{"report_id":"0d983a81-d513-46be-b052-6403ef4d5373","version":6,"status":"done","tags":[],"date":"2026-01-03T20:16:00Z","url":{"schema":"http","addr":"seoromania.top/","fqdn":"seoromania.top","domain":"seoromania.top","tld":"top"},"ip":{"addr":"84.32.84.32","port":0,"asn":47583,"as":"Hostinger International Limited","country":"Lithuania","country_code":"LT"},"final":{"url":{"schema":"http","addr":"seoromania.top/","fqdn":"seoromania.top","domain":"seoromania.top","tld":"top"},"title":"Parked Domain name on Hostinger DNS system","dom":{"size":30116,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (30116), with no line terminators","md5":"8d8df1288b8bb43b3009cb56580d9caf","sha1":"b692e97a985197595be2ea34339beabd63cbc8b2","sha256":"349f15d4bf42e2158c12401f5fb1c460f950dbf4810ea8ec30a401403b0df374","sha512":"71867308536d2c82ec5cef739b35f4c086ef66ab73e62641199f0079f801b3fdbbbf00a731f96ee3b14ad197c6e7d973a2a73a710f950f9a5b68c10eb695cbb0","ssdeep":"768:0xyktnCOgnRf/QKkqyXtMSW0tMJd1NSrnM3l:BhHnl5SW0ts17","tlshash":"30d219f2e2d031f5a00be7f5e8637969306e64bfbb654e88c6f00a84d1d19e9495cdc8","dom_hash":"domhash2cc94b779dc761328f7d4b9cef4a145a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"seoromania.top/","fqdn":"seoromania.top","domain":"seoromania.top","tld":"top"},"ip":{"addr":"84.32.84.32","port":0,"asn":47583,"as":"Hostinger International Limited","country":"Lithuania","country_code":"LT"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T20:16:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T20:15:36Z","timestamp":1767471336,"ip_dst":{"addr":"84.32.84.32","port":80,"asn":47583,"as":"Hostinger International Limited","country":"Lithuania","country_code":"LT"},"ip_src":{"addr":"172.18.0.15","port":42318,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-03T20:15:36.781077+0000\",\"flow_id\":1526405488197200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.15\",\"src_port\":42318,\"dest_ip\":\"84.32.84.32\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"seoromania.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1084},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":671,\"bytes_toclient\":7710,\"start\":\"2026-01-03T20:15:36.736848+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"seoromania.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2025-12-28T22:22:58.360429Z","alert_count":0,"request_count":1,"received_data":847,"sent_data":980,"comment":"","tags":null,"fingerprints":null},{"fqdn":"seoromania.top","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":6,"request_count":4,"received_data":147221,"sent_data":1592,"comment":"","tags":null,"fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-28T22:17:10.032556Z","alert_count":0,"request_count":1,"received_data":2415,"sent_data":504,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-12-28T22:17:36.419718Z","alert_count":0,"request_count":2,"received_data":783585,"sent_data":886,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-28T22:14:05.525046Z","alert_count":0,"request_count":1,"received_data":63294,"sent_data":540,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.no","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2025-12-28T22:19:36.894477Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":749,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"seoromania.top/","fqdn":"seoromania.top","domain":"seoromania.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a5bdb7b4f2e9bca93b4c1b620250e62","sha1":"dac5f1d0d196bb3ac8821999c464dde1d59f2007","sha256":"2b12e91c87791f8da307131abd39fdc04cf52fc8c343c2a45f7d14dbc2af5ba5","sha512":"ce18ac83fc51c8052b951660ddc93e023449af50ab29ff30affc7502e9b28fd2f50f4610955e875cbb33b58a3f2c8fa9e8419737393c146d7cecf1ce9f55b6cd","ssdeep":"","tlshash":"85c092ec3a578ca192ef0ba10baf76042995331094907a680826f1892627d676199d94","size":131,"data":"","first_seen":"2023-04-18T13:38:00Z","last_seen":"2026-03-31T08:32:59.209666Z","times_seen":5998,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T20:15:36Z","timestamp":1767471336,"ip_dst":{"addr":"84.32.84.32","port":80,"asn":47583,"as":"Hostinger International Limited","country":"Lithuania","country_code":"LT"},"ip_src":{"addr":"172.18.0.15","port":42318,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-03T20:15:36.781077+0000\",\"flow_id\":1526405488197200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.15\",\"src_port\":42318,\"dest_ip\":\"84.32.84.32\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"seoromania.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1084},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":671,\"bytes_toclient\":7710,\"start\":\"2026-01-03T20:15:36.736848+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-S4HMJ5EXYY\u0026cx=c\u0026gtm=4e5ca1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"17d10b295c829ada9ac70450e63b2edc","sha1":"9c3b940be36bf338af547b7811086b61bd8184cd","sha256":"25ffe98a89e4018143d195441efb44035d07fa54d0b4451206629222c5af9784","sha512":"96a334765f64ca134dbcba3d48d9deb3113a63d0e056e76d8474d4481cdbba6eabadbd9304759bcb9d78fd28855bb091223759289e1436f31a2b4f6ea25f98b5","ssdeep":"6144:mQIe7ma2bulKYX61u99Yye5HDmHYmyBFzvnsCmoWllEzPad4XEPPrk:cC8bu7q1mcrns6WdwEA","tlshash":"0aa4088e73c674269396f478503f02cba97b29e2b45cc89ab1c9ccf02d7459a4167f78","size":461508,"data":"","first_seen":"2026-01-03T20:09:41.873979Z","last_seen":"2026-01-04T07:45:58.039164Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"seoromania.top/sandbox%20eval%20code","fqdn":"seoromania.top","domain":"seoromania.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-04T02:30:45.877631Z","times_seen":770763,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-04T02:30:45.87274Z","times_seen":769214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-26575989-44","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d93a2c07263e6e91dccffeffc2bbf8a","sha1":"7ebd4191263d9241ff5318193bb6f33193f9976c","sha256":"9d8cf4ec418dc29f55dc9bb66d11d6c43af701f39c5539a2c088da28dba5084c","sha512":"ce51f7f1c9735b9c17af2098c8c997305ad5a7783ff8a634950e0abea60a73ff557851554eabebfd5c14fe9cfed59710895cd2456936529aa6f5e832d6fc4ccb","ssdeep":"6144:NIeJ92bulKYv9VGDmHYmyBFzfns1RnWC46pJem:upbu7lEDnsrWCDpF","tlshash":"3c6408c9b3da74268393a474503f108ba27b79d2e84cc895f185ccd42e74aaa4277f7d","size":320843,"data":"","first_seen":"2026-01-03T18:55:16.097046Z","last_seen":"2026-01-04T07:45:58.033021Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"seoromania.top/","fqdn":"seoromania.top","domain":"seoromania.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3272d163e3e9d981d0d9fe47f20e58a9","sha1":"3474bc3c5b6adc8ca1fb3e3574dc9f17177bf6dc","sha256":"512ce26738b3e75e12848b82c6dcd91aa585de48d119d667ebc8f807a787eded","sha512":"13ce92182dba43d03d4b71417fa97949a21809682f5d60a8b7e501fb39884cf99e74c7637cf1cdc14e855560424be038dad6fba9dc1b9c03f4e6c5d4cc1da541","ssdeep":"","tlshash":"b081b59377912cb756e62d4728cf3104a4fcd559a59814089e014aca04b8ff6e53efec","size":3958,"data":"","first_seen":"2025-10-23T16:23:34.582026Z","last_seen":"2026-03-05T07:32:40.589589Z","times_seen":3624,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T20:15:36Z","timestamp":1767471336,"ip_dst":{"addr":"84.32.84.32","port":80,"asn":47583,"as":"Hostinger International Limited","country":"Lithuania","country_code":"LT"},"ip_src":{"addr":"172.18.0.15","port":42318,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-03T20:15:36.781077+0000\",\"flow_id\":1526405488197200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.15\",\"src_port\":42318,\"dest_ip\":\"84.32.84.32\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"seoromania.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1084},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":671,\"bytes_toclient\":7710,\"start\":\"2026-01-03T20:15:36.736848+0000\"}}"}],"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-S4HMJ5EXYY\u0026gtm=45je5ca1v9135860898za20g\u0026_p=1767471337265\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1051705168.1767471338\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAI\u0026_s=1\u0026tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391252~115583767~115938465~115938468~116184927~116184929~116251938~116251940\u0026sid=1767471337\u0026sct=1\u0026seg=0\u0026dl=http%3A%2F%2Fseoromania.top%2F\u0026dt=Parked%20Domain%20name%20on%20Hostinger%20DNS%20system\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026tfd=846","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://seoromania.top/","date":"2026-01-03T20:15:37.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-S4HMJ5EXYY\u0026gtm=45je5ca1v9135860898za20g\u0026_p=1767471337265\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1051705168.1767471338\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAI\u0026_s=1\u0026tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391252~115583767~115938465~115938468~116184927~116184929~116251938~116251940\u0026sid=1767471337\u0026sct=1\u0026seg=0\u0026dl=http%3A%2F%2Fseoromania.top%2F\u0026dt=Parked%20Domain%20name%20on%20Hostinger%20DNS%20system\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026tfd=846 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://seoromania.top/\r\nOrigin: http://seoromania.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: http://seoromania.top\r\ndate: Sat, 03 Jan 2026 20:15:37 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:170:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:170:0\r\nreport-to: {\"group\":\"ascnsrsggc:170:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:170:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":81,"dns":0,"connect":8,"send":0,"wait":19,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"seoromania.top/","fqdn":"seoromania.top","domain":"seoromania.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T20:15:36.461Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: seoromania.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":214,"connect":19,"send":0,"wait":0,"receive":0,"ssl":22},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T20:15:36Z","timestamp":1767471336,"ip_dst":{"addr":"84.32.84.32","port":80,"asn":47583,"as":"Hostinger International Limited","country":"Lithuania","country_code":"LT"},"ip_src":{"addr":"172.18.0.15","port":42318,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-03T20:15:36.781077+0000\",\"flow_id\":1526405488197200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.15\",\"src_port\":42318,\"dest_ip\":\"84.32.84.32\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"seoromania.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1084},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":671,\"bytes_toclient\":7710,\"start\":\"2026-01-03T20:15:36.736848+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"seoromania.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://seoromania.top/","date":"2026-01-03T20:15:36.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /css2?family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://seoromania.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 03 Jan 2026 20:15:37 GMT\r\ndate: Sat, 03 Jan 2026 20:15:37 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1729,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"5ffc15542a2c42f67876d646f086f9eb","sha1":"a075c5d2469c886c1e4c2aeb9be62dcb436c26d6","sha256":"fb05ad76b6b4f1c851a30b94a677bae20d3d99203e83ebdfc3772aa6accc55f2","sha512":"a19fb78fa78c8a5c6fba1a37f25e4860f7011ca00f209d840890ee156fabef593c7de21a57116c0777eec28568fe4a3337afdef886414fa08831d7885b88259c","ssdeep":"","tlshash":"9231df81087b6114e7571dc122ce7e32ef1fa1906454a874bbfe2894fc56c6e5371b4d","first_seen":"2025-09-12T01:48:17.883282Z","last_seen":"2026-04-04T01:09:40.736488Z","times_seen":5363,"resource_available":false,"data":null}},"time_used":628,"timings":{"blocked":295,"dns":1,"connect":14,"send":0,"wait":31,"receive":0,"ssl":284},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-26575989-44","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://seoromania.top/","date":"2026-01-03T20:15:36.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:40 GMT","end":"Wed, 25 Feb 2026 15:49:39 GMT"},"fingerprint":{"sha1":"A1:49:37:FE:E0:3E:26:88:A3:64:37:DC:04:D7:8D:D1:D3:F3:91:75","sha256":"BB:61:22:1A:6C:67:5D:C0:C8:A6:73:93:B9:53:82:98:95:54:B5:52:8B:33:FC:08:58:01:D2:3B:FF:E6:35:12"}}},"request":{"raw":"GET /gtag/js?id=UA-26575989-44 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://seoromania.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 20:15:37 GMT\r\nexpires: Sat, 03 Jan 2026 20:15:37 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sat, 03 Jan 2026 18:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 111318\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":320843,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"4d93a2c07263e6e91dccffeffc2bbf8a","sha1":"7ebd4191263d9241ff5318193bb6f33193f9976c","sha256":"9d8cf4ec418dc29f55dc9bb66d11d6c43af701f39c5539a2c088da28dba5084c","sha512":"ce51f7f1c9735b9c17af2098c8c997305ad5a7783ff8a634950e0abea60a73ff557851554eabebfd5c14fe9cfed59710895cd2456936529aa6f5e832d6fc4ccb","ssdeep":"6144:NIeJ92bulKYv9VGDmHYmyBFzfns1RnWC46pJem:upbu7lEDnsrWCDpF","tlshash":"3c6408c9b3da74268393a474503f108ba27b79d2e84cc895f185ccd42e74aaa4277f7d","first_seen":"2026-01-03T18:55:16.097046Z","last_seen":"2026-01-04T07:45:58.033021Z","times_seen":38,"resource_available":true,"data":null}},"time_used":335,"timings":{"blocked":126,"dns":1,"connect":15,"send":0,"wait":40,"receive":40,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"seoromania.top/bold-moves.webp","fqdn":"seoromania.top","domain":"seoromania.top","tld":"top"},"ip":{"addr":"84.32.84.32","port":80,"asn":47583,"as":"Hostinger International Limited","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://seoromania.top/","date":"2026-01-03T20:15:36.900Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /bold-moves.webp HTTP/1.1\r\nHost: seoromania.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://seoromania.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 03 Jan 2026 20:15:37 GMT\r\nContent-Type: image/webp\r\nContent-Length: 87332\r\nConnection: close\r\nVary: Accept-Encoding\r\nServer: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: d02eb3a0448c55540ecc694d47b93a60-fra-edge2\r\nExpires: Sat, 03 Jan 2026 20:15:36 GMT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":87332,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e026a675d0fcd9cd20321c1b111f8fe7","sha1":"b91336d5241a7d3a20d88872d3058c6dc7da774f","sha256":"f0d60a0a71d9c16e9a1769fa1a956c207c5950ae1663488ccd7fd185c9f7c219","sha512":"a76d3794a88f1277ddeb062d168fe1c29935343fecb00d1086e660456a775b096b387c3f73c4922b3b1d2a87ed78bd1db3652ef06bff2ab99fad042d09ffa698","ssdeep":"1536:sGZK/PZlovqyH2wS3yeIUb2GQCvsd2SLxrijHNlozhi9bi/BaOoMrSn0eEdKr8lT:sGExloiFwS3oci8OvrYQoMrU0J5l8O","tlshash":"108312065fd26fb4e06c3cb6212fd5ea1ca021c69384746563c153a722b7bf6c63ead4","first_seen":"2025-10-23T16:23:34.57286Z","last_seen":"2026-04-04T00:33:46.351507Z","times_seen":4045,"resource_available":false,"data":null}},"time_used":733,"timings":{"blocked":324,"dns":1,"connect":20,"send":0,"wait":21,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"seoromania.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-S4HMJ5EXYY\u0026cx=c\u0026gtm=4e5ca1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://seoromania.top/","date":"2026-01-03T20:15:37.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:40 GMT","end":"Wed, 25 Feb 2026 15:49:39 GMT"},"fingerprint":{"sha1":"A1:49:37:FE:E0:3E:26:88:A3:64:37:DC:04:D7:8D:D1:D3:F3:91:75","sha256":"BB:61:22:1A:6C:67:5D:C0:C8:A6:73:93:B9:53:82:98:95:54:B5:52:8B:33:FC:08:58:01:D2:3B:FF:E6:35:12"}}},"request":{"raw":"GET /gtag/js?id=G-S4HMJ5EXYY\u0026cx=c\u0026gtm=4e5ca1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://seoromania.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 20:15:37 GMT\r\nexpires: Sat, 03 Jan 2026 20:15:37 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 150601\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":461508,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7828)","md5":"17d10b295c829ada9ac70450e63b2edc","sha1":"9c3b940be36bf338af547b7811086b61bd8184cd","sha256":"25ffe98a89e4018143d195441efb44035d07fa54d0b4451206629222c5af9784","sha512":"96a334765f64ca134dbcba3d48d9deb3113a63d0e056e76d8474d4481cdbba6eabadbd9304759bcb9d78fd28855bb091223759289e1436f31a2b4f6ea25f98b5","ssdeep":"6144:mQIe7ma2bulKYX61u99Yye5HDmHYmyBFzvnsCmoWllEzPad4XEPPrk:cC8bu7q1mcrns6WdwEA","tlshash":"0aa4088e73c674269396f478503f02cba97b29e2b45cc89ab1c9ccf02d7459a4167f78","first_seen":"2026-01-03T20:09:41.873979Z","last_seen":"2026-01-04T07:45:58.039164Z","times_seen":39,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Hp2ywxg089UriCZOIHTWCBl0-8Q.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://seoromania.top/","date":"2026-01-03T20:15:37.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Hp2ywxg089UriCZOIHTWCBl0-8Q.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://seoromania.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 62460\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 03 Jan 2026 11:05:38 GMT\r\nexpires: Sun, 03 Jan 2027 11:05:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 32999\r\nlast-modified: Wed, 10 Sep 2025 16:30:17 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":62460,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 62460, version 1.0","md5":"4c04ee82dc1deb4f32b244195d258e9b","sha1":"9bd2bc9c6f54075acd20589f87c17a73e3ab07b3","sha256":"ab72fd10c9ac5633c1f9ae4267864b674596062e023458e02973080bd1098904","sha512":"43bd417c75382fbcad7a44c73db7ec8e883bb505b63215ec67488eb205b61acd94031d5740bdf70cf413fcb126ac6a567b4c71831eeb063e5643fa0adc704895","ssdeep":"1536:Hjv9lkTtdw0aS3yPvWdfDSFdW6KK8zPJ86DQMBXQX:Hz9ceS3y2FDSFdRKNzPJj5gX","tlshash":"8753028264d3489c8c8b69d354847f1c707ef88fc1b88995a8e33ca14d4b1e6e85ad7f","first_seen":"2025-09-11T19:26:36.805532Z","last_seen":"2026-04-04T01:13:07.745852Z","times_seen":7226,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":111,"dns":1,"connect":20,"send":0,"wait":22,"receive":34,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-S4HMJ5EXYY\u0026cid=1051705168.1767471338\u0026gtm=45je5ca1v9135860898za20g\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391252~115583767~115938465~115938468~116184927~116184929~116251938~116251940\u0026z=383569063","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://seoromania.top/","date":"2026-01-03T20:15:37.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:28 GMT","end":"Wed, 25 Feb 2026 15:59:27 GMT"},"fingerprint":{"sha1":"26:28:32:29:0D:EC:7C:A6:70:C6:B4:55:22:40:CC:C6:C2:BE:44:6D","sha256":"BA:6B:58:64:89:F9:73:7D:3A:37:E9:08:D4:E1:6A:49:39:B9:EF:6C:43:F6:DC:F5:92:3D:2C:1E:95:7E:10:94"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-S4HMJ5EXYY\u0026cid=1051705168.1767471338\u0026gtm=45je5ca1v9135860898za20g\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391252~115583767~115938465~115938468~116184927~116184929~116251938~116251940\u0026z=383569063 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://seoromania.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sat, 03 Jan 2026 20:15:37 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-04T02:31:27.883741Z","times_seen":761419,"resource_available":true,"data":null}},"time_used":298,"timings":{"blocked":124,"dns":1,"connect":27,"send":0,"wait":48,"receive":0,"ssl":94},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"seoromania.top/","fqdn":"seoromania.top","domain":"seoromania.top","tld":"top"},"ip":{"addr":"84.32.84.32","port":80,"asn":47583,"as":"Hostinger International Limited","country":"Lithuania","country_code":"LT"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T20:15:36.745Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: seoromania.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 03 Jan 2026 20:15:36 GMT\r\nContent-Type: text/html\r\nContent-Length: 11126\r\nConnection: close\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nServer: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 0d1385b616545f37f892a5c4d915da18-fra-edge1\r\nExpires: Sat, 03 Jan 2026 20:15:35 GMT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":29410,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (29410), with no line terminators","md5":"aa17814a80b61fc810994be67de2ec65","sha1":"d29b512e248afa4356ac564f50371235f325e227","sha256":"a588da31d3bd9ffcf8553eca8cdd16abcf4852058f9ae0536b854035b8936913","sha512":"3a46dc5f29e11b2195ae54ca1011fec5194026370afdca2764104473c8b54df5bbcdc3c9f121e4e660a6f9d1b129ae4bd127dac2e57fabfe530a21b571c6ae7e","ssdeep":"384:nxFmHpsFtnEMv6BnspeqSWH2Y/AlkdxyBb8POjJvBNdA21ybS6TYypf4/PMgIzxo:nxyktnE+gnsM3bHlkdxyRvv51SSBnM3O","tlshash":"34d23bf3e3d421f9b047e7f5e8526a58707a647bfb664f88c6e04a88c1c146d4a9cd88","first_seen":"2025-10-23T16:23:34.577769Z","last_seen":"2026-03-05T07:32:40.5809Z","times_seen":3573,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":13,"dns":1,"connect":20,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T20:15:36Z","timestamp":1767471336,"ip_dst":{"addr":"84.32.84.32","port":80,"asn":47583,"as":"Hostinger International Limited","country":"Lithuania","country_code":"LT"},"ip_src":{"addr":"172.18.0.15","port":42318,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2026-01-03T20:15:36.781077+0000\",\"flow_id\":1526405488197200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.15\",\"src_port\":42318,\"dest_ip\":\"84.32.84.32\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"seoromania.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1084},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":671,\"bytes_toclient\":7710,\"start\":\"2026-01-03T20:15:36.736848+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"seoromania.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"seoromania.top/favicon.ico","fqdn":"seoromania.top","domain":"seoromania.top","tld":"top"},"ip":{"addr":"84.32.84.32","port":80,"asn":47583,"as":"Hostinger International Limited","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://seoromania.top/","date":"2026-01-03T20:15:37.476Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: seoromania.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://seoromania.top/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 03 Jan 2026 20:15:37 GMT\r\nContent-Type: text/html\r\nContent-Length: 11126\r\nConnection: close\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nServer: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: b7e3030119180a3750d7288e206c31b2-fra-edge2\r\nExpires: Sat, 03 Jan 2026 20:15:36 GMT\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":29410,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (29410), with no line terminators","md5":"aa17814a80b61fc810994be67de2ec65","sha1":"d29b512e248afa4356ac564f50371235f325e227","sha256":"a588da31d3bd9ffcf8553eca8cdd16abcf4852058f9ae0536b854035b8936913","sha512":"3a46dc5f29e11b2195ae54ca1011fec5194026370afdca2764104473c8b54df5bbcdc3c9f121e4e660a6f9d1b129ae4bd127dac2e57fabfe530a21b571c6ae7e","ssdeep":"384:nxFmHpsFtnEMv6BnspeqSWH2Y/AlkdxyBb8POjJvBNdA21ybS6TYypf4/PMgIzxo:nxyktnE+gnsM3bHlkdxyRvv51SSBnM3O","tlshash":"34d23bf3e3d421f9b047e7f5e8526a58707a647bfb664f88c6e04a88c1c146d4a9cd88","first_seen":"2025-10-23T16:23:34.577769Z","last_seen":"2026-03-05T07:32:40.5809Z","times_seen":3573,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":1,"dns":1,"connect":19,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"seoromania.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}