{"report_id":"0d0aec19-d2d5-467d-a2b5-d580c6d7ec84","version":6,"status":"done","tags":[],"date":"2025-01-16T20:33:40Z","url":{"schema":"http","addr":"datingsr.com/new/?s=84\u0026","fqdn":"datingsr.com","domain":"datingsr.com","tld":"com"},"ip":{"addr":"50.31.2.73","port":0,"asn":32748,"as":"STEADFAST","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"title":"Looking for sex tonight in Oslo?"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-27T20:33:40Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-01-15T01:35:32.072438Z","alert_count":0,"request_count":1,"received_data":6948,"sent_data":483,"comment":"","tags":null,"fingerprints":null},{"fqdn":"datingsr.com","ip":{"addr":"50.31.2.73","port":80,"asn":32748,"as":"STEADFAST","country":"United States","country_code":"US"},"domain_registered":"2015-12-08","domain_rank":0,"first_seen":"2017-02-14T14:38:50Z","last_seen":"2025-01-13T15:53:17.049819Z","alert_count":0,"request_count":1,"received_data":324,"sent_data":393,"comment":"","tags":null,"fingerprints":null},{"fqdn":"e5gpmrd.elites-sweetsthemeets.com","ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"domain_registered":"2024-12-13","domain_rank":0,"first_seen":"2024-12-17T12:38:46.361984Z","last_seen":"2025-01-13T15:53:16.994826Z","alert_count":13,"request_count":13,"received_data":1155268,"sent_data":7014,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-01-15T01:38:19.518894Z","alert_count":0,"request_count":1,"received_data":73912,"sent_data":534,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"da6722fbd5bc2ca7e66ee4e59152c52b","sha1":"c73ca6bb9288005edd87f2a42e28e3f52b6dde8a","sha256":"50e645242cb49b7a0d5741e56e7c27c19e2119f28fe76ff29daed4d0c23bb6e1","sha512":"2a1aacccad9028957f48b5f7cb3a065639482293eb4ee77bf2a4e29f8ae01f59b4bb876bdad6a2a995d4406037700181584986d7094eb6d9a5f4c8079333298a","ssdeep":"","tlshash":"6b0149c83a25ed49d063bc6ead3d2d376020fd3fd14eb5882548c20a39544b06327cbe","size":695,"data":"","first_seen":"2025-01-16T20:33:41.647237Z","last_seen":"2025-01-16T20:33:41.647237Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/cookie/js.cookie.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7e9883924072f15259de6888d5ef515","sha1":"7f4f6e5938e68f55aef81e0cd0145f008cd28382","sha256":"985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c","sha512":"f6f2859b644b249cebe21b0af49c0efa046eedc95814ad4cac400b25d6fddbb7a155db420359ccfc8570eb18899cdc369dcbf5c137f4cb21f24b27f8f297be48","ssdeep":"96:3+bMojFkR0WIxWXATmnv5h8VatgNyyd2jMAp0:3zoa0WIcXATs8atgNyM6pp0","tlshash":"ec91b7783c1535b80d06237513bf668b7077bc567c865710b64cd998eb28c6b8316fe2","size":4264,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-05-27T10:39:02.122496Z","times_seen":6129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/util/utils.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"67f83bb8309524daa942af9cec436419","sha1":"df63410e039476a6dde6eb4200b5c1666c52af21","sha256":"57d2fd3a46ef70b606d7dcd83f70b6a2107725cd910ca1399c70ef52b2c72b9d","sha512":"d48b08d4209f4313706376f312ccc8d08f9a34c22f4428a5bce059242442097a15a4581673259de0a2eb27bacb508104248703feed52a9d38a74d6e9470599ce","ssdeep":"192:C018ojHD3/HDg8bQgdv0p+MS0zS6S+8izeLeR4OeH/t060SDWF:T18ojHD3/HDnQgdvDMSES6S+8ibR4OMk","tlshash":"0e02527e3a3e352a1d0a237d1cdad94d247bfc2b750196326919b848d4ece5ce312eb1","size":7514,"data":"","first_seen":"2025-01-16T10:08:27.907414Z","last_seen":"2026-05-09T11:12:49.947897Z","times_seen":1463,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/videoquestion23/js/jquery.min.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"710458dd559c957714ac4a8e95357eb5","sha1":"f694238d616f579a0690001f37984af430c19963","sha256":"b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365","sha512":"282d65828a43bfe50fe0f9aea8bca3838ac1b5250e7c7c359c066e0428aa723f001d31c2463681b2ad6816a49a8571bf9f3ae29b2dc53adf1bbd7d5c4471322b","ssdeep":"1536:fYE1JVoiB9JqZdXXe2pD3PgoIiulrUn6Z6a4tfOR7WpfWBZPBJda4w9W3qG9a98N:u4J+rlfOhWpgCW6G9a98Hrp","tlshash":"3583c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85582,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-05-27T12:05:48.702597Z","times_seen":12184,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/videoquestion23/js/main.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"74f58c31659e17bb7a0bc4931230c883","sha1":"21b20186e0ff8dd2fbecda4aa0baccb785b02238","sha256":"acada31019f394419a409e0eb3b7c6f12abf56301ea6dac1a73b0aa6156a1ed5","sha512":"b6e785bbde35baf7bc0fe46e2bd76804c10557cb053f001fde4b2fa4480240c1d5b1d0a0a867368e811bc1edcf732ccc6b3b57470da3f1f05f5840d489e103f0","ssdeep":"","tlshash":"3221ab7aa93c31650c5a23bc0c96c680222bfc56f0029b723d147c88eddcd4cf611d2d","size":1213,"data":"","first_seen":"2024-11-29T14:20:12.716111Z","last_seen":"2025-10-07T02:56:22.058516Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/videoquestion23/js/trls.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"a928ab0a903ab314a56e6a74be5cbbc3","sha1":"7c825d50edad4ef247f955ef3283673504808cb6","sha256":"bf5951d490b60dac1e03e177ee1013b75ca277469a01479fd55e7f768a784785","sha512":"930c71ca315297ddeff1052003abf36f1eef4a69dd7a9662f7a07d1f72fa4d9be9058ac915ded827bcfd2c2b433250c606b6079f1bc88b0257ed05a32bdd85e2","ssdeep":"768:TDQkmrBvhqel/dteERWyjrrPjtiztlJx1i3:GvrPxizFx1i3","tlshash":"8bf28033fbcf59faf0c12255a672f985252ce96fe351e8f9305e54aa20d1900824fad7","size":36926,"data":"","first_seen":"2024-11-29T14:20:12.707187Z","last_seen":"2025-10-07T02:56:22.06389Z","times_seen":1239,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/bb.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d553e4bac91c74bfee2dbabba61e99e","sha1":"5af71e2377c9c012a7826a695f2724901941b19b","sha256":"1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68","sha512":"105e5b23733e7bb443ba2080d606c2814b0acd2aaf228467d2ce532ff2f2ec0b292f8eb5189a24cd9f79b69a7e983b176dbd29e2d539dae7ca443821084f2894","ssdeep":"","tlshash":"23f02341bd5435f147cf3255861f2230903f08cd7206d583b9a85e916e3179d9e1bbd0","size":639,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.592645Z","times_seen":13211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/exit-new/exit1.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"625e5e2950612f771e246beb33c9ea61","sha1":"e4fc251c6c000496c285f8dc3fa097040b031681","sha256":"618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46","sha512":"655f0b373c605d0a464bedca4df204fb3aa12442c5b0aa3b8bf13e0604fd1e89480356e9c6cc9a432f81305bf1151caf4ac4ad9d8eb24eb78cbd11318e5b9657","ssdeep":"","tlshash":"ee81407c352d7579499a777c91efe94a207b6c53f001a2320808bc94e86ce4ce325df9","size":3473,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-02-01T11:35:43.37734Z","times_seen":13050,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"datingsr.com/new/?s=84\u0026","fqdn":"datingsr.com","domain":"datingsr.com","tld":"com"},"ip":{"addr":"50.31.2.73","port":80,"asn":32748,"as":"STEADFAST","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-16T20:33:15.863Z","timestamp":1737059595863,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /new/?s=84\u0026 HTTP/1.1\r\nHost: datingsr.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Thu, 16 Jan 2025 20:33:41 GMT\r\nServer: Apache/2.2.15 (CentOS)\r\nX-Powered-By: PHP/5.3.3\r\nSet-Cookie: visited=1; expires=Sat, 15-Feb-2025 20:33:41 GMT\r\nLocation: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-27T17:18:43.802994Z","times_seen":15783557,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":103,"dns":0,"connect":103,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-16T20:33:16.099Z","timestamp":1737059596099,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /p7ut3wl?m=1\u0026t=84 HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: text/html\r\ncontent-length: 4950\r\nset-cookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x; path=/\r\ncache-control: private, no-transform\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4950,"size_decoded":4950,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (561), with CRLF line terminators","md5":"a2cde59e463fcf7bd6fa4da38cad3192","sha1":"4d7d97407bd050218e4d4fd5510f1f8fc531e053","sha256":"c774f82be7d290d598b67cddaace57775c0cdc303bf8b40069933547390084a6","sha512":"651b0cbe8fa567ab86251eaa1ba26a5c5c2d8ee51f6819488202000db547795e12ac1eb0ef2eb5b7cf987c3bf7215ec24ee800650ff2d81fe765d716bec1a7ff","ssdeep":"96:UY8aIj7FOFK41F2niGhD4YEeLqVdhD4ryLqRGp2hD4IS6LqrhD4MezQRpYqhdVfo:UnDj7Fz4WnJJLqhxLqo2E6LqtkMvnffg","tlshash":"d8a13211384dea3f89a302cf8079d396a1d5dd37f760e81ab1f516ab43d2e48990a487","first_seen":"2025-01-16T20:33:41.632019Z","last_seen":"2025-01-16T20:33:41.632019Z","times_seen":1,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":244,"dns":1,"connect":36,"send":0,"wait":48,"receive":0,"ssl":204},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/videoquestion23/css/reset.min.css","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.574Z","timestamp":1737059596574,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/videoquestion23/css/reset.min.css HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: text/css\r\ncontent-length: 1197\r\netag: \"8d6ca13d5cf50f61e0e85743802b667d\"\r\nlast-modified: Wed, 20 Nov 2024 16:19:47 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 181B464950400D0D\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732119587#276259281/gid:0/gname:root/mode:33188/mtime:1732119587#376259303/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-20T16:19:47.459Z\r\nexpires: Fri, 16 Jan 2026 20:33:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1197,"size_decoded":1197,"mime_type":"text/css","magic":"CSV text","md5":"8d6ca13d5cf50f61e0e85743802b667d","sha1":"e2f1cbb2fc1df7804f8eee9d98abc15d072bc126","sha256":"4f8073061ab2b9f3b29d563c2b3976d8dc33ee5c0c9b5cdca0a728133e2bb053","sha512":"e3d60da556b2d43f5d0fbb5a86e7c24a81cb3b891e8cab959397aa9752df5420d95c3bba75303ba8f50b83cd54d04af1b3ebe90f0139782e9071f5bc93cdffee","ssdeep":"","tlshash":"b521112ca510d4d084758b21b3828f34f52411b31f155174fae9cf9c1b3a622cad2fbd","first_seen":"2024-11-29T14:20:12.70407Z","last_seen":"2025-10-07T02:56:22.054602Z","times_seen":1216,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/videoquestion23/css/style.css","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.576Z","timestamp":1737059596576,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/videoquestion23/css/style.css HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: text/css\r\ncontent-length: 4442\r\netag: \"f5ca8d01cccbf9a9ce244e2f589d9a7f\"\r\nlast-modified: Wed, 20 Nov 2024 16:19:47 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 354f9eb41c4f44111da43ee93430d467ccc8f740dac6a89f93d2690a13b4c5b4\r\nx-amz-request-id: 181B46496129A6B4\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 365\r\nx-ratelimit-remaining: 365\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732119588#60259457/gid:0/gname:root/mode:33188/mtime:1732119587#984259440/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-20T16:19:48.064Z\r\nexpires: Fri, 16 Jan 2026 20:33:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4442,"size_decoded":4442,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f5ca8d01cccbf9a9ce244e2f589d9a7f","sha1":"149de9d899efa44651310d8afb0da6fd503f027c","sha256":"fa47c7044da3b9b731dd8bb68c797f2632b80bbeed38e2a0ed139f7ef274d7a9","sha512":"7855c1da7471dffbbfeac1798259a9eb06baaaa46fb5252dea60829d9111a188819cd9c84309549852657968042269429d4585935a661504b529554a9e8e697d","ssdeep":"96:c3LZq+PhHjQZ7L30rfyM0MEU3z6hvQUQ1Xn4i:c3Lw+ZQZ7orfPtEOsvQUQ1XH","tlshash":"1691525989012288b233abf46ff14715ee580413ea4391ecbbd976ca4fb55b89260fcd","first_seen":"2024-11-29T14:20:12.719081Z","last_seen":"2025-10-07T02:56:22.062442Z","times_seen":1112,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/cookie/js.cookie.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.578Z","timestamp":1737059596578,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /cookie/js.cookie.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4264\r\netag: \"a7e9883924072f15259de6888d5ef515\"\r\nlast-modified: Wed, 31 Aug 2022 09:31:17 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: af968cfc53e5d4d46c2a7314ea3774fe010d1d1a8defca6495a09901b4f201c0\r\nx-amz-request-id: 181B457BD43C2446\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 336\r\nx-xss-protection: 1; mode=block\r\nexpires: Fri, 16 Jan 2026 20:33:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4264,"size_decoded":4264,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1709), with CRLF line terminators","md5":"a7e9883924072f15259de6888d5ef515","sha1":"7f4f6e5938e68f55aef81e0cd0145f008cd28382","sha256":"985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c","sha512":"f6f2859b644b249cebe21b0af49c0efa046eedc95814ad4cac400b25d6fddbb7a155db420359ccfc8570eb18899cdc369dcbf5c137f4cb21f24b27f8f297be48","ssdeep":"48:MnCmrorDzy9AVYnVReoHEmFZqLghLVQiAdHy9QShp8dLocCTRTvg84Re6YzMtpyX:iCyojFOJEiXA1hyvt4T7tpyD2bm","tlshash":"4b91a5a4344535b9053b237513bf678bf575e8a22c8aa644ba4dc9a07f30c5f031afe6","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-05-27T10:39:02.122496Z","times_seen":6129,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/util/utils.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.579Z","timestamp":1737059596579,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /util/utils.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 7514\r\netag: \"67f83bb8309524daa942af9cec436419\"\r\nlast-modified: Thu, 16 Jan 2025 07:55:10 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 181B457A7B26B8F1\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1737013493#205481014/gid:0/gname:root/mode:33188/mtime:1737014112#757470179/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2025-01-16T07:55:12.806Z\r\nexpires: Fri, 16 Jan 2026 20:33:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7514,"size_decoded":7514,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators","md5":"67f83bb8309524daa942af9cec436419","sha1":"df63410e039476a6dde6eb4200b5c1666c52af21","sha256":"57d2fd3a46ef70b606d7dcd83f70b6a2107725cd910ca1399c70ef52b2c72b9d","sha512":"d48b08d4209f4313706376f312ccc8d08f9a34c22f4428a5bce059242442097a15a4581673259de0a2eb27bacb508104248703feed52a9d38a74d6e9470599ce","ssdeep":"192:nv6UDdoxY4iYiXKF3nwx16qI9S7q6uRIpauZy4hpjgRxtSY8xd:nv6wixY4iYi+3nwx16q97H3Zy47jgRxE","tlshash":"3df1b89e334f311e87c633b1087e9408ac7ef8352796e095b9ed949464b0e1d3762ee8","first_seen":"2025-01-16T10:08:27.907414Z","last_seen":"2026-05-09T11:12:49.947897Z","times_seen":1463,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/videoquestion23/images/poster.jpg","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.580Z","timestamp":1737059596580,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/videoquestion23/images/poster.jpg HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 64215\r\netag: \"21607e8912c9014cb25fb33116747b96\"\r\nlast-modified: Wed, 20 Nov 2024 16:19:51 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 181B4649578AFF71\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732119590#456259998/gid:0/gname:root/mode:33188/mtime:1732119591#596260254/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-20T16:19:51.753Z\r\nexpires: Fri, 16 Jan 2026 20:33:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64215,"size_decoded":64215,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 603x1080, components 3","md5":"21607e8912c9014cb25fb33116747b96","sha1":"a95d5432f324de0c4c41f0efc1f30691707c9431","sha256":"9a0e814e6f3647dcf2704f59cc629233b4cf42b12a51cd3a060b71d6b36bccf5","sha512":"7966b71b477adf9a66731e1732acc52f9309acf60df7b891eb4c8cfc96d468a24677189018fb56318c84ba15aef23eef60e998ecfd64f1e122c0cd777caa89af","ssdeep":"1536:jt9f2NVqRJHkgO9xIbwJVY1RfjMlvr2LYAQ3Tm9dLlnp:mHqRJu9jVqylvr7VDmrFp","tlshash":"f35302298453bb8262852f6e0ee1469ba3dbd1e3dde301d46efcd8ec7531561a87309c","first_seen":"2024-11-29T14:20:12.722929Z","last_seen":"2025-10-07T02:56:22.069473Z","times_seen":1117,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/videoquestion23/js/main.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.583Z","timestamp":1737059596583,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/videoquestion23/js/main.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1213\r\netag: \"74f58c31659e17bb7a0bc4931230c883\"\r\nlast-modified: Wed, 20 Nov 2024 16:19:55 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 181B46497FE4A46D\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732119596#184261284/gid:0/gname:root/mode:33188/mtime:1732119596#256261300/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-20T16:19:56.334Z\r\nexpires: Fri, 16 Jan 2026 20:33:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1213,"size_decoded":1213,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"74f58c31659e17bb7a0bc4931230c883","sha1":"21b20186e0ff8dd2fbecda4aa0baccb785b02238","sha256":"acada31019f394419a409e0eb3b7c6f12abf56301ea6dac1a73b0aa6156a1ed5","sha512":"b6e785bbde35baf7bc0fe46e2bd76804c10557cb053f001fde4b2fa4480240c1d5b1d0a0a867368e811bc1edcf732ccc6b3b57470da3f1f05f5840d489e103f0","ssdeep":"","tlshash":"0c2123c5775d215e82df33650c768a047a3df871b183c5f8b9a0a5c82da541cf75a4bc","first_seen":"2024-11-29T14:20:12.716111Z","last_seen":"2025-10-07T02:56:22.058516Z","times_seen":1117,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/videoquestion23/js/trls.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.584Z","timestamp":1737059596584,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/videoquestion23/js/trls.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 36926\r\netag: \"a928ab0a903ab314a56e6a74be5cbbc3\"\r\nlast-modified: Wed, 20 Nov 2024 16:19:57 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 181B453F63E7A79D\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732119597#128261496/gid:0/gname:root/mode:33188/mtime:1732119597#500261578/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-20T16:19:57.61Z\r\nexpires: Fri, 16 Jan 2026 20:33:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36926,"size_decoded":36926,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"a928ab0a903ab314a56e6a74be5cbbc3","sha1":"7c825d50edad4ef247f955ef3283673504808cb6","sha256":"bf5951d490b60dac1e03e177ee1013b75ca277469a01479fd55e7f768a784785","sha512":"930c71ca315297ddeff1052003abf36f1eef4a69dd7a9662f7a07d1f72fa4d9be9058ac915ded827bcfd2c2b433250c606b6079f1bc88b0257ed05a32bdd85e2","ssdeep":"768:TDQkmrBvhqel/dteERWyjrrPjtiztlJx1i3:GvrPxizFx1i3","tlshash":"8bf28033fbcf59faf0c12255a672f985252ce96fe351e8f9305e54aa20d1900824fad7","first_seen":"2024-11-29T14:20:12.707187Z","last_seen":"2025-10-07T02:56:22.06389Z","times_seen":1239,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/bb.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.588Z","timestamp":1737059596588,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/bb.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 639\r\netag: \"0d553e4bac91c74bfee2dbabba61e99e\"\r\nlast-modified: Wed, 20 Sep 2023 15:21:05 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 181B457BD5A680AB\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134512#756035434/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z\r\nexpires: Fri, 16 Jan 2026 20:33:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":639,"size_decoded":639,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (639), with no line terminators","md5":"0d553e4bac91c74bfee2dbabba61e99e","sha1":"5af71e2377c9c012a7826a695f2724901941b19b","sha256":"1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68","sha512":"105e5b23733e7bb443ba2080d606c2814b0acd2aaf228467d2ce532ff2f2ec0b292f8eb5189a24cd9f79b69a7e983b176dbd29e2d539dae7ca443821084f2894","ssdeep":"","tlshash":"c5f02d81bd1878f685cf3355871f2230903f08dd720ae982a8a46e622e2038dde1b7e0","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.592645Z","times_seen":13211,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/exit-new/exit1.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.589Z","timestamp":1737059596589,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/exit-new/exit1.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3473\r\netag: \"625e5e2950612f771e246beb33c9ea61\"\r\nlast-modified: Wed, 20 Sep 2023 15:23:09 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 181B457C115E97E8\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134511#160030446/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z\r\nexpires: Fri, 16 Jan 2026 20:33:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3473,"size_decoded":3473,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators","md5":"625e5e2950612f771e246beb33c9ea61","sha1":"e4fc251c6c000496c285f8dc3fa097040b031681","sha256":"618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46","sha512":"655f0b373c605d0a464bedca4df204fb3aa12442c5b0aa3b8bf13e0604fd1e89480356e9c6cc9a432f81305bf1151caf4ac4ad9d8eb24eb78cbd11318e5b9657","ssdeep":"","tlshash":"e36156e4720e31ad93db3764c27fb11a7876e4b2d416a0b5a44c5c907434a1d6376cfd","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-02-01T11:35:43.37734Z","times_seen":13050,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/videoquestion23/js/jquery.min.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.582Z","timestamp":1737059596582,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/videoquestion23/js/jquery.min.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 85582\r\netag: \"710458dd559c957714ac4a8e95357eb5\"\r\nlast-modified: Wed, 20 Nov 2024 16:19:55 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: af968cfc53e5d4d46c2a7314ea3774fe010d1d1a8defca6495a09901b4f201c0\r\nx-amz-request-id: 181B46496180B289\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 336\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732119595#88261037/gid:0/gname:root/mode:33188/mtime:1732119595#680261170/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-20T16:19:55.774Z\r\nexpires: Fri, 16 Jan 2026 20:33:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85582,"size_decoded":85582,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065), with CRLF line terminators","md5":"710458dd559c957714ac4a8e95357eb5","sha1":"f694238d616f579a0690001f37984af430c19963","sha256":"b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365","sha512":"282d65828a43bfe50fe0f9aea8bca3838ac1b5250e7c7c359c066e0428aa723f001d31c2463681b2ad6816a49a8571bf9f3ae29b2dc53adf1bbd7d5c4471322b","ssdeep":"1536:fYE1JVoiB9JqZdXXe2pD3PgoIiulrUn6Z6a4tfOR7WpfWBZPBJda4w9W3qG9a98N:u4J+rlfOhWpgCW6G9a98Hrp","tlshash":"3583c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-05-27T12:05:48.702597Z","times_seen":12184,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v18/UcCo3FwrK3iLTcviYwY.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.877Z","timestamp":1737059596877,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Dec 2024 08:37:20 GMT","end":"Mon, 03 Mar 2025 08:37:19 GMT"},"fingerprint":{"sha1":"0A:7E:C7:68:03:0C:7D:D9:EA:D1:64:B5:09:F0:73:23:7E:07:0A:F2","sha256":"AC:04:9D:DD:39:52:BA:31:8E:A3:C7:1B:03:53:5D:B4:B0:43:D5:68:D9:70:93:D9:E7:C1:64:4E:8A:D3:72:2B"}}},"request":{"raw":"GET /s/inter/v18/UcCo3FwrK3iLTcviYwY.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://e5gpmrd.elites-sweetsthemeets.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 73080\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Jan 2025 14:03:37 GMT\r\nexpires: Fri, 16 Jan 2026 14:03:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 29 Jul 2024 22:45:17 GMT\r\ncontent-type: font/woff2\r\nage: 23379\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":73080,"size_decoded":73080,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 73080, version 1.0","md5":"b78b5c4671c26f1509dc6c7ff058398e","sha1":"cdd970d25e7e6a1810e728f4fb6ee35d1b5ae00b","sha256":"94ebe9c247ba14fd314a779358315f3e9dd2356c0e8070f42b208db2d5e21d6a","sha512":"4b07d6f4b9982a24ebcd2d1af65fd34899a8f3144481ad1dc7db7966e4ab9287032e87225359d0e75460dae4bfc2ca7a7434914d665b1cee66c4a559062ef14b","ssdeep":"1536:MzQO9bvgvo5VGHGOrNWFsr8PR3brlx/Aq0v5uKO/qr3q+5q+4:MzQG8voyzJu3brQq0v5u5y2+5F4","tlshash":"e363026760c8b3bce821517767876801f07aa02e8bce637a0741da77dd82b31b754896","first_seen":"2024-08-02T08:38:11Z","last_seen":"2026-05-27T03:31:06.685949Z","times_seen":2248,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":81,"dns":1,"connect":20,"send":0,"wait":23,"receive":41,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:opsz,wght@14..32,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.618Z","timestamp":1737059596618,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Dec 2024 08:37:20 GMT","end":"Mon, 03 Mar 2025 08:37:19 GMT"},"fingerprint":{"sha1":"40:E7:4C:FA:6D:23:B6:A9:19:0C:67:77:3A:43:22:D0:A4:CE:49:24","sha256":"06:52:12:65:60:CA:7F:5D:E6:72:0C:26:3B:A8:C5:A9:51:68:4D:2C:E4:2D:0C:4E:F7:63:D2:99:8C:AE:D8:06"}}},"request":{"raw":"GET /css2?family=Inter:opsz,wght@14..32,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 16 Jan 2025 20:33:16 GMT\r\ndate: Thu, 16 Jan 2025 20:33:16 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6264,"size_decoded":6264,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression","md5":"4e42f788fbc13c7d9813dfd2b9068ba6","sha1":"72e5eede058517367747ebc04ed0908b1d53ed33","sha256":"b1d3a81362778bc1190f691e7c45cd08e5113bb4c6b179ba61117a77e87735a0","sha512":"1b13b02b2ff9d6c25fccda68f225236dede6369e85df41a59c344346c78323eb60b8fce7efedfb8f256e8eb2a72d50c761820871250cf7e0dc1ba22823adfc64","ssdeep":"192:utEmxGPBlEpTb3dr7G8K1O0z0nl+q8INa0o7S:gEmxx5b3B3K19za+q8Ao7S","tlshash":"67d17d6ce5daa623d240fdf43bf06fe10e2db5168015d3ca4142309a221c6c93cd5daf","first_seen":"2025-01-16T20:33:41.643929Z","last_seen":"2025-01-16T20:33:41.643929Z","times_seen":1,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":117,"dns":1,"connect":20,"send":0,"wait":32,"receive":0,"ssl":92},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/videoquestion23/media/video-1.mp4","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:16.925Z","timestamp":1737059596925,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/videoquestion23/media/video-1.mp4 HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:17 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 931352\r\netag: \"e6ea91a06ca748a1cb83a22219c47fd4\"\r\nlast-modified: Wed, 20 Nov 2024 16:20:04 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 5bbf9b091ca9dd795595b773b0f1d036407937e2098457815217f1ddbc67c996\r\nx-amz-request-id: 181B468007CB482D\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 343\r\nx-ratelimit-remaining: 343\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732119599#464262021/gid:0/gname:root/mode:33188/mtime:1732119604#832263224/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-20T16:20:05.112Z\r\nexpires: Fri, 16 Jan 2026 20:33:17 GMT\r\ncache-control: max-age=31536000, no-transform\r\ncontent-range: bytes 0-931351/931352\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":931352,"size_decoded":931352,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"e6ea91a06ca748a1cb83a22219c47fd4","sha1":"a184fdd3422f521fce725656bed8a3f7cbe37877","sha256":"bd40dd957489d3e419c5c4dfc4fa2ef098d1f1f73f0517ce65dd5949ff744354","sha512":"1facfd13a2ea9db8d740951cd995fd49a35e37b934ae862fb7122d385921cf9e9e9b3706dd86b73df6d111c483f4dc0eb46d25afdb8843ffeedbe11aec14c4f9","ssdeep":"24576:1nexkjZ35quHE/VG3eujxfdIdh+udvrrS8sOna7Xg:1tj7qqE/g3eujx2dFvrmBOnIXg","tlshash":"0c15338f807362add7f4c33469f1ef54d666d83de8988110a4cc7a86e24d58aed39c27","first_seen":"2024-08-20T05:21:33Z","last_seen":"2026-05-27T10:32:56.660268Z","times_seen":2030,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":100,"receive":161,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/favicon.ico","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84","date":"2025-01-16T20:33:17.151Z","timestamp":1737059597151,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=84\r\nCookie: sid=t1~2gsmxjcink1tmsnwbq3fnf2x\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: openresty\r\ndate: Thu, 16 Jan 2025 20:33:17 GMT\r\ncache-control: no-transform\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-27T17:18:43.802994Z","times_seen":15783557,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":34,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-01-16","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}