYEywOk0MmHdHutxGhriMGIBqb3FBHsN8Zq:L6YIBvl6owvdsiEb26MTsBHw0q","tlshash":"fb1412337796ca7b540fb6f19af99103ee80be43bee0dab55090c72491c4498ce096b7","first_seen":"2023-08-06T21:26:39Z","last_seen":"2026-05-13T12:34:59.262791Z","times_seen":80,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-10-07T08:04:47.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"F3:C7:68:20:2E:52:7F:61:4B:43:46:72:CB:A9:29:91:40:A0:5A:96","sha256":"1A:0B:E2:45:70:7A:DB:88:E8:4C:4E:DF:ED:F5:08:2F:2B:2A:CA:33:09:72:DC:80:8B:D2:7B:C6:48:3D:CA:D1"}}},"request":{"raw":"GET /s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://befjajh.flirtosmart.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 01 Oct 2025 00:01:36 GMT\r\nexpires: Thu, 01 Oct 2026 00:01:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 547391\r\nlast-modified: Mon, 15 Sep 2025 17:09:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-06-02T18:05:46.415439Z","times_seen":228286,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":83,"dns":1,"connect":14,"send":0,"wait":15,"receive":14,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vcc.iljmp.com/1/f-00163?lp=https://tdzebli.com/1/%23-p6J-mE","fqdn":"vcc.iljmp.com","domain":"iljmp.com","tld":"com"},"ip":{"addr":"52.7.37.178","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-07T08:04:44.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.iljmp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Sun, 23 Mar 2025 00:00:00 GMT","end":"Mon, 20 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6D:F2:E9:84:A8:B3:5E:85:23:79:3D:A8:37:7E:D1:81:52:74:66:56","sha256":"71:91:FD:38:35:73:05:52:6E:2E:F7:69:9E:D0:B5:F4:6C:53:D5:CD:50:17:6E:66:C0:B2:A2:11:CF:32:3C:78"}}},"request":{"raw":"GET /1/f-00163?lp=https://tdzebli.com/1/%23-p6J-mE HTTP/1.1\r\nHost: vcc.iljmp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 07 Oct 2025 08:04:44 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://tdzebli.com/1/#-p6J-mE\r\nset-cookie: AWSALB=fdZOnFP2olZMEj5tT/sEyWd64qU6XyBv9Le2d2XJ9kDAFzAry6cR89dwjOZRjU2ZOQ/6CxonIFMat/l0zHPGf1wW5al9lEVLArmZsfcVauUMx6kRUk2P17zsbKgp; Expires=Tue, 14 Oct 2025 08:04:44 GMT; Path=/\nAWSALBCORS=fdZOnFP2olZMEj5tT/sEyWd64qU6XyBv9Le2d2XJ9kDAFzAry6cR89dwjOZRjU2ZOQ/6CxonIFMat/l0zHPGf1wW5al9lEVLArmZsfcVauUMx6kRUk2P17zsbKgp; Expires=Tue, 14 Oct 2025 08:04:44 GMT; Path=/; SameSite=None; Secure\nsymfony=1sjf6eltpcepakv9m8ti0fc4l5; path=/; secure; SameSite=None\r\nserver: nginx\r\nx-powered-by: PHP/7.3.29\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: PUT, DELETE, POST, GET, HEAD, OPTIONS\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\np3p: CP=\"CAO PSA OUR\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"PHP:7.3.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1756,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-02T18:08:06.981696Z","times_seen":16047564,"resource_available":true,"data":null}},"time_used":833,"timings":{"blocked":369,"dns":80,"connect":92,"send":0,"wait":95,"receive":0,"ssl":193},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openfpcdn.io/botd/v1","fqdn":"openfpcdn.io","domain":"openfpcdn.io","tld":"io"},"ip":{"addr":"54.240.174.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tdzebli.com/1/#-p6J-mE","date":"2025-10-07T08:04:45.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openfpcdn.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 27 Nov 2024 00:00:00 GMT","end":"Sat, 27 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"DB:8B:1E:08:FC:EE:6F:56:28:0B:74:80:37:E0:DE:69:D3:59:96:8D","sha256":"C1:3F:58:99:2C:D2:A0:B9:C0:DA:6D:01:AE:FD:93:AB:09:79:09:0C:A8:0B:EB:21:23:E9:A8:78:90:96:EE:55"}}},"request":{"raw":"GET /botd/v1 HTTP/1.1\r\nHost: openfpcdn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://tdzebli.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tdzebli.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: CloudFront\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\ndate: Tue, 07 Oct 2025 07:13:39 GMT\r\ncache-control: public, max-age=593903, s-maxage=11274\r\netag: W/\"5co2cnhGrt59+8B+iLKwJesMrpA\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: 6qQN7juTFYTDQbe9mV4e7HVHWhwUdkv-Q6n20Up26ddnfBSQIKDNYQ==\r\nage: 10439\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15196,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (15005)","md5":"234a8c1c15df9b03c65e9e14c82fc872","sha1":"e5ca36727846aede7dfbc07e88b2b025eb0cae90","sha256":"29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89","sha512":"9aeee4e620de49e0ed303917e9afc1806da0815896bc5feef3add9f89e0429678bfe0d9f0ad3fc940bd8e48f7e235e5c8d23463407c42b6fbc740b50c43a0b53","ssdeep":"384:/yKlnAKXPD899vDMKXExXI7EhgKkVGVXvPGt7MD:hfPD899vDMKHLVGVXvPGNA","tlshash":"bd62a4cef996b07553bb34a1503f2206b2362655745e84a0cf2bc2c16879e5ac23bf6d","first_seen":"2024-04-04T09:37:24Z","last_seen":"2026-06-02T15:11:44.208616Z","times_seen":13436,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":36,"dns":28,"connect":1,"send":0,"wait":1,"receive":0,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tdzebli.com/favicon.ico","fqdn":"tdzebli.com","domain":"tdzebli.com","tld":"com"},"ip":{"addr":"88.214.27.56","port":443,"asn":209272,"as":"Alviva Holding Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tdzebli.com/1/#-p6J-mE","date":"2025-10-07T08:04:45.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tdzebli.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Thu, 13 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6B:CF:51:C0:07:A6:AB:B1:31:F3:75:5C:9E:6C:A2:90:7E:9C:BB:DD","sha256":"FC:CA:17:A5:17:E6:93:7B:E9:36:BD:D2:95:00:67:38:12:F3:92:28:5A:4E:21:4C:78:B4:08:37:F0:13:0F:FB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: tdzebli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tdzebli.com/1/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 07 Oct 2025 08:04:45 GMT\r\nServer: Apache/2\r\nContent-Length: 315\r\nKeep-Alive: timeout=2, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server:2","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-06-02T17:57:03.00418Z","times_seen":145734,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"81.30.157.12","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-07T08:04:46.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /s/42cf1c2250951 HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 07 Oct 2025 08:04:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nset-cookie: s=0OZPB3vJk4YoiN%2BbnYNjc1FGjKucIcdGgmsmeizDsUewylF0SXxHVAL9Qqh3ZWKweh2Gb7wNaVioBPPjjakTzyB%2BNvQRH5xb%2FzdQQqWb1QiPBl3P1K6uIMm1hSimYAp4T%2BBCh%2BMrSB2YKBDKYzjUabOYYb94mLh4gjXAbyQY9kfzJG28kecjDtYFGv6ap0dC7upRWk4lbyD7h%2BdoSm4tWee%2FK0I7jzRpSvx42X1xu9P12TSjCfZUuA0M%2FiEehmVXGJ%2BGdo7w9f2HxgGnnQPYK0rpaGG7DnIBeyx0u1nFMVgDNEz3UDe9gphBYNVKxsvOCkHi5oyJL98E2eH3y7fCLZWYghIP7KR11ZMSClymVLO3%2B0hGRcCTbgJu56uVTa56YfRQ64yPD329M6SdQSsuVcizejOlNSaZUkMvTsutUXgFx%2BAriIfYldsaz%2B81QjDYATbo2xn%2Fb54jpLW1norj4LlGXav179%2Bj5CpMFNvHRywuDnfkiE5NvsHE5QN%2BoXQ1GOUCBtRmMDFnG8jJmcM0Z2nHQc1hpE7idyhHJAX%2Bxh93%2FZMyvu5hM0Cntjj4F1r5R0ooc5qOlZVR1qFoXrlAopOWth%2BRQ69XB%2F%2BVZWUZ6UuicOU%2BqEKScJxDncekBQSsIWTyQmWQq9HK4erg8qZgTPKQUMJempRKRKMkg4attzIjli3b3mKG1%2FRtmSSXnBjV1GjH5TskLhr0OgS8FMDtZcWqKa0B2YZ6aEjFu3TKG9LQnPJueWC6ji3r9PfIqtrT%2B35RuT413N3EcfK0HiLjBaHQgRcBvZvWpM98l0dwjD%2BWo0YezlH3tHxYRLx5%2F1wJhLwxap8APiZwP8Cw4%2BC3LIjR8Ne2RWkNBYjGIgpoRx2AWwJ7S2fvmEV0sU3tBOUP984DfD31ehK1XBYkEio8MjOVovcVvY6PZAOp%2FL2Bo3tRTupAdCxqrS7N8%2FFBxr%2B4dbMqnQfj%2B1QuxUAkk49YRYwL61c3VyvujdXbMUowmwnRcLxC%2F4cjuB1eegyH6U2K36mhnbCvLk8LQPyPuUbwQ3n6bc2MYY%2BpxzJej1z9%2BNgs8d809TQluV29CJnJheqG5fdsryIbwBUB8yUsoxG0BmNAK4wrp7MJY7J0G%2B%2BkQuA6V9ANRr2IZg6pOY2SDtxfEK5HWKfPnv%2BKdQKSOPqMn1hIvlz8%2Fo9CIPXzPh%2BoZoIiitjbHO0R0pxCU4qzkJS%2BrUYynts8EZOZ8sfUmwh1gumRuY%2FRNFUMkOBIy5zmctvdnzgpQYa4qEwphRUwf0Ue%2BePgG5Wc1rXxOv2wnIDiQ2s8QohpMTY9UMQfCjKZHSe9lXwP4wtfSbZo6aspWqYG6GgLZCVJvbMDl8N83Ph7DETjGd7zDW4k6k97zkvIGYXTQO7ULwMGknTAgfy6%2FsfNxUdomSn4EPW3UT44VbCV8D7VbdkTqBdBEscH6EdKYcf6KDf%2Fm4sX431Q6nha7%2F32YLRif6XFudGLxpsDS8tq%2BEQeELuE0Po5Fok5gNS4FytTQQ78KcqDmglPQFie54msEZ6wIgkszFBaUBvntFfJHKJoZ5jRk8v185DnSUK%2FH9eq5tOlKGLdXganAqInAU62x4M2QwhAStCxWyq7eTwdu3gaiULzTJ%2FAmEbZvlfr9Ts1pjSORvBmkOmK%2BBnbidhJzIX21rtcGfq2oiUYxnEimbHKA91eZo1a96K1tZKpm7p7PDC3s5wPqPsp4Gnk4pNohKlo7bMh%2FqbYNPPCm9woqul4USNo6ZIqqAoCspY87pJCJ%2FODcNyS7boafFea5uH3R4GlPESzYo1RSVOrhGj60Zj5RkwhUN6DfzLJcMWvEKO5DAt%2BOjNZ3FimHrqPrlsf5vN1ETFglT7M2xujVEu4gBvuEHeQJpited3BHHJTFcu3DVkS9j%2BqGXat23Ix5MZHotJCtDM3WxDshNzahAATxAhfJePqgGM22vNRri6Haf0mkpwm5vOHs1zBoknYjdVY4oYuzCA%2Bu4ItA%2FFIK9JXsuf48Aq3xft6N3Q4S%2BCHakGrpkzocW8PXGoLPHvfOcPrqIp6bOiBiHev1ihhYu6DdAzkcLiL4TAnNYN%2FO5VQdWVqnLiaFd9c7JCa6BTOZXammSe2OZJN8fxiefVydCjuT%2FCKrhEdHyq0iQ3iEjwlfjCsOkaqf2affGU7CFgpS1rhdUlPVBt%2FfJmb0ChE%2FuY%2B524DHBphtKWm38F%2Bxs6%2FvY75HZYLmKBNGkhuZYi5P3LmpKSb4rvZtMewBU0BcFRR%2FYx3qD8z5PJWxRAV7Vj3ddWw6%2FvCU8c1DWGJE0YBiKbTtKhxvPzTEF43rLi2MjbTPob25jV5UgiexFlfC%2FQZ2OjcAHgqo7wGimk2x6NIzp151O8r1jJtvK98MSoxVU%2F8PSeCv4OjqLzDeFPz2dogzBiNvX9c7n5Vr1KatWgZE9ZoAQS%2B%2Bqf7pfT7uPRa%2FxraZw%2F21t1lTW7DTgAO2RsHUKAAr2h1tBwOAxlknihdh6Pr6HyQs8x3IytK65PmvCO5nesmrpPFWeC%2FirQfJGapTBuYCCjoSwCil5vPaQOgMfO349slFEd%2FT1j5wC2heMsukKTWO01D9CW2dcOAZakrCnGIqqAZ1KMc1mVXzTinpdMDp1XD2ka6oGwLWkEzOhZdKpVvrut1rep07ZKJGSabGpA1h%2Frk2Ns0Fo4M9l7CMOeoUcbb8dCw1YVBICod5Be5G6fz%2Fk9CS8nVq6uUZNru9bdaxmWJ5yYupGoGwNQYY7xi99RstEaTANLhqe3B6rSuzTdZfaRjayxsOkeMafWvmfvAN3J7JGzWMb%2BdjACLLBQByoW9rXgyZuy%2FwgqUJDhd4O9v90kkBGmTeft9TlZgVs72X2g89I90b1z0Odp8o3Y5Qm6JswEy7DgjpAU35rKmZFjLycioL0QraL1u5gQEv4vSBc%2BKOssKbbATmKTK4aaix%2FgQu%2BG1pjmgmE2e5XLtT8UE9Mg7du%2Fj2Md688vpWYMQBejjq%2BOR%2FJEVFKxQB%2BuM25cL%2BVyRWAfJ32g0%2BQjdRKhMZiDF3E84EpR8QpnFZvdVw%2BgjBz9RGw2mjGvhOrL%2BGu0ooHwOtRABeYn0KJvZO9W%2FofatosC7Qxh36Bx58ysiWaqQbim1H%2FI8UEmviO4FXlqrbPlzReAG5OvBmyR5pa0cBQ1Hkxp1vUHd01%2BjU%2FAflcAugDGybdWFa3jnAQXlc%2FnzzsQPb2JUu0AeRXMjlR7BCFXx4ubMwpqDlbxB2crl7mubSV0%2BkVFGHONGZMb14cFWQQmNV3RhRrO6Kdcm5ueepktjGrSV3UWOGaLRw4EH78nVKuYoGxsi49lQPj0IH%2FU7VUW8egwBJdRB4WvRwcOtycE5Bs2G4%2FqqPJZijZko6eOT8j%2B4YnDUUIMZPHvQ18x1n8bcBOPZcQNF8G9AZu7E4CM8bV2HdHlrcTv4ULrksNgg3cbkrr32aQmaDcEdMWxxmurYUGj7uHWqiQx1mfs3tIQKcC0DpCBn7gSqmy6FXDBc25y9StARif0hc34xJWdH89XRab%2Fze%2BBNUMd0RemspnrKlO8%2FErXvBpLfnV0qohPj8mrJMi04EMgMdU3Ul0exMvNjpWwtbdfhb45Ady2n2HuacANioh41tZimz6CbiMCI5WKU5%2F7RF4sSpaxt%2Bv2ZVlktiwIXTJCunVHrZ8bTsaLieX2rLw1ZITA09XUZ6RbeaV9vcIVbC5HdXvnaVuNz9%2FeMyNW2IdlE7FcFD0AHb6Q4TediHmAO5671qf7QfErpcSTGRCyfWMY2fZgKM4SWEPxK4%2FVNwjHyFd0HXRaLM5vn4QfrwFWsLg%3D%3D; expires=Wed, 08 Oct 2025 08:04:46 GMT; Max-Age=86400; path=/; domain=flirtosmart.com; secure; SameSite=none\r\ncache-control: must-revalidate, no-cache, no-store, private\r\npragma: no-cache\r\nexpires: 0\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.2.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":47467,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30569)","md5":"1cdda67f17041a500bd12cd35d9f8642","sha1":"4804f115cc93eb654af6f2511ad58c66085ea1ab","sha256":"99ced51069d7cc3518b6ab2c6e628d10644e1f32117d916ac9cc18834cc8b0ab","sha512":"fdf7528df14b40a4f148fdf92488a42a739424487ce5490329d4fa6afb966f4df20bc3490e2313a468a18fb90ce95152d9d4af4f0c2ac65fb3d525a5326b13f7","ssdeep":"768:pN0xGiqAPbBRvB3ACfaYOTQpz0eEdAQHupIGbpn1J/Pw:pN0pVRvB3ACfaYT0eEBHuN4","tlshash":"7b231a4d31de393a02a32199256fe208707f4d57704d8840f9bf56942fe4e6a627bfe8","first_seen":"2025-10-07T08:05:13.62001Z","last_seen":"2025-10-07T08:05:13.62001Z","times_seen":1,"resource_available":false,"data":null}},"time_used":519,"timings":{"blocked":197,"dns":141,"connect":20,"send":0,"wait":125,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-07","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/just-validate@4.1.0/dist/just-validate.production.min.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-10-07T08:04:46.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 10:31:15 GMT","end":"Sun, 23 Nov 2025 11:31:12 GMT"},"fingerprint":{"sha1":"77:EF:87:8D:9A:D6:8C:EF:F9:8F:05:89:BF:F2:6B:C2:CF:78:19:EF","sha256":"3C:23:A9:CF:90:2C:6B:74:27:D0:FC:3B:92:A8:A9:AD:66:5F:B0:D4:DE:28:80:4D:49:D0:4C:22:AE:D2:F3:90"}}},"request":{"raw":"GET /just-validate@4.1.0/dist/just-validate.production.min.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Oct 2025 08:04:46 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-encoding: gzip\r\ncf-ray: 98abe3c13ddbb4fa-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 957430\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 07 Oct 2026 08:04:46 GMT\r\nlast-modified: Thu, 04 Sep 2025 18:07:59 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncontent-digest: sha256=:wIsRsjLOoDtGfUDVsJkNferuBK4d568tTrlMNUS0waU=:\r\ncross-origin-resource-policy: cross-origin\r\nfly-request-id: 01K4AYKYJ8CZHGB7GS0VB37ANW-fra\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}],"data":{"size":28389,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (28388)","md5":"713352ee6a16034c696a6e2785b92280","sha1":"6289cf9b1f0e775ad3feb36b0fcfe5af301a0e5b","sha256":"c08b11b232cea03b467d40d5b0990d7deaee04ae1de7af2d4eb94c3544b4c1a5","sha512":"8c42085cda5010ff9eb71174f3f5af3f94f276ab1b134241ed70cd37b3c8d7b8efc7a0899e964be8cef88474da2bee314158b86e45a64ecc0294f8dd628de2fa","ssdeep":"768:VkW++Jv/0btODUsl7dMrXfSCiwgRgpZ1UuVvw1CByfDwty0HD/h7PCByCrCagSZi:mCsRXaCiwgRgysnY3gSK6U","tlshash":"0ad2d606267109234dd94ae9e08b9543b3d1375da518a4ccf73dacfb9a8dec630937b2","first_seen":"2025-09-05T11:13:19.031002Z","last_seen":"2026-06-01T17:48:08.859661Z","times_seen":8680,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":20,"dns":5,"connect":1,"send":0,"wait":39,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}