{"report_id":"86a9528f-879b-4968-8516-c484a480e2c0","version":0,"status":"done","tags":["crypto","phishing"],"date":"2026-06-11T20:19:17Z","url":{"schema":"http","addr":"ggoldexchange.com","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"title":"Badoo","dom":{"size":106,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"e44de33b775a6ca866776145aafd3c78","sha1":"a9079dab1e89170b39c1da665c53e733b00c498d","sha256":"efd4595fecc095473a8a523dc934dfcbc565075ce46a4c662563112f0f878839","sha512":"a54a60a1b1f2e04fcff54ccc8641bbe5d0aaa1d1395e7ba515609afe36dbab28a910cc7522abfc8c2f7afd18914f27f0210fc6046aad8a04912ae09bc05a6bdc","ssdeep":"","tlshash":"6db092f56412000aa620aba089daf20849408511e0098c40a49031ec848c609d8a3690","dom_hash":"domhash5e6292264e4e9b437727682de9d4390f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ggoldexchange.com","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-16T20:19:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]},"summary":[{"fqdn":"badoo.com","ip":{"addr":"31.222.67.112","port":443,"asn":12678,"as":"Greysom Limited","country":"Czechia","country_code":"CZ"},"domain_registered":"2003-05-26","domain_rank":2272,"first_seen":"2014-03-16T10:57:18Z","last_seen":"2026-06-06T15:21:47.101011Z","alert_count":0,"request_count":3,"received_data":48647,"sent_data":1728,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ggoldexchange.com","ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":31,"request_count":28,"received_data":3146823,"sent_data":15074,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]}]},{"fqdn":"consent.badoo.com","ip":{"addr":"13.249.8.36","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2003-05-26","domain_rank":1944118,"first_seen":"2021-12-22T09:37:46Z","last_seen":"2026-06-06T15:21:48.144723Z","alert_count":0,"request_count":3,"received_data":7952,"sent_data":2505,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-06-07T22:29:27.813409Z","alert_count":0,"request_count":2,"received_data":922170,"sent_data":956,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/_ssgManifest.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b6652df95db52feb4daf4eca35380933","sha1":"65451d110137761b318c82d9071c042db80c4036","sha256":"6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e","sha512":"3390c5663ef9081885df8cdbc719f6c2f1597a4e25168529598097e9472608a4a62ec7f7e0bc400d22aac81bf6ea926532886e4dc6e4e272d3b588490a090473","ssdeep":"","tlshash":"98a001e0943cdc60aa63dd1c136413128fa05122651d28938afd3044c0301510300d90","size":77,"data":"","first_seen":"2023-03-07T01:03:02Z","last_seen":"2026-06-12T07:50:51.886288Z","times_seen":233770,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-NRVTQM9","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"54980e1c9d4715761030a0f97f266f7c","sha1":"cf5e1487fa9b294a2e1a894e3c1119128bb74921","sha256":"05f1eece0015341504b0faef3d73dbe05221f2fa2470e62fbeb5c84374fa07fb","sha512":"4159a787ae1bba4fa9bf9fc4c34f7abd917a3d848c0c132629c9f7df21b317565bf9f61f96fce75251e0dd5f02f8c29e854756f8dc4e83719757e3df1a2104e9","ssdeep":"6144:xPbRG8s5XtjLAut8QF1TpqBEzVTIFBuA6++iYf:xsHtj6S+G","tlshash":"8ba409ceb3d674625393b478903f018ba17a29e2b44cc899f189cce42e7459a4277f7d","size":460455,"data":"","first_seen":"2026-06-11T20:19:30.465894Z","last_seen":"2026-06-11T20:19:30.465894Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/ab34cb03dc3fbf4e.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7dd7565ad3de37b6ad7e7b4a8e986d02","sha1":"1520482c19f23187dc4031d322540feb89624fe6","sha256":"bdea4329e6032cdeaa545ff37645687c2ed5922c02d4937e5299583880876d48","sha512":"a4d155079c821e3d5ffe39d2868f70862da097155dd929ec517ed1f6d71b92760a72853a5b8f4b5dbe0b791577a83d1519cb53bd96ae063b75d009ea58113ca5","ssdeep":"","tlshash":"b25194c932f0f4a643276168852f4007f22b9877056de8a0e770c9b5bc7280f8126fae","size":2460,"data":"","first_seen":"2026-01-13T23:13:08.457856Z","last_seen":"2026-06-11T20:19:30.462156Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c2797b96f68f5f58076036820afd56f3","sha1":"dc05dd3dc62c4cce205c1cd142d77a1f427ff16d","sha256":"76b8dd056b5ad6b966e5f112103d93df4c58c01781a088e207039f7659e9f64c","sha512":"7ed15d0e755cef907f8ed8b33340672fac33512d38d399f8c8518c34d37ecab879a915c8edffb2bbba0c61b37ad4223f4d29628f428df7273e265afe45d961e6","ssdeep":"","tlshash":"57e0a3bf741128761b5d55f563b477167183161ca80a4d21cdefc614276c9874c26588","size":435,"data":"","first_seen":"2023-11-19T02:20:43Z","last_seen":"2026-06-11T20:19:30.479852Z","times_seen":276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/f79d53009f25654d.js?2.2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e545234b9375e4045bf59f2bdf7a42e7","sha1":"2db8204fce59be9e25cc90b1f2019917a4af51c3","sha256":"e5389f26d1a7b35ca0924457f60681b494ca414aa8f790d8f5e5b5632961844e","sha512":"3425eda50d356b9d26ff5f8c8fc911e10d7346a8b1729154dcd50e3107f97e4552255aa99bd393e8b24123398404862f3d281c6436b3a6bd9cb43d69028d71ad","ssdeep":"1536:ZpsWIi0S+Gu96XtHjMatodxoQBfhBbuserqQBCoSavEhzguhPM:ZptIiQ96dDM2of1ZYrqc","tlshash":"2af3a46a75e1187460073bb96c3f68097422144b1e99bd583f6c9690ef2c82f62f6fcd","size":160837,"data":"","first_seen":"2026-06-11T20:19:30.450694Z","last_seen":"2026-06-11T20:19:30.450694Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/ed11533061d42ec4.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"77f876c6a0461c06a33f8fa42b129fd2","sha1":"9aed9ca43095c05954671496a6aa1f7945415fb4","sha256":"e7bf9ed83b75feeb5f213d7950dd6ed6aa9ccb2524472508a709c7b4c1fd94ce","sha512":"294877a0562063282ac75d3026faf2572dd457673dc500b21e90edd17d2689b7e7facbe4f86e9dcc6ab8198fc89dbbcd8471eaa57af33a49a354300a2dfa1dc4","ssdeep":"","tlshash":"d201c0d83ff07916a13711b8913b250632aa247b298d5d90b278447a6e77a6e8101ac7","size":680,"data":"","first_seen":"2026-03-22T14:32:14.200254Z","last_seen":"2026-06-11T20:19:30.464217Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7f181583f53ad4effb5219baa1365a65","sha1":"16b6dc9f2cb720b1ced104cec1dd6670a2fd467c","sha256":"f85b7c4be4657352036eca71ced3207246b9487abb3cc7488c20f3749f0481b2","sha512":"b37495eae19bceb0f085f8d91aa8346d8b4eb9c52c6ba1983985b179dd7259c06b5eb5087c30831b24e6527fe27775dae23b6962ccb4682c246a5e471d6b0832","ssdeep":"","tlshash":"ab61dc0b79e220319553323d16af61427a70c5bb2a8ee8403e5c42b4efd687e17b5b8c","size":3265,"data":"","first_seen":"2026-06-11T20:19:30.480467Z","last_seen":"2026-06-11T20:19:30.480467Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"826898543ba044c8cb438038b26c1f4e","sha1":"a8081daa53935b97feb666864721727839af1c92","sha256":"1cd422bbd382e04fe8b501c44018864aeb18c39989850821823e51dd4ea73bb3","sha512":"7fd2f82c80d50c27183bc6afbea0c2487bc23017a1a1350ceee9df78c34f9c0e82443a44b7a20f656bf78814652b4329987af7f5dc4f13169e7bea27e627ff93","ssdeep":"","tlshash":"7431465e9ae391569573b079c77fe00139708567254cdd003c9ca190ef568341bf6bd8","size":1550,"data":"","first_seen":"2026-06-11T20:19:30.489989Z","last_seen":"2026-06-11T20:19:30.489989Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a0f841d9c009058363047d675f62d97","sha1":"3cb4bb4822b1b4fa948955bed18105bc80da7264","sha256":"012e253896d0feb4fd97c711b49a45655aa4316067749f09a8f9bde0fe523f4c","sha512":"b647d14472d204cef3f8883bb6ef58576718ebf286cb51868fcf01c8826fd6870a6b0cf129674bdbdeabd186ab4abbb92fb23a877615a5b3a389354b7a75efee","ssdeep":"","tlshash":"b8415a0d19eb14a6269b30b67b1f3a06713069872415ed007f8de74edfb581f8662bca","size":2303,"data":"","first_seen":"2026-06-11T20:19:30.492025Z","last_seen":"2026-06-11T20:19:30.492025Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa73f3e123f737cb4d3fdbe678acaa27","sha1":"00c55d642d341ca52ffcf2fa198da503218fd65e","sha256":"2a764608f56596c4871aba0846ad1af90765a7fe2af0f7cf6d832d0227c1d404","sha512":"73a8837c425760ce4084d9b90653b6780bb5ffff44945df8ae388c9562b205301f0d7d5371ee5e9ca3b340fb8b4450bba4ac787bb0b43f0ef194eeea0ecd8c66","ssdeep":"","tlshash":"05d08c9d11c2204cca6880581e3e3a07f611821b0c8db650b78e8f623f0f29fe6b67cc","size":203,"data":"","first_seen":"2026-06-11T20:19:30.493819Z","last_seen":"2026-06-11T20:19:30.493819Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5c5d6c67d530f4ec1d258425a3e0a343","sha1":"c57131ffef8e25d88d831e5013196b1289e74a90","sha256":"c6ee6104655a412dd894fe676b3a240894c25aadff9d52f4225606c4c281fdb8","sha512":"ad10983d179617fbba39c3d6fb6572f4eb95ced7ff10c73c67419b98c404c898864b2490b7c297c9bb59cf0d528c4a8f7ae2b47c11794f077f86ca31c387e2ad","ssdeep":"","tlshash":"b9f0c96b29c708312c2b50baa7364b0230d2322ba041c9323cedd40a6f0cad60e60f9c","size":580,"data":"","first_seen":"2026-06-11T20:19:30.49675Z","last_seen":"2026-06-11T20:19:30.49675Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/gdpr-tcf.27718c8cb9d29947d2c1.bundle.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7346b54d559e4a3d7c8a0bd69d653dfc","sha1":"8c230d0bf7b4fcfe760e5574971cddd8931e2c75","sha256":"02aa605423b0682f9df507dd719cd536591c2b6f3669d72d27c48fbbc13fb5be","sha512":"e5e0fae49f512f9a923c7ea70191901b659c8f92c87d55ea101aa634a23c3e2e992dd9284eda7f60d2c66cd37e48f4106a1d87f14a4dd853fd7d614a40441a59","ssdeep":"768:MC4d4bCODQ01rEUkEM+uCHsjcQyPHCJTMXCJNCwLjspLH+PkXJ3+5NoU13TAIGGf:2KXTaQKHspLbooU13TAIZb4tpLGbC5Bm","tlshash":"91f3b48cb2d1f0b143d7a2b1402f500bf3796965989dd0a0a275dcf1adf688e8677f1a","size":164342,"data":"","first_seen":"2026-02-25T16:23:40.90149Z","last_seen":"2026-06-11T20:33:50.40622Z","times_seen":5076,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/wrapperMessagingWithoutDetection.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d2c12321d621b817bdf31cb82604b52","sha1":"0275aac9467db593feb0bc289745df93443d0d64","sha256":"7022e4a7f798da10076936623230291bd5781f50e9e9323d419e4060c19ff66d","sha512":"162109caf3914efcae67e39035b268087105510a18ab295e6b3c846d82e281146e4bc7f6d09943fb5f7fbc22bc1154ca9df0922c29e7038aa3485cf51a9f23a5","ssdeep":"1536:DkecL8iXhHgemaVhepR6cB6o+S3m8v8NZdmD5Cj4t0F:GLtxHQpRbAjWm68/oD5ft0F","tlshash":"ddd3f68e76d5f4f603e321f4501f610bb2766859b85d9480e211d8e0bc7ad8ea237f6e","size":140950,"data":"","first_seen":"2026-02-25T16:23:40.874013Z","last_seen":"2026-06-11T20:33:50.487332Z","times_seen":8774,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-NRVTQM9","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c963ade95e46db0a467cc136552d03b","sha1":"0d1cdc996a25e9a659312a05e4fb0ea75de8a7b4","sha256":"80245371913aa026e14e2b683954c1f36c2d6e36de4bc5ff2353e07362eedd01","sha512":"78cbda9e8fedb9501fb5974c9dfacbe3bda229a04dbad205c5063c009d64a4680d1dd0b61dc54f88fc55c074706ab641671abf60fb012912b65fd5e054859cc9","ssdeep":"6144:VPbRG8s5XtjLAut8QF1TpqBEzVTIFBuA6++iYf:VsHtj6S+G","tlshash":"caa409ceb3d674625393b478903f018ba17a29e2b44cc899f189cce42e7459a4277f7d","size":460435,"data":"","first_seen":"2026-06-11T20:19:30.455684Z","last_seen":"2026-06-11T20:19:30.455684Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/9eda42229cf81b2e.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1116fbff44b7435be95347d455e1e825","sha1":"85137308c9182b9063e60c8bd0e22aaa6b7920d5","sha256":"be2a9b815508735191d7ac7290e15fc1d79cc338e85e0e01cb2a48d930c081e9","sha512":"276d617a6f1d8036a1d9c1e61db82703d4dee04734a225a9e2fa626318c8e37edc64f3a21e6de48d1e66e2bf1ddcc32e5621cb0f7fe6f8bbc7980bc1c49e8167","ssdeep":"768:72Rd9W9Rgeoe+pAZCUOEjTKpBswA3waD78:72Rd9WjgrbUOnswA398","tlshash":"da03c7cdb681b0b156932579953f512fb33f7e55240cc440a12ee8c839b8acee127e7a","size":38713,"data":"","first_seen":"2026-03-22T14:32:14.164513Z","last_seen":"2026-06-11T20:19:30.450033Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/c1376fa03686f16d.js?2.2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e6bf31e8887dbe585a874ccb9ff0b27","sha1":"b61d29ac0ac220524dac83f191ba92909f002204","sha256":"e3eda49f36caee71b1a6aea152759b434addc78d14cc7a0099d8bc5134118544","sha512":"da0f0c244e481fae8d1299353e0694123c7b94be13d47c2ed41fc41316ecbe1bec93fb1212e5f5df74ade3a2961e60e2501bc121534b8255458ab2034d4268e7","ssdeep":"384:JCBo6UzR7csCgKfxbrbQ7FBQds1qYbrw3hq:MjU17csCgKf1bmFBys1qYbrd","tlshash":"4dd20029a2e11c31685739bd4e7f2c097525110b5f90be1c3a4ca2d4df2c82e67b6f9d","size":28713,"data":"","first_seen":"2026-06-11T20:19:30.472945Z","last_seen":"2026-06-11T20:19:30.472945Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/gtm.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9339fef6fae5fd1c2747fc62a9b6b388","sha1":"ad52f307730db0af4930798774ae9dc24edba8fc","sha256":"b39c0a21cc3699945704a1ee3871b5a030232bfdac29c85fa7fa9b7562d07ee7","sha512":"3e974709dd80713c7d5dd46b6236c0242c2152fea9c4dee6c0a8652c30f6c3a43c8760fe4f8875e434f2894f5333003a1486c360f630510cca34fbc349912587","ssdeep":"6144:gKj0QYVfY+yH+tTeDFHP2QcXFHd2BpJZttqMSMp:gBVfY+vaFfaAp","tlshash":"73a409cdb3d6746253a2b478903f018ba57a28e2f44cc899f186cce42e7465a4277f7d","size":455853,"data":"","first_seen":"2026-06-11T20:19:30.458916Z","last_seen":"2026-06-11T20:19:30.458916Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7f181583f53ad4effb5219baa1365a65","sha1":"16b6dc9f2cb720b1ced104cec1dd6670a2fd467c","sha256":"f85b7c4be4657352036eca71ced3207246b9487abb3cc7488c20f3749f0481b2","sha512":"b37495eae19bceb0f085f8d91aa8346d8b4eb9c52c6ba1983985b179dd7259c06b5eb5087c30831b24e6527fe27775dae23b6962ccb4682c246a5e471d6b0832","ssdeep":"","tlshash":"ab61dc0b79e220319553323d16af61427a70c5bb2a8ee8403e5c42b4efd687e17b5b8c","size":3265,"data":"","first_seen":"2026-06-11T20:19:30.480467Z","last_seen":"2026-06-11T20:19:30.480467Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"826898543ba044c8cb438038b26c1f4e","sha1":"a8081daa53935b97feb666864721727839af1c92","sha256":"1cd422bbd382e04fe8b501c44018864aeb18c39989850821823e51dd4ea73bb3","sha512":"7fd2f82c80d50c27183bc6afbea0c2487bc23017a1a1350ceee9df78c34f9c0e82443a44b7a20f656bf78814652b4329987af7f5dc4f13169e7bea27e627ff93","ssdeep":"","tlshash":"7431465e9ae391569573b079c77fe00139708567254cdd003c9ca190ef568341bf6bd8","size":1550,"data":"","first_seen":"2026-06-11T20:19:30.489989Z","last_seen":"2026-06-11T20:19:30.489989Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a0f841d9c009058363047d675f62d97","sha1":"3cb4bb4822b1b4fa948955bed18105bc80da7264","sha256":"012e253896d0feb4fd97c711b49a45655aa4316067749f09a8f9bde0fe523f4c","sha512":"b647d14472d204cef3f8883bb6ef58576718ebf286cb51868fcf01c8826fd6870a6b0cf129674bdbdeabd186ab4abbb92fb23a877615a5b3a389354b7a75efee","ssdeep":"","tlshash":"b8415a0d19eb14a6269b30b67b1f3a06713069872415ed007f8de74edfb581f8662bca","size":2303,"data":"","first_seen":"2026-06-11T20:19:30.492025Z","last_seen":"2026-06-11T20:19:30.492025Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa73f3e123f737cb4d3fdbe678acaa27","sha1":"00c55d642d341ca52ffcf2fa198da503218fd65e","sha256":"2a764608f56596c4871aba0846ad1af90765a7fe2af0f7cf6d832d0227c1d404","sha512":"73a8837c425760ce4084d9b90653b6780bb5ffff44945df8ae388c9562b205301f0d7d5371ee5e9ca3b340fb8b4450bba4ac787bb0b43f0ef194eeea0ecd8c66","ssdeep":"","tlshash":"05d08c9d11c2204cca6880581e3e3a07f611821b0c8db650b78e8f623f0f29fe6b67cc","size":203,"data":"","first_seen":"2026-06-11T20:19:30.493819Z","last_seen":"2026-06-11T20:19:30.493819Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5c5d6c67d530f4ec1d258425a3e0a343","sha1":"c57131ffef8e25d88d831e5013196b1289e74a90","sha256":"c6ee6104655a412dd894fe676b3a240894c25aadff9d52f4225606c4c281fdb8","sha512":"ad10983d179617fbba39c3d6fb6572f4eb95ced7ff10c73c67419b98c404c898864b2490b7c297c9bb59cf0d528c4a8f7ae2b47c11794f077f86ca31c387e2ad","ssdeep":"","tlshash":"b9f0c96b29c708312c2b50baa7364b0230d2322ba041c9323cedd40a6f0cad60e60f9c","size":580,"data":"","first_seen":"2026-06-11T20:19:30.49675Z","last_seen":"2026-06-11T20:19:30.49675Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/ccpa.1820a7ba1340e3c799af.bundle.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d88de99153c97aeba3780b276f6bee9c","sha1":"5ac359de01bb83f5e1a006681df20b3b1d772f42","sha256":"80b8a964486a4e88d2784a3ceba35d2b73910105905d91ca82ce572f401f20b5","sha512":"a24cf2aa0a7f4bcf1b86375a93385b357e4ff7f2de326a3f3281878c5619e994911ee110c28e7bb05324f6ce40bda7c1451a2429af89df759d1a4bd901b4bb55","ssdeep":"384:tsxRk2edCsRnfwFsX9kIXtUk1xGhMwMszHpXu:7CeT2pXu","tlshash":"c462b6cc72e5f8e5029b26f5501f760ff2656911749ef490b5a0c8e0be7288e9272f1b","size":15602,"data":"","first_seen":"2025-10-06T16:32:08.489176Z","last_seen":"2026-06-11T20:19:30.442011Z","times_seen":328,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7f181583f53ad4effb5219baa1365a65","sha1":"16b6dc9f2cb720b1ced104cec1dd6670a2fd467c","sha256":"f85b7c4be4657352036eca71ced3207246b9487abb3cc7488c20f3749f0481b2","sha512":"b37495eae19bceb0f085f8d91aa8346d8b4eb9c52c6ba1983985b179dd7259c06b5eb5087c30831b24e6527fe27775dae23b6962ccb4682c246a5e471d6b0832","ssdeep":"","tlshash":"ab61dc0b79e220319553323d16af61427a70c5bb2a8ee8403e5c42b4efd687e17b5b8c","size":3265,"data":"","first_seen":"2026-06-11T20:19:30.480467Z","last_seen":"2026-06-11T20:19:30.480467Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"826898543ba044c8cb438038b26c1f4e","sha1":"a8081daa53935b97feb666864721727839af1c92","sha256":"1cd422bbd382e04fe8b501c44018864aeb18c39989850821823e51dd4ea73bb3","sha512":"7fd2f82c80d50c27183bc6afbea0c2487bc23017a1a1350ceee9df78c34f9c0e82443a44b7a20f656bf78814652b4329987af7f5dc4f13169e7bea27e627ff93","ssdeep":"","tlshash":"7431465e9ae391569573b079c77fe00139708567254cdd003c9ca190ef568341bf6bd8","size":1550,"data":"","first_seen":"2026-06-11T20:19:30.489989Z","last_seen":"2026-06-11T20:19:30.489989Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a0f841d9c009058363047d675f62d97","sha1":"3cb4bb4822b1b4fa948955bed18105bc80da7264","sha256":"012e253896d0feb4fd97c711b49a45655aa4316067749f09a8f9bde0fe523f4c","sha512":"b647d14472d204cef3f8883bb6ef58576718ebf286cb51868fcf01c8826fd6870a6b0cf129674bdbdeabd186ab4abbb92fb23a877615a5b3a389354b7a75efee","ssdeep":"","tlshash":"b8415a0d19eb14a6269b30b67b1f3a06713069872415ed007f8de74edfb581f8662bca","size":2303,"data":"","first_seen":"2026-06-11T20:19:30.492025Z","last_seen":"2026-06-11T20:19:30.492025Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa73f3e123f737cb4d3fdbe678acaa27","sha1":"00c55d642d341ca52ffcf2fa198da503218fd65e","sha256":"2a764608f56596c4871aba0846ad1af90765a7fe2af0f7cf6d832d0227c1d404","sha512":"73a8837c425760ce4084d9b90653b6780bb5ffff44945df8ae388c9562b205301f0d7d5371ee5e9ca3b340fb8b4450bba4ac787bb0b43f0ef194eeea0ecd8c66","ssdeep":"","tlshash":"05d08c9d11c2204cca6880581e3e3a07f611821b0c8db650b78e8f623f0f29fe6b67cc","size":203,"data":"","first_seen":"2026-06-11T20:19:30.493819Z","last_seen":"2026-06-11T20:19:30.493819Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5c5d6c67d530f4ec1d258425a3e0a343","sha1":"c57131ffef8e25d88d831e5013196b1289e74a90","sha256":"c6ee6104655a412dd894fe676b3a240894c25aadff9d52f4225606c4c281fdb8","sha512":"ad10983d179617fbba39c3d6fb6572f4eb95ced7ff10c73c67419b98c404c898864b2490b7c297c9bb59cf0d528c4a8f7ae2b47c11794f077f86ca31c387e2ad","ssdeep":"","tlshash":"b9f0c96b29c708312c2b50baa7364b0230d2322ba041c9323cedd40a6f0cad60e60f9c","size":580,"data":"","first_seen":"2026-06-11T20:19:30.49675Z","last_seen":"2026-06-11T20:19:30.49675Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/b2ecac37c92f5d8d.js?2.2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"82dc832fe52d6dde0e7734d3766d6420","sha1":"c16136cb9eb3b769a8d8a8bd3a62814653fdc55a","sha256":"520152b02de44f7a09b34341e2de471d4ae5f217b0b3d77eb28009b90bdc632b","sha512":"110118a98354c284ae94625ffa8b2ce1e5ca3fdf60239796bcd9ee117ffb862cb12c7659b510801870d12c28ee8b98751f7c537f1073cdcc2679d26295810e8b","ssdeep":"1536:0yvfNS9MMum9hxj3h0p546vedXryTDqoQC:dMh2pq6GdO2C","tlshash":"04d309e83995f6516ab312a700ef1803737d2a1b280c4960e215fd9e75b842bb17bfdd","size":140392,"data":"","first_seen":"2025-04-29T18:06:00.42681Z","last_seen":"2026-06-11T20:19:30.472219Z","times_seen":204,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/7d8ca7ee02774d84.js?2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0728b8ca9d59969eae1827337dd68fee","sha1":"0a96e7d2631938be196714121993bcc06ce53bbd","sha256":"95e690b0bcc90c401685be1b6a3361ea3a9d064036fd0e8c506fb10a28d93fbb","sha512":"7a04f3bddc9ad8bfa5a8ea42991ad31bad0beb6ee3411a9e57f806b954354d557ddc0b754e73ce4308f1978f20f57f8b89b5538a8df2c84c072d1729fbc17cb1","ssdeep":"1536:a1sTDi5z+r4QNLWD1edx1pNtMqntJa6F6G0wQC3OyK:a4i5zSZq12lbMqntP0wJ3q","tlshash":"1fd3e8e9b5d2f8a1038351b4443f100bf23b2caa146ea181e77accd5bdb459e9173f99","size":138194,"data":"","first_seen":"2026-06-11T20:19:30.448853Z","last_seen":"2026-06-11T20:19:30.448853Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/_buildManifest.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"18732ba5b3f197c12eab873a4c12ecbe","sha1":"2af93a72e6ec5afe82dca477c5a3ac0aceed1f69","sha256":"36816cad180893f39e666c7fcb33f4747b501b4e2d509273a8c0b6ca4322edd6","sha512":"08375fb7b7b118527f071037e5264c6cf9269f81adece52c83d045f3fe0222f61cc628db603bd7d737742a7bbf39129e7126d0109cdd332ec50e67af750a7bcc","ssdeep":"","tlshash":"a3014cd31319f5055c9acd56382bf3239f81fcba5438069b87ad4b2c467001b8b5ec95","size":747,"data":"","first_seen":"2026-04-04T07:06:01.111499Z","last_seen":"2026-06-11T20:19:30.474546Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7f181583f53ad4effb5219baa1365a65","sha1":"16b6dc9f2cb720b1ced104cec1dd6670a2fd467c","sha256":"f85b7c4be4657352036eca71ced3207246b9487abb3cc7488c20f3749f0481b2","sha512":"b37495eae19bceb0f085f8d91aa8346d8b4eb9c52c6ba1983985b179dd7259c06b5eb5087c30831b24e6527fe27775dae23b6962ccb4682c246a5e471d6b0832","ssdeep":"","tlshash":"ab61dc0b79e220319553323d16af61427a70c5bb2a8ee8403e5c42b4efd687e17b5b8c","size":3265,"data":"","first_seen":"2026-06-11T20:19:30.480467Z","last_seen":"2026-06-11T20:19:30.480467Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"826898543ba044c8cb438038b26c1f4e","sha1":"a8081daa53935b97feb666864721727839af1c92","sha256":"1cd422bbd382e04fe8b501c44018864aeb18c39989850821823e51dd4ea73bb3","sha512":"7fd2f82c80d50c27183bc6afbea0c2487bc23017a1a1350ceee9df78c34f9c0e82443a44b7a20f656bf78814652b4329987af7f5dc4f13169e7bea27e627ff93","ssdeep":"","tlshash":"7431465e9ae391569573b079c77fe00139708567254cdd003c9ca190ef568341bf6bd8","size":1550,"data":"","first_seen":"2026-06-11T20:19:30.489989Z","last_seen":"2026-06-11T20:19:30.489989Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a0f841d9c009058363047d675f62d97","sha1":"3cb4bb4822b1b4fa948955bed18105bc80da7264","sha256":"012e253896d0feb4fd97c711b49a45655aa4316067749f09a8f9bde0fe523f4c","sha512":"b647d14472d204cef3f8883bb6ef58576718ebf286cb51868fcf01c8826fd6870a6b0cf129674bdbdeabd186ab4abbb92fb23a877615a5b3a389354b7a75efee","ssdeep":"","tlshash":"b8415a0d19eb14a6269b30b67b1f3a06713069872415ed007f8de74edfb581f8662bca","size":2303,"data":"","first_seen":"2026-06-11T20:19:30.492025Z","last_seen":"2026-06-11T20:19:30.492025Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa73f3e123f737cb4d3fdbe678acaa27","sha1":"00c55d642d341ca52ffcf2fa198da503218fd65e","sha256":"2a764608f56596c4871aba0846ad1af90765a7fe2af0f7cf6d832d0227c1d404","sha512":"73a8837c425760ce4084d9b90653b6780bb5ffff44945df8ae388c9562b205301f0d7d5371ee5e9ca3b340fb8b4450bba4ac787bb0b43f0ef194eeea0ecd8c66","ssdeep":"","tlshash":"05d08c9d11c2204cca6880581e3e3a07f611821b0c8db650b78e8f623f0f29fe6b67cc","size":203,"data":"","first_seen":"2026-06-11T20:19:30.493819Z","last_seen":"2026-06-11T20:19:30.493819Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5c5d6c67d530f4ec1d258425a3e0a343","sha1":"c57131ffef8e25d88d831e5013196b1289e74a90","sha256":"c6ee6104655a412dd894fe676b3a240894c25aadff9d52f4225606c4c281fdb8","sha512":"ad10983d179617fbba39c3d6fb6572f4eb95ced7ff10c73c67419b98c404c898864b2490b7c297c9bb59cf0d528c4a8f7ae2b47c11794f077f86ca31c387e2ad","ssdeep":"","tlshash":"b9f0c96b29c708312c2b50baa7364b0230d2322ba041c9323cedd40a6f0cad60e60f9c","size":580,"data":"","first_seen":"2026-06-11T20:19:30.49675Z","last_seen":"2026-06-11T20:19:30.49675Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7f181583f53ad4effb5219baa1365a65","sha1":"16b6dc9f2cb720b1ced104cec1dd6670a2fd467c","sha256":"f85b7c4be4657352036eca71ced3207246b9487abb3cc7488c20f3749f0481b2","sha512":"b37495eae19bceb0f085f8d91aa8346d8b4eb9c52c6ba1983985b179dd7259c06b5eb5087c30831b24e6527fe27775dae23b6962ccb4682c246a5e471d6b0832","ssdeep":"","tlshash":"ab61dc0b79e220319553323d16af61427a70c5bb2a8ee8403e5c42b4efd687e17b5b8c","size":3265,"data":"","first_seen":"2026-06-11T20:19:30.480467Z","last_seen":"2026-06-11T20:19:30.480467Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"826898543ba044c8cb438038b26c1f4e","sha1":"a8081daa53935b97feb666864721727839af1c92","sha256":"1cd422bbd382e04fe8b501c44018864aeb18c39989850821823e51dd4ea73bb3","sha512":"7fd2f82c80d50c27183bc6afbea0c2487bc23017a1a1350ceee9df78c34f9c0e82443a44b7a20f656bf78814652b4329987af7f5dc4f13169e7bea27e627ff93","ssdeep":"","tlshash":"7431465e9ae391569573b079c77fe00139708567254cdd003c9ca190ef568341bf6bd8","size":1550,"data":"","first_seen":"2026-06-11T20:19:30.489989Z","last_seen":"2026-06-11T20:19:30.489989Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a0f841d9c009058363047d675f62d97","sha1":"3cb4bb4822b1b4fa948955bed18105bc80da7264","sha256":"012e253896d0feb4fd97c711b49a45655aa4316067749f09a8f9bde0fe523f4c","sha512":"b647d14472d204cef3f8883bb6ef58576718ebf286cb51868fcf01c8826fd6870a6b0cf129674bdbdeabd186ab4abbb92fb23a877615a5b3a389354b7a75efee","ssdeep":"","tlshash":"b8415a0d19eb14a6269b30b67b1f3a06713069872415ed007f8de74edfb581f8662bca","size":2303,"data":"","first_seen":"2026-06-11T20:19:30.492025Z","last_seen":"2026-06-11T20:19:30.492025Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa73f3e123f737cb4d3fdbe678acaa27","sha1":"00c55d642d341ca52ffcf2fa198da503218fd65e","sha256":"2a764608f56596c4871aba0846ad1af90765a7fe2af0f7cf6d832d0227c1d404","sha512":"73a8837c425760ce4084d9b90653b6780bb5ffff44945df8ae388c9562b205301f0d7d5371ee5e9ca3b340fb8b4450bba4ac787bb0b43f0ef194eeea0ecd8c66","ssdeep":"","tlshash":"05d08c9d11c2204cca6880581e3e3a07f611821b0c8db650b78e8f623f0f29fe6b67cc","size":203,"data":"","first_seen":"2026-06-11T20:19:30.493819Z","last_seen":"2026-06-11T20:19:30.493819Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5c5d6c67d530f4ec1d258425a3e0a343","sha1":"c57131ffef8e25d88d831e5013196b1289e74a90","sha256":"c6ee6104655a412dd894fe676b3a240894c25aadff9d52f4225606c4c281fdb8","sha512":"ad10983d179617fbba39c3d6fb6572f4eb95ced7ff10c73c67419b98c404c898864b2490b7c297c9bb59cf0d528c4a8f7ae2b47c11794f077f86ca31c387e2ad","ssdeep":"","tlshash":"b9f0c96b29c708312c2b50baa7364b0230d2322ba041c9323cedd40a6f0cad60e60f9c","size":580,"data":"","first_seen":"2026-06-11T20:19:30.49675Z","last_seen":"2026-06-11T20:19:30.49675Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/8f0f9b2b82fbec43.js?2.2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7cf5bbee275c6a85dde833ee41e64815","sha1":"f45fdac81ce25644cf67a4f435f3dc85c5cfc918","sha256":"61a78b7b3b3f794126b370b73845dc41472c80e9920b1b78ea6df05a7af1bcd1","sha512":"f005ebd90dbaaa9afc6349204a48b3981748e0c6efc8c6efd0a91cbfac8c11692e660e3d6c5b175a8f512b23474db425e67c82e441302064388aeb90a01f0fa9","ssdeep":"6144:9vvf+4ARdYlpJaeUBhGDvmPk9NjUtUYB2xRbTRgEEw:adYlpJaexvmPkNjUtUYB2xRbTRgG","tlshash":"1535538a9be214a91447b4bc9f2fa5063125146f2cb4fd003f4ca254ef1e82ea775f9d","size":1157064,"data":"","first_seen":"2026-06-11T20:19:30.499394Z","last_seen":"2026-06-11T20:19:30.499394Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"Messaging without detection successfully executed.","filename":"https://ggoldexchange.com/badoo_files/wrapperMessagingWithoutDetection.js","line_number":0,"column_number":0},{"level":"log","text":"interaction complete","filename":"https://ggoldexchange.com/badoo_files/wrapperMessagingWithoutDetection.js","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"badoo.com/badoo-homepage/assets/fonts/beausite-classic/BeausiteClassicWeb-Semibold.woff2","fqdn":"badoo.com","domain":"badoo.com","tld":"com"},"ip":{"addr":"31.222.67.112","port":443,"asn":12678,"as":"Greysom Limited","country":"Czechia","country_code":"CZ"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.184Z","timestamp":1781209126184,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.badoo.app","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 00:35:08 GMT","end":"Wed, 09 Sep 2026 00:35:07 GMT"},"fingerprint":{"sha1":"7B:04:4C:1C:3D:F0:8D:DE:D4:46:CA:B6:7C:CA:EB:DA:45:8F:80:50","sha256":"C3:C9:5E:1D:A8:B1:CD:2C:E6:F5:2F:97:9B:0F:8A:E6:99:F3:D7:F0:56:19:87:EE:BB:9F:90:0E:FD:CB:F2:3F"}}},"request":{"raw":"GET /badoo-homepage/assets/fonts/beausite-classic/BeausiteClassicWeb-Semibold.woff2 HTTP/1.1\r\nHost: badoo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ggoldexchange.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 20:18:48 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 80108\r\ndocument-policy: js-profiling\r\ncache-control: public, max-age=0\r\nlast-modified: Thu, 02 Apr 2026 15:30:03 GMT\r\netag: W/\"138ec-19d4ed0d878\"\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16366,"size_decoded":16685,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 80108, version 1.0","md5":"49647bf286930781dfcd0e4d6b480ef7","sha1":"ea38326a6563b5c8ea8f7ab33780dd6bf715657e","sha256":"16e56700ef3bb92a48e588337618da92df38794e0b8686179a89cfd0333131b3","sha512":"695483282a3fe567b0ae153d410311a961b2ad22ff880543edfda0521a39fdfe3e854e2db939b9bc399b22a2b7a6ae91bbc315ff78b88c3b3d36531b6c4a17ae","ssdeep":"384:HZBmFLD8U1kN9gbQo5Lds5Xh6TQxYdvFfBd3PRl43WXjMuXG:HZBcD3kcts5SQxi13Pr43WX4UG","tlshash":"4072d02daec3057edc26ceb61dac9930c7265ab305572c4844b5bcd8da4e49a7d338bc","first_seen":"2026-06-11T20:19:30.42904Z","last_seen":"2026-06-11T20:19:30.42904Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2232,"timings":{"blocked":-1,"dns":2,"connect":31,"send":0,"wait":30,"receive":101,"ssl":2067},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"badoo.com/badoo-homepage/assets/fonts/beausite-classic/BeausiteClassicWeb-Bold.woff2","fqdn":"badoo.com","domain":"badoo.com","tld":"com"},"ip":{"addr":"31.222.67.112","port":443,"asn":12678,"as":"Greysom Limited","country":"Czechia","country_code":"CZ"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.187Z","timestamp":1781209126187,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.badoo.app","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 00:35:08 GMT","end":"Wed, 09 Sep 2026 00:35:07 GMT"},"fingerprint":{"sha1":"7B:04:4C:1C:3D:F0:8D:DE:D4:46:CA:B6:7C:CA:EB:DA:45:8F:80:50","sha256":"C3:C9:5E:1D:A8:B1:CD:2C:E6:F5:2F:97:9B:0F:8A:E6:99:F3:D7:F0:56:19:87:EE:BB:9F:90:0E:FD:CB:F2:3F"}}},"request":{"raw":"GET /badoo-homepage/assets/fonts/beausite-classic/BeausiteClassicWeb-Bold.woff2 HTTP/1.1\r\nHost: badoo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ggoldexchange.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 20:18:49 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 80352\r\ndocument-policy: js-profiling\r\ncache-control: public, max-age=0\r\nlast-modified: Thu, 02 Apr 2026 15:30:03 GMT\r\netag: W/\"139e0-19d4ed0d878\"\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16172,"size_decoded":16491,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 80352, version 1.0","md5":"701bc775013824789fe87396d9703d5f","sha1":"e8a4f3907c5a166f25c20731a0bce171b4dcafc3","sha256":"25227ffc778d6de377345c811c3f293bf5630a85937cf3c985f5eeeebb019816","sha512":"424b6e642f76b3a2739dd4d36df28b700329e95699647111d6b3239df8be847f047146933a92c466eb4dd14403ed9bf4874dbadcd6b4dd97a11bc40ea18bc0c8","ssdeep":"384:DDzN1noxYQOHkc6/Vk7J3YTVil2acfmaNmr/:zLIY3vLoTVS2aom/","tlshash":"bc72c0587d92c287b1c40a6dedcedd0731f648cca5da70870cb29e6aec2cbbd2146d51","first_seen":"2026-06-11T20:19:30.434762Z","last_seen":"2026-06-11T20:19:30.434762Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3735,"timings":{"blocked":-1,"dns":0,"connect":30,"send":0,"wait":62,"receive":6,"ssl":3636},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/beausite-classic.css","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.189Z","timestamp":1781209126189,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/beausite-classic.css HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"19e-652be07cd00a0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=99wR05jFtuJp7fUcvNDcLxufeaLGMWHrN9hZOMXBm4yw%2Bg3XTASD3MhG%2B04Ha5nK%2BB6IuALZHa5PZp9TcnvTjLPuyqJ6IGcSmDOxF6gubl2OfUMPnnv0ES7w7cVxI2JkhuOIkQ%3D%3D\"}]}\r\ncontent-type: text/css\r\ndate: Thu, 11 Jun 2026 20:18:46 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=0,i=?0\r\ncontent-length: 179\r\ncf-ray: a0a34e8ebbb48deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":414,"size_decoded":930,"mime_type":"text/css","magic":"ASCII text","md5":"f7653a77bf4c817e5984772322d901f6","sha1":"7ccd5cb6b3a7ba3c6c8f1260a9798f4b2b8ba14f","sha256":"a0d0882235a8509f10bbcf19d35507f3b4388983d26542070ddc541a6fec9d14","sha512":"c79eeebf1990ac0fcb02e15b6e4adb565e15854c2390982e97cb98d6b6034c327a671870b9590ce22afa9309462c6a5accc1d574e43af8fcb1e838630f433def","ssdeep":"","tlshash":"d3e09240598fa8a4f8231d4ff78f6b22584e0407a00689363bf67b0cdfe6539436179e","first_seen":"2025-02-08T15:16:56.477253Z","last_seen":"2026-06-11T20:19:30.438471Z","times_seen":256,"resource_available":false,"data":null}},"time_used":734,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":734,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/08c00472f55569ea.css","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.195Z","timestamp":1781209126195,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/08c00472f55569ea.css HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:17:38 GMT\r\netag: \"14af2-652be2fbd62d1-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2GwhCIFVXEsN29%2Bj1yrjMW3Jgj2acmo1BycY0jQwd0xMGLAmqaLY237zdB9stEB1jQo%2B6cf6CRUZIRvHZoz9SLSJKJe1%2BledBZGdg68KufOUMWok%2FO2OGfj7LiegypIP2tOLgw%3D%3D\"}]}\r\ncontent-type: text/css\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=0,i=?0\r\ncontent-length: 13270\r\ncf-ray: a0a34e8ebbba8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84722,"size_decoded":14027,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65206)","md5":"6c4b3a8daace7174d6f49925c211be30","sha1":"acc7c768ae4d0fadae410361e9b863926eee3f30","sha256":"843703b673c0e0b20df1532b7c9492979cbc3705726042ed8f41e6327c36a28c","sha512":"cbf674ab0f2026f3b93bb6ba35d3f034a2959806388226d5d41f8ca25c9e9c79e13ff9cae211a492b4625436265471efbc4e28d0715f962b5e0f810ae833ca6f","ssdeep":"384:go8DzdwdVi+soBuqhhjsoVLXHb9c3A9v6i4GPOIHkeBoAXkUrHOYizhqZYEuexHQ:gx2V+oHp76SG4BoAxrH1uQ87","tlshash":"8b83842b6500361ddd138d3673c5a924f13484e28763a3ebb8b39d148fd6a9316a76cf","first_seen":"2026-06-11T20:19:30.439616Z","last_seen":"2026-06-11T20:19:30.439616Z","times_seen":1,"resource_available":false,"data":null}},"time_used":991,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":991,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/ccpa.1820a7ba1340e3c799af.bundle.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.217Z","timestamp":1781209126217,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/ccpa.1820a7ba1340e3c799af.bundle.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"3cf2-652be07cd00a0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=44RIpBY5UVMfZzmwYX0BMMQqgujExOp4gG%2FON%2FBQ4V8YYk2kOkx5nWcclWvyT5Ufzox%2Ba7r1Xxcoh79bfvlETqKAqGB6DyTWY49sn4cdEvv4BgOPQB7PjclqcYPBfkmoKh3tAQ%3D%3D\"}]}\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:46 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 4822\r\ncf-ray: a0a34e8eebcc8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15602,"size_decoded":5582,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (15602), with no line terminators","md5":"d88de99153c97aeba3780b276f6bee9c","sha1":"5ac359de01bb83f5e1a006681df20b3b1d772f42","sha256":"80b8a964486a4e88d2784a3ceba35d2b73910105905d91ca82ce572f401f20b5","sha512":"a24cf2aa0a7f4bcf1b86375a93385b357e4ff7f2de326a3f3281878c5619e994911ee110c28e7bb05324f6ce40bda7c1451a2429af89df759d1a4bd901b4bb55","ssdeep":"384:tsxRk2edCsRnfwFsX9kIXtUk1xGhMwMszHpXu:7CeT2pXu","tlshash":"c462b6cc72e5f8e5029b26f5501f760ff2656911749ef490b5a0c8e0be7288e9272f1b","first_seen":"2025-10-06T16:32:08.489176Z","last_seen":"2026-06-11T20:19:30.442011Z","times_seen":328,"resource_available":true,"data":null}},"time_used":730,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":730,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/6b39aa0fb402e7c1.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.239Z","timestamp":1781209127239,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/6b39aa0fb402e7c1.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lx9Urhc3lQw3pGBhWHpYypge3q2EjOTZe4cn%2F%2FP9wd36A8owWOngN2VCGvYjcrHKb8XqhHmvyK9UR%2F4H%2BFAIyHhc6l2R7x2GxWYos3ud2Wk1J9illC2JBkZ39Qk1DaExtyjUZw%3D%3D\"}]}\r\ncf-ray: a0a34e954d1b8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":264,"size_decoded":849,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"8a9cb1f1fab2d3fb775a4642845428d7","sha1":"f4e4fe82c385c6e52e8e5a0f9b7cb1e614626da6","sha256":"90f81b754697516aa6ed99d46d4238dbd37f9a2098cc76deaac365f67f8a6f7e","sha512":"abb5e79c8c00aa36a884b1a8f544e909b2533810b5c1bc423030d3ffd7883b854df9db64ffcf1f14deb2743b889becf3be767f12c6d6a133bb0ac54c885d4fb0","ssdeep":"","tlshash":"d3d02b9e504333ab0811155039c211c6228c12e6a43981e83d85d487525867dcc8969d","first_seen":"2026-06-11T20:19:30.443378Z","last_seen":"2026-06-11T20:19:30.443378Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T20:18:44.062Z","timestamp":1781209124062,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 \r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq; path=/\r\nlocation: /home_page\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ml54W2soAPj60tO5vT2qlv8v804vJfR1UvDqvQsKMximP8HjyDwsO3OkYR09SmzrgO4Jb6mcB9c%2BQptjO1ibgo92ju3ddvxCfbt1jbTQTFJ7o%2BMP2Bzkt9SyqeuunPmwf3rXnA%3D%3D\"}]}\r\npriority: u=0,i\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Thu, 11 Jun 2026 20:18:44 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0a34e8198a28deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-12T07:48:44.966021Z","times_seen":16348678,"resource_available":true,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":5,"connect":19,"send":0,"wait":732,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/home_page","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T20:18:44.833Z","timestamp":1781209124833,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /home_page HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nvary: Accept-Encoding\r\npriority: u=0,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W87mokBHGhJy%2BkTJi3Q7MIioXuI1iSEpeQO46WGZCWgAM2gwvbFrTn9mFbUkmKo64XYplqetmokXTRYZibF0gzijIg3sG3UlrCcV2DbQVB2X2gQp49NOdTAGHD8KLMGjAKDyHw%3D%3D\"}]}\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Thu, 11 Jun 2026 20:18:45 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a0a34e86394f8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":133825,"size_decoded":23710,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2766)","md5":"9d7ffd6c4cf62c2a57a6331a00ceb9b4","sha1":"4532a2eddad8417d171fb1cce5f89c542bcaf8ef","sha256":"8a59d2c17d0ab9924ecc7010fc916e1df946259238b7cfd814032e0f9eb4654b","sha512":"5005df2ca45933567f113e4e502ec9761edb993288706cf81da1c5b8d9c3e9a6d06b22c24d4e1e0405e433363b6e68339a9ab643a3568b0663b761d0b8cf4d80","ssdeep":"1536:vzAqQiwa2G2goSGUcASuySxRfKxmqpthr1z5cJUVfxsh/Jvl/pl5CBQnk5wZ/9EV:LAq+a2G2goSGUcAS47U5ABm","tlshash":"8cd3d4e273f019f2401fa7e1a9b2711da941a10bf3905a4c72bd5398bfa3c6b54a3d5c","first_seen":"2026-06-11T20:19:30.447221Z","last_seen":"2026-06-11T20:19:30.447221Z","times_seen":1,"resource_available":true,"data":null}},"time_used":974,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":973,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/7d8ca7ee02774d84.js?2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.200Z","timestamp":1781209126200,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/7d8ca7ee02774d84.js?2 HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 21:11:01 GMT\r\netag: \"21bd2-652beeea8bcba-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=08FNHT3fhH4tk%2BRUI2H8eiznty2GmICYRfAwWyL5db6kEw5vMG50lgExUd4piS33h6Dr0W2lHHUBcmPD66zh9kDJkIEdWfHLB8d%2FgxrlWrQxoW67St4HaZnnmwBzlH0AZZPsMg%3D%3D\"}]}\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 39904\r\ncf-ray: a0a34e8ecbbf8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":138194,"size_decoded":40664,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"0728b8ca9d59969eae1827337dd68fee","sha1":"0a96e7d2631938be196714121993bcc06ce53bbd","sha256":"95e690b0bcc90c401685be1b6a3361ea3a9d064036fd0e8c506fb10a28d93fbb","sha512":"7a04f3bddc9ad8bfa5a8ea42991ad31bad0beb6ee3411a9e57f806b954354d557ddc0b754e73ce4308f1978f20f57f8b89b5538a8df2c84c072d1729fbc17cb1","ssdeep":"1536:a1sTDi5z+r4QNLWD1edx1pNtMqntJa6F6G0wQC3OyK:a4i5zSZq12lbMqntP0wJ3q","tlshash":"1fd3e8e9b5d2f8a1038351b4443f100bf23b2caa146ea181e77accd5bdb459e9173f99","first_seen":"2026-06-11T20:19:30.448853Z","last_seen":"2026-06-11T20:19:30.448853Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":940,"receive":218,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/9eda42229cf81b2e.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.204Z","timestamp":1781209126204,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/9eda42229cf81b2e.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"9739-652be07ccd1c0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hx%2BGcdsF1j5miNQp%2B7UvWOagZbOViOQ2NqNYlzCMxk76Txqiicb7lhoEThbcJ2yNs4JACWl7Qhb6d83j7zBj3FMdSecFZMiw%2Fwa7D3AUZfUBkB%2FytLX7vogtbFmp%2FqDwdui4SA%3D%3D\"}]}\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 12053\r\ncf-ray: a0a34e8ecbc38deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38713,"size_decoded":12818,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (38713), with no line terminators","md5":"1116fbff44b7435be95347d455e1e825","sha1":"85137308c9182b9063e60c8bd0e22aaa6b7920d5","sha256":"be2a9b815508735191d7ac7290e15fc1d79cc338e85e0e01cb2a48d930c081e9","sha512":"276d617a6f1d8036a1d9c1e61db82703d4dee04734a225a9e2fa626318c8e37edc64f3a21e6de48d1e66e2bf1ddcc32e5621cb0f7fe6f8bbc7980bc1c49e8167","ssdeep":"768:72Rd9W9Rgeoe+pAZCUOEjTKpBswA3waD78:72Rd9WjgrbUOnswA398","tlshash":"da03c7cdb681b0b156932579953f512fb33f7e55240cc440a12ee8c839b8acee127e7a","first_seen":"2026-03-22T14:32:14.164513Z","last_seen":"2026-06-11T20:19:30.450033Z","times_seen":35,"resource_available":true,"data":null}},"time_used":943,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":943,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/f79d53009f25654d.js?2.2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.206Z","timestamp":1781209126206,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/f79d53009f25654d.js?2.2 HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 21:23:30 GMT\r\netag: \"27445-652bf1b4cd349-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YICasoBuTKb60dlyot%2BDfguPxtdVf%2F3yvmteqI77hMTFQvlNZIjx33ojBb6aCBP0MpSk%2Bh0ZP45Mg9%2FWca%2FWQnscmY9jA5Xq%2B%2BWG9NRr57ilJUxYEBOSWXW%2B50vxUuzopm6QoQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 29460\r\ncf-ray: a0a34e8ecbc48deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":160837,"size_decoded":30232,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2636)","md5":"e545234b9375e4045bf59f2bdf7a42e7","sha1":"2db8204fce59be9e25cc90b1f2019917a4af51c3","sha256":"e5389f26d1a7b35ca0924457f60681b494ca414aa8f790d8f5e5b5632961844e","sha512":"3425eda50d356b9d26ff5f8c8fc911e10d7346a8b1729154dcd50e3107f97e4552255aa99bd393e8b24123398404862f3d281c6436b3a6bd9cb43d69028d71ad","ssdeep":"1536:ZpsWIi0S+Gu96XtHjMatodxoQBfhBbuserqQBCoSavEhzguhPM:ZptIiQ96dDM2of1ZYrqc","tlshash":"2af3a46a75e1187460073bb96c3f68097422144b1e99bd583f6c9690ef2c82f62f6fcd","first_seen":"2026-06-11T20:19:30.450694Z","last_seen":"2026-06-11T20:19:30.450694Z","times_seen":1,"resource_available":true,"data":null}},"time_used":975,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":975,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/BeausiteClassicWeb-Semibold.woff2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.275Z","timestamp":1781209127275,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/BeausiteClassicWeb-Semibold.woff2 HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/badoo_files/beausite-classic.css\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\npriority: u=3,i=?0\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KewPJwJs95Oc90z%2FN2Pwj84kN01kULY5LPOlHKTgUjQc9TS22MqOYknyHdv6qKXfbi%2FnHhXekRKtwwol5%2BEI9V4dgy3YwgHq3DBlITqpJnw%2FIgBrC27PP%2B%2FWug3zlg%2FwiyJ8CQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0a34e957d268deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":264,"size_decoded":876,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"8a9cb1f1fab2d3fb775a4642845428d7","sha1":"f4e4fe82c385c6e52e8e5a0f9b7cb1e614626da6","sha256":"90f81b754697516aa6ed99d46d4238dbd37f9a2098cc76deaac365f67f8a6f7e","sha512":"abb5e79c8c00aa36a884b1a8f544e909b2533810b5c1bc423030d3ffd7883b854df9db64ffcf1f14deb2743b889becf3be767f12c6d6a133bb0ac54c885d4fb0","ssdeep":"","tlshash":"d3d02b9e504333ab0811155039c211c6228c12e6a43981e83d85d487525867dcc8969d","first_seen":"2026-06-11T20:19:30.443378Z","last_seen":"2026-06-11T20:19:30.443378Z","times_seen":1,"resource_available":false,"data":null}},"time_used":719,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":719,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"consent.badoo.com/wrapper/v2/messages?hasCsp=true\u0026env=prod\u0026body=%7B%22accountId%22%3A1789%2C%22campaignEnv%22%3A%22stage%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.badoo.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fbadoo.com%22%7D\u0026localState=null\u0026metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D\u0026nonKeyedLocalState=null\u0026ch=4340993865000389824373\u0026scriptVersion=4.40.1\u0026scriptType=unified","fqdn":"consent.badoo.com","domain":"badoo.com","tld":"com"},"ip":{"addr":"13.249.8.36","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.719Z","timestamp":1781209127719,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"consent.badoo.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:43:58 GMT","end":"Wed, 29 Jul 2026 06:43:57 GMT"},"fingerprint":{"sha1":"CA:BE:3F:1E:A2:4A:E1:DB:F5:17:E7:6F:B2:23:99:6A:F8:DC:BD:27","sha256":"80:8E:05:E0:9A:B6:31:BC:C1:09:AA:A7:5A:8D:B6:1A:CF:F5:3A:0C:1F:F6:E0:29:2F:88:B6:96:7F:98:F7:FA"}}},"request":{"raw":"GET /wrapper/v2/messages?hasCsp=true\u0026env=prod\u0026body=%7B%22accountId%22%3A1789%2C%22campaignEnv%22%3A%22stage%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.badoo.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fbadoo.com%22%7D\u0026localState=null\u0026metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D\u0026nonKeyedLocalState=null\u0026ch=4340993865000389824373\u0026scriptVersion=4.40.1\u0026scriptType=unified HTTP/1.1\r\nHost: consent.badoo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ggoldexchange.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json; charset=utf-8\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\ncontent-encoding: gzip\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION\r\naccess-control-allow-methods: GET, PUT, POST, DELETE\r\ncache-control: max-age=0, s-maxage=1200\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 01f0043a35749795f1f4c557444b246a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P3\r\nx-amz-cf-id: QUY0UsAX5paBlTw3wBjtqy0z3KRZugSLLjLifRqiWy4rMyOfiB_kfA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":5381,"size_decoded":1894,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"e96941cf8397ca308f3d544ae03eb2a2","sha1":"5b6caf7040b8b05597a22cbfdeb9b69fbb578e45","sha256":"9c2ce3c16260ba3d5ef05f4ae04d30a11919f5fe8633cbcca85774e576ea050a","sha512":"4bb57391fd5891cb253bd821faab3adca904901e93d5b865728a440801151a43e337b747c90edc200b93c879b222883ef0709ea73b889e4171b53b0d2f5cc340","ssdeep":"96:WFLPkZ7qjWqcIlodqgax8qT7BVTVvl9rE8+8Z:Wdc5qKqjlodq3l9rp7Z","tlshash":"24b1d47d29a22c2f7444e052cd637daa5edd031cb004759ad8ac6a973dc7d8532b39cb","first_seen":"2026-06-11T20:19:30.451977Z","last_seen":"2026-06-11T20:19:30.451977Z","times_seen":1,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/saved_resource(1).html","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.235Z","timestamp":1781209127235,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/saved_resource(1).html HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qoy4LQ1A0thSsg7OuLf13RyD3%2FETwIayoHAm8gR8FenPFfoKG9GqsBf1Sz9D96NHGW1JbA6KQcti4SZdaGwsCIgayeIehFdA2rb6rwvS8iXKvA4IZ1lDosQdgauSKYopffZpKA%3D%3D\"}]}\r\ncontent-type: text/html\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a0a34e953d1a8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":152,"size_decoded":783,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"09b33fa7a1116338c9b2326b08c03bfe","sha1":"6d8ee025ab2df83f5765362a1ec59e14541d52d1","sha256":"324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3","sha512":"6734e3be692c5f37d29ea8c73d1396b8fc7c69b085ea34e533492655dcc7d530576b9c278d18e56ecc7f4248118ea78772a5866b5acf59d55a32e941b1162cd9","ssdeep":"","tlshash":"3ac08cb51413200ba220aaa09ac9e14408408010a0898c41a08031ec65cd308e8b3690","first_seen":"2023-04-09T17:36:07Z","last_seen":"2026-06-11T20:19:30.453743Z","times_seen":142,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/imgs/tell-us-what-you-looking-for-bg.png","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.243Z","timestamp":1781209127243,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/imgs/tell-us-what-you-looking-for-bg.png HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/badoo_files/08c00472f55569ea.css\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:20:32 GMT\r\netag: \"24d33-652be3a1d5621\"\r\naccept-ranges: bytes\r\npriority: u=4,i\r\ncontent-type: image/png\r\ndate: Thu, 11 Jun 2026 20:18:48 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UucvVYeXgWJ45GaIyqZYdNIctoxKPRDN7BMz9W3VJyo1%2FEqdW5PUT7%2BGb5hTn%2BmS5GDFG5GyJRpBCd80vkSYrKMj9NSR6I2LqcE%2B5Akh%2BNBWYhGsJOFRMucS0s9OkWWf8AIkyQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 150835\r\ncf-ray: a0a34e954d1e8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150835,"size_decoded":151541,"mime_type":"image/png","magic":"PNG image data, 726 x 644, 8-bit/color RGBA, non-interlaced","md5":"897284fab330d603847633e21109869b","sha1":"f7062e7ce36a76f8153a39be815d63da0a53db2e","sha256":"1e1fcc229f176a005e1b7611ccf50414680f4076b733fbc06bdfe2f41345e15f","sha512":"d44f416bb86901fc7a1070e482e7e3caa49b72d5339263918ef9bd0a151528c487bf96f07515d52c9ee5626a0acccaa74bba3cef1b22f0b984633f5d896d1d4a","ssdeep":"3072:UAaldQ3BAuNz1IyIyigU/QTtttPWhJBowo2KEwYmrmkX7JoVxeEfEy:mMzz1IWigUotgXjKZEgOxec","tlshash":"34e302e9beb85773b451d17d07bb36c2dbc629bf0fce890fd94536348a0229061285a7","first_seen":"2025-02-08T15:16:56.499527Z","last_seen":"2026-06-11T20:19:30.45505Z","times_seen":264,"resource_available":false,"data":null}},"time_used":1450,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":975,"receive":475,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-NRVTQM9","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.245Z","timestamp":1781209127245,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:26 GMT","end":"Mon, 17 Aug 2026 08:36:25 GMT"},"fingerprint":{"sha1":"B1:69:2D:8A:87:48:5C:47:05:41:5B:52:3B:0E:2C:E9:BD:CC:03:75","sha256":"91:1E:26:69:78:6C:F7:F4:05:E8:B1:07:F4:04:FB:66:B9:20:6A:EB:43:9D:02:70:C8:AF:60:8C:BB:58:30:4F"}}},"request":{"raw":"GET /gtm.js?id=GTM-NRVTQM9 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nexpires: Thu, 11 Jun 2026 20:18:47 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 11 Jun 2026 19:20:10 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 157774\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":460435,"size_decoded":158424,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6841)","md5":"2c963ade95e46db0a467cc136552d03b","sha1":"0d1cdc996a25e9a659312a05e4fb0ea75de8a7b4","sha256":"80245371913aa026e14e2b683954c1f36c2d6e36de4bc5ff2353e07362eedd01","sha512":"78cbda9e8fedb9501fb5974c9dfacbe3bda229a04dbad205c5063c009d64a4680d1dd0b61dc54f88fc55c074706ab641671abf60fb012912b65fd5e054859cc9","ssdeep":"6144:VPbRG8s5XtjLAut8QF1TpqBEzVTIFBuA6++iYf:VsHtj6S+G","tlshash":"caa409ceb3d674625393b478903f018ba17a29e2b44cc899f189cce42e7459a4277f7d","first_seen":"2026-06-11T20:19:30.455684Z","last_seen":"2026-06-11T20:19:30.455684Z","times_seen":1,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":0,"dns":3,"connect":15,"send":0,"wait":33,"receive":43,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/BeausiteClassicWeb-Bold.woff2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.274Z","timestamp":1781209127274,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/BeausiteClassicWeb-Bold.woff2 HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/badoo_files/beausite-classic.css\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\npriority: u=3,i=?0\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7jyXyoPhiRecBgBt1JL2jYOJqLjHpLvPLmBFXmAsEicfvxietq4NwJJUsWu4cv01S%2Bf3TKvEL3vWj4ZEMEZus6cCyFJdppAWnlufHzIjTADioQEg0jRPwni1Ba4vQOW1X1fQFA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0a34e957d258deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":264,"size_decoded":864,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"8a9cb1f1fab2d3fb775a4642845428d7","sha1":"f4e4fe82c385c6e52e8e5a0f9b7cb1e614626da6","sha256":"90f81b754697516aa6ed99d46d4238dbd37f9a2098cc76deaac365f67f8a6f7e","sha512":"abb5e79c8c00aa36a884b1a8f544e909b2533810b5c1bc423030d3ffd7883b854df9db64ffcf1f14deb2743b889becf3be767f12c6d6a133bb0ac54c885d4fb0","ssdeep":"","tlshash":"d3d02b9e504333ab0811155039c211c6228c12e6a43981e83d85d487525867dcc8969d","first_seen":"2026-06-11T20:19:30.443378Z","last_seen":"2026-06-11T20:19:30.443378Z","times_seen":1,"resource_available":false,"data":null}},"time_used":708,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":708,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"consent.badoo.com/mms/v2/get_site_data?hasCsp=true\u0026href=https%3A%2F%2Fbadoo.com\u0026account_id=1789","fqdn":"consent.badoo.com","domain":"badoo.com","tld":"com"},"ip":{"addr":"13.249.8.36","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.446Z","timestamp":1781209127446,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"consent.badoo.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:43:58 GMT","end":"Wed, 29 Jul 2026 06:43:57 GMT"},"fingerprint":{"sha1":"CA:BE:3F:1E:A2:4A:E1:DB:F5:17:E7:6F:B2:23:99:6A:F8:DC:BD:27","sha256":"80:8E:05:E0:9A:B6:31:BC:C1:09:AA:A7:5A:8D:B6:1A:CF:F5:3A:0C:1F:F6:E0:29:2F:88:B6:96:7F:98:F7:FA"}}},"request":{"raw":"GET /mms/v2/get_site_data?hasCsp=true\u0026href=https%3A%2F%2Fbadoo.com\u0026account_id=1789 HTTP/1.1\r\nHost: consent.badoo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ggoldexchange.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nstrict-transport-security: max-age=15552000; includeSubdomains\r\ncache-control: max-age=3600, s-maxage=86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-credentials: true\r\nx-sp-mms-node: ip-10-128-33-30\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 01f0043a35749795f1f4c557444b246a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P3\r\nx-amz-cf-id: OfmnqyNs4MchL52evXbkAE1HOdTSPL6KdJyd6yG0681JLYGuGVoHFA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":208,"size_decoded":763,"mime_type":"application/javascript","magic":"JSON text data","md5":"75f3ebdc343f5dc6ce56d467a949e634","sha1":"1f9ec13f1b8758ee61015c962d0f5d0171bb9a5f","sha256":"1742573774adaae17dd1b52f31e0dcc0fdd8618ae26209cf27b63c474d3ec7c2","sha512":"c86c8b6cd6ea5c575cb55d8f4e176b41d1643e43a1a425bb546e96b42410c1e05af633250fc5b215476fbb2a402545a67c92de81796fac803e6613d38de1987d","ssdeep":"","tlshash":"b0d0c9234527fd69a0c2a162b75691020c17cf2905dc66a261af56b4033d272376236e","first_seen":"2025-04-08T18:44:45.41953Z","last_seen":"2026-06-11T20:19:30.457334Z","times_seen":233,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":0,"dns":15,"connect":8,"send":0,"wait":78,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/gtm.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.191Z","timestamp":1781209126191,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/gtm.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"6f4ad-652be07cdfaa0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KOeS6Pep9g927iLOZjdY6qidEE7U0ifpZwpuJvS8mkYfcmi%2FvzBuAiZUhkt5AXhb8vUb3mO%2BNZUcKuUrE%2Fw17Bp%2FcyfTzuzNkEX6xe9a2fyPyKM%2FI5Uwle4%2FE8sfqAKY3DvEHg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0a34e8ebbb68deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":455853,"size_decoded":154259,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (6841)","md5":"9339fef6fae5fd1c2747fc62a9b6b388","sha1":"ad52f307730db0af4930798774ae9dc24edba8fc","sha256":"b39c0a21cc3699945704a1ee3871b5a030232bfdac29c85fa7fa9b7562d07ee7","sha512":"3e974709dd80713c7d5dd46b6236c0242c2152fea9c4dee6c0a8652c30f6c3a43c8760fe4f8875e434f2894f5333003a1486c360f630510cca34fbc349912587","ssdeep":"6144:gKj0QYVfY+yH+tTeDFHP2QcXFHd2BpJZttqMSMp:gBVfY+vaFfaAp","tlshash":"73a409cdb3d6746253a2b478903f018ba57a28e2f44cc899f186cce42e7465a4277f7d","first_seen":"2026-06-11T20:19:30.458916Z","last_seen":"2026-06-11T20:19:30.458916Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1576,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/ab34cb03dc3fbf4e.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.196Z","timestamp":1781209126196,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/ab34cb03dc3fbf4e.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"99c-652be07cce160-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jh2k9SX1gOlL%2BQbjLUTKLRGkN%2FCBFDiInEK1N2lvE4P7anvdM2a3CPDa2KKQa5TMegkBVPzZbvzolD1H9XV7cZIXtDKuF%2FcM%2BSURSn0ecrH6oQwabtr%2BCpEq7FJmmslh12N9ZQ%3D%3D\"}]}\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:46 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 1153\r\ncf-ray: a0a34e8ebbbc8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2460,"size_decoded":1916,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2460), with no line terminators","md5":"7dd7565ad3de37b6ad7e7b4a8e986d02","sha1":"1520482c19f23187dc4031d322540feb89624fe6","sha256":"bdea4329e6032cdeaa545ff37645687c2ed5922c02d4937e5299583880876d48","sha512":"a4d155079c821e3d5ffe39d2868f70862da097155dd929ec517ed1f6d71b92760a72853a5b8f4b5dbe0b791577a83d1519cb53bd96ae063b75d009ea58113ca5","ssdeep":"","tlshash":"b25194c932f0f4a643276168852f4007f22b9877056de8a0e770c9b5bc7280f8126fae","first_seen":"2026-01-13T23:13:08.457856Z","last_seen":"2026-06-11T20:19:30.462156Z","times_seen":64,"resource_available":true,"data":null}},"time_used":743,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":743,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/ed11533061d42ec4.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.210Z","timestamp":1781209126210,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/ed11533061d42ec4.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"2a8-652be07cd00a0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:46 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YWeFzs8E2u%2FSpkFDKVTvlo7EJ%2FSPda20%2B%2BXWw4bc%2B2Nb9UYruYvFy34asCWCwd2VGtogEUkZD11uWIZ7mijS5MXmNl9Msz11NO35Wi3ice2cCe3ZR9Msl1Tsfy70L4CE0hAATg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 388\r\ncf-ray: a0a34e8edbc68deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":680,"size_decoded":1150,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (680), with no line terminators","md5":"77f876c6a0461c06a33f8fa42b129fd2","sha1":"9aed9ca43095c05954671496a6aa1f7945415fb4","sha256":"e7bf9ed83b75feeb5f213d7950dd6ed6aa9ccb2524472508a709c7b4c1fd94ce","sha512":"294877a0562063282ac75d3026faf2572dd457673dc500b21e90edd17d2689b7e7facbe4f86e9dcc6ab8198fc89dbbcd8471eaa57af33a49a354300a2dfa1dc4","ssdeep":"","tlshash":"d201c0d83ff07916a13711b8913b250632aa247b298d5d90b278447a6e77a6e8101ac7","first_seen":"2026-03-22T14:32:14.200254Z","last_seen":"2026-06-11T20:19:30.464217Z","times_seen":35,"resource_available":true,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":697,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/_ssgManifest.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.214Z","timestamp":1781209126214,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/_ssgManifest.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"4d-652be07ccd1c0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SUacIesMI8yC9jPf6iespO6ejxVq3mWshqtdekjybQtkvOvOsZ2zNWDVDcTHX5K%2FBW5G3SBL%2FDcJRe2826X7NsUjFbdUAGkhhClUUo9g2jCDnHqtHJUXO5iHMiZXbxE%2BT9%2ByZQ%3D%3D\"}]}\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:46 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 61\r\ncf-ray: a0a34e8edbc98deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77,"size_decoded":819,"mime_type":"text/javascript","magic":"ASCII text, with no line terminators","md5":"b6652df95db52feb4daf4eca35380933","sha1":"65451d110137761b318c82d9071c042db80c4036","sha256":"6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e","sha512":"3390c5663ef9081885df8cdbc719f6c2f1597a4e25168529598097e9472608a4a62ec7f7e0bc400d22aac81bf6ea926532886e4dc6e4e272d3b588490a090473","ssdeep":"","tlshash":"98a001e0943cdc60aa63dd1c136413128fa05122651d28938afd3044c0301510300d90","first_seen":"2023-03-07T01:03:02Z","last_seen":"2026-06-12T07:50:51.886288Z","times_seen":233770,"resource_available":true,"data":null}},"time_used":734,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":734,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/6b39aa0fb402e7c1.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.221Z","timestamp":1781209126221,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/6b39aa0fb402e7c1.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Thu, 11 Jun 2026 20:18:46 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pxIE69xQl9nURMcUPoEN27S1w%2FkkKB3MJ5e2pHzmVxOieCxdYUAAM0MpWZzw%2FHSwuadumTvk4uGeEntX%2Ffbs%2BgRcDF1R0ZXHEgk7IECeTMU0xU8qvvd5LTMRo2JtgyrjVcCZwg%3D%3D\"}]}\r\ncf-ray: a0a34e8eebcf8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":264,"size_decoded":842,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"8a9cb1f1fab2d3fb775a4642845428d7","sha1":"f4e4fe82c385c6e52e8e5a0f9b7cb1e614626da6","sha256":"90f81b754697516aa6ed99d46d4238dbd37f9a2098cc76deaac365f67f8a6f7e","sha512":"abb5e79c8c00aa36a884b1a8f544e909b2533810b5c1bc423030d3ffd7883b854df9db64ffcf1f14deb2743b889becf3be767f12c6d6a133bb0ac54c885d4fb0","ssdeep":"","tlshash":"d3d02b9e504333ab0811155039c211c6228c12e6a43981e83d85d487525867dcc8969d","first_seen":"2026-06-11T20:19:30.443378Z","last_seen":"2026-06-11T20:19:30.443378Z","times_seen":1,"resource_available":false,"data":null}},"time_used":737,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":737,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-NRVTQM9","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.503Z","timestamp":1781209127503,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:26 GMT","end":"Mon, 17 Aug 2026 08:36:25 GMT"},"fingerprint":{"sha1":"B1:69:2D:8A:87:48:5C:47:05:41:5B:52:3B:0E:2C:E9:BD:CC:03:75","sha256":"91:1E:26:69:78:6C:F7:F4:05:E8:B1:07:F4:04:FB:66:B9:20:6A:EB:43:9D:02:70:C8:AF:60:8C:BB:58:30:4F"}}},"request":{"raw":"GET /gtm.js?id=GTM-NRVTQM9 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nexpires: Thu, 11 Jun 2026 20:18:47 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 11 Jun 2026 19:20:10 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 157774\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":460455,"size_decoded":158404,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6841)","md5":"54980e1c9d4715761030a0f97f266f7c","sha1":"cf5e1487fa9b294a2e1a894e3c1119128bb74921","sha256":"05f1eece0015341504b0faef3d73dbe05221f2fa2470e62fbeb5c84374fa07fb","sha512":"4159a787ae1bba4fa9bf9fc4c34f7abd917a3d848c0c132629c9f7df21b317565bf9f61f96fce75251e0dd5f02f8c29e854756f8dc4e83719757e3df1a2104e9","ssdeep":"6144:xPbRG8s5XtjLAut8QF1TpqBEzVTIFBuA6++iYf:xsHtj6S+G","tlshash":"8ba409ceb3d674625393b478903f018ba17a29e2b44cc899f189cce42e7459a4277f7d","first_seen":"2026-06-11T20:19:30.465894Z","last_seen":"2026-06-11T20:19:30.465894Z","times_seen":1,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/saved_resource.html","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.231Z","timestamp":1781209127231,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/saved_resource.html HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1kAHMTS%2FadOPgFFU9ZcIkcvg81naLKdqZ3Yd0GeudvcmRIpwp4dUJGKMd9WaN7omi4nJMdd%2F7sjnuNNBtHa77P0sVqH3GbnpeUcD2NCtlDI4dUSODSGW3z%2Fyj8QAylDK8VxkwA%3D%3D\"}]}\r\ncontent-type: text/html\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a0a34e953d198deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":152,"size_decoded":787,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"09b33fa7a1116338c9b2326b08c03bfe","sha1":"6d8ee025ab2df83f5765362a1ec59e14541d52d1","sha256":"324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3","sha512":"6734e3be692c5f37d29ea8c73d1396b8fc7c69b085ea34e533492655dcc7d530576b9c278d18e56ecc7f4248118ea78772a5866b5acf59d55a32e941b1162cd9","ssdeep":"","tlshash":"3ac08cb51413200ba220aaa09ac9e14408408010a0898c41a08031ec65cd308e8b3690","first_seen":"2023-04-09T17:36:07Z","last_seen":"2026-06-11T20:19:30.453743Z","times_seen":142,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/imgs/confidence.png?\u0026w=640\u0026q=100","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.280Z","timestamp":1781209127280,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/imgs/confidence.png?\u0026w=640\u0026q=100 HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:16:29 GMT\r\netag: \"cd23-652be2b9e9303\"\r\naccept-ranges: bytes\r\npriority: u=5,i\r\ncontent-type: image/png\r\ndate: Thu, 11 Jun 2026 20:18:48 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aDJEZQiu3d4ERO54sTS%2FgMA6de03nmqvCaswzioSsreUDkU3kHRjpUY%2FugSV4ZeY86y36dlGsWLZl%2FmY3uM0%2F%2FRaGoTJ7XV0MqgAYaqeHOVQYP9LFhwJd4uoXiAzMu9llNcElQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 52515\r\ncf-ray: a0a34e958d278deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52515,"size_decoded":53219,"mime_type":"image/png","magic":"PNG image data, 750 x 410, 8-bit colormap, non-interlaced","md5":"c7d6a950c287227fe2e2dcb243131dad","sha1":"4c44ea037a5f0a262b412bb4f3bb85dca8af7148","sha256":"1ebbde33e15599e5c95bf443b4bdea11955bbaf7b494f2d7ce6b15fcb4875d7a","sha512":"1133b9818c3390742857e64391ee9796dffb9e6621e3893fe86128fb7cc91528127d463f5ba7011c6681311af620db46262fb2a3dc08099d04f0d179618c6413","ssdeep":"768:uRq588gnR5OviYpgUDv429nt8AsoimAIQKQ0tdJ1LRUgTa1ru07rCVCpxSZBygfa:ui0Ovi43UmAIBcOWvINCgl5+","tlshash":"4333f275dfa08d262121c626b8ba0b33558d7fce678a41011cafc5f87d6f7f5940e8a4","first_seen":"2026-06-11T20:19:30.467294Z","last_seen":"2026-06-11T20:19:30.467294Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":939,"receive":232,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/imgs/nearby.png?\u0026w=640\u0026q=100","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.282Z","timestamp":1781209127282,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/imgs/nearby.png?\u0026w=640\u0026q=100 HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:20:27 GMT\r\netag: \"18371-652be39c988f5\"\r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FqXAak8oed8SZAT8YYMvGsM2cVyY7cHwwAuOmedL5Tl0tkW69vQMtDx4acCm5EIFyc%2FZpBvVF%2Fr1Pqz8P1BkVpBsEiTmCJFisnGUw9Ha7QW0DMzTwOCl%2BZJKIdrbKcWT849Wdg%3D%3D\"}]}\r\ncontent-type: image/png\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 99185\r\ncf-ray: a0a34e958d288deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99185,"size_decoded":99886,"mime_type":"image/png","magic":"PNG image data, 355 x 743, 8-bit colormap, non-interlaced","md5":"919288d9b4a0bb15d598d5dd5e667cfe","sha1":"5895b4cfcf6a703b8141089b1406cb19f9e4a1de","sha256":"b0f51cdc455fa2007542a710f2468ccdfc17250ba971de210032303a9a7944fa","sha512":"97f62df4c9fe27fddcb628a00ae5c8870fa28a1c704e8adb5a0d3d789aa549895953207f35eb7975b8bae36fd87e653d0ec7ce7c6469015fa253eb8783995323","ssdeep":"1536:1N/j86v+vjyiEwVaHEkha2LLgmiFOmww+NUOeMQVKorXbr7t6MDSxjRfrz3O:1VJKmiEwVaH5hl4FHww+NqP7t6MMjBDO","tlshash":"12a313357df80ea4e5c70118be7e1a1a39988962d41d10de6d59b8693f2cf2dcf1a233","first_seen":"2026-06-11T20:19:30.468911Z","last_seen":"2026-06-11T20:19:30.468911Z","times_seen":1,"resource_available":false,"data":null}},"time_used":468,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":228,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"badoo.com/static/favicon.ico","fqdn":"badoo.com","domain":"badoo.com","tld":"com"},"ip":{"addr":"31.222.67.112","port":443,"asn":12678,"as":"Greysom Limited","country":"Czechia","country_code":"CZ"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:48.400Z","timestamp":1781209128400,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.badoo.app","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Jun 2026 00:35:08 GMT","end":"Wed, 09 Sep 2026 00:35:07 GMT"},"fingerprint":{"sha1":"7B:04:4C:1C:3D:F0:8D:DE:D4:46:CA:B6:7C:CA:EB:DA:45:8F:80:50","sha256":"C3:C9:5E:1D:A8:B1:CD:2C:E6:F5:2F:97:9B:0F:8A:E6:99:F3:D7:F0:56:19:87:EE:BB:9F:90:0E:FD:CB:F2:3F"}}},"request":{"raw":"GET /static/favicon.ico HTTP/1.1\r\nHost: badoo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 11 Jun 2026 20:18:48 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 15086\r\nlast-modified: Thu, 29 Jan 2026 14:23:54 GMT\r\netag: \"697b6d7a-3aee\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15086,"size_decoded":15471,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"57d24d073a25a1b83efa8192e0dba5d4","sha1":"7dbe6f02a0474898208cdd3f4bd02f5e5729bacc","sha256":"441b014d0eb3e692185e7fc3b51f550d5cd7c2b285d94c5a34a6514db8859d76","sha512":"5f63cd514ba0da4253ca319f1d551ee1f758f8e5b628d8a873deeb3232681c9fffd016d06f80f7435a4cbf96c16784208e1fa32ed9fbd745250e7c68b752fe49","ssdeep":"96:j2zWieRUnQnl3UJtxfgIj3z1qnCbn8Mz28IkT9BBhTvb/:jJL3cxf5I8IkTfL7","tlshash":"3c6210c3f343888ccb18c6facd2a95801c190c77dc50aaa1b2d9751b0e76360b47a5f6","first_seen":"2023-11-19T02:20:43Z","last_seen":"2026-06-11T20:19:30.470739Z","times_seen":277,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":0,"dns":0,"connect":33,"send":0,"wait":61,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/wrapperMessagingWithoutDetection.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.193Z","timestamp":1781209126193,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/wrapperMessagingWithoutDetection.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"22696-652be07cd8d40-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i06TQbLazSgrUZYAZONSBMlFjL%2FcbV0WXeVc87Gc4g%2FceK7WudMRSTGa4lBlyh5s1TZlYHAsAOoPoELD6zLTpu2NE5eViFQMEG6poMjqu3RtsNu1yZdxzZlH57TThtt0evYEBQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 42091\r\ncf-ray: a0a34e8ebbb78deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":140950,"size_decoded":42851,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2d2c12321d621b817bdf31cb82604b52","sha1":"0275aac9467db593feb0bc289745df93443d0d64","sha256":"7022e4a7f798da10076936623230291bd5781f50e9e9323d419e4060c19ff66d","sha512":"162109caf3914efcae67e39035b268087105510a18ab295e6b3c846d82e281146e4bc7f6d09943fb5f7fbc22bc1154ca9df0922c29e7038aa3485cf51a9f23a5","ssdeep":"1536:DkecL8iXhHgemaVhepR6cB6o+S3m8v8NZdmD5Cj4t0F:GLtxHQpRbAjWm68/oD5ft0F","tlshash":"ddd3f68e76d5f4f603e321f4501f610bb2766859b85d9480e211d8e0bc7ad8ea237f6e","first_seen":"2026-02-25T16:23:40.874013Z","last_seen":"2026-06-11T20:33:50.487332Z","times_seen":8774,"resource_available":true,"data":null}},"time_used":1215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":983,"receive":232,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/b2ecac37c92f5d8d.js?2.2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.199Z","timestamp":1781209126199,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/b2ecac37c92f5d8d.js?2.2 HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"22468-652be07ccf100-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FqwCQj6Mkv8YIpfNTvnlxQeyE2DujR3zMLTu3P0mG6%2F6xKo0tA4MGKee2veebXynV9od8iQXpK3AQNxv%2FQMXBzWK55xSatELJgs4lDCj%2BcN1%2Ft0tv3Rm%2F2kPyg3SUw0TBQxDnw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 45139\r\ncf-ray: a0a34e8ecbbe8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":140392,"size_decoded":45905,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"82dc832fe52d6dde0e7734d3766d6420","sha1":"c16136cb9eb3b769a8d8a8bd3a62814653fdc55a","sha256":"520152b02de44f7a09b34341e2de471d4ae5f217b0b3d77eb28009b90bdc632b","sha512":"110118a98354c284ae94625ffa8b2ce1e5ca3fdf60239796bcd9ee117ffb862cb12c7659b510801870d12c28ee8b98751f7c537f1073cdcc2679d26295810e8b","ssdeep":"1536:0yvfNS9MMum9hxj3h0p546vedXryTDqoQC:dMh2pq6GdO2C","tlshash":"04d309e83995f6516ab312a700ef1803737d2a1b280c4960e215fd9e75b842bb17bfdd","first_seen":"2025-04-29T18:06:00.42681Z","last_seen":"2026-06-11T20:19:30.472219Z","times_seen":204,"resource_available":true,"data":null}},"time_used":1220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":990,"receive":230,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/c1376fa03686f16d.js?2.2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.208Z","timestamp":1781209126208,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/c1376fa03686f16d.js?2.2 HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 21:19:01 GMT\r\netag: \"7029-652bf0b3f019d-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:46 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qtYR2wKuHMY92YmqseqjcErGBE2SrN8GQV0zEGJ77k1yzZwJu2e0oqW9iXPoU380GulOoKh57hcwjkNHuOeKHU8YQKfuVd0zdcS4tZt9uMs%2FWQh564OiUnDJK0d0BsoPSx3hpQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 5593\r\ncf-ray: a0a34e8edbc58deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28713,"size_decoded":6349,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"7e6bf31e8887dbe585a874ccb9ff0b27","sha1":"b61d29ac0ac220524dac83f191ba92909f002204","sha256":"e3eda49f36caee71b1a6aea152759b434addc78d14cc7a0099d8bc5134118544","sha512":"da0f0c244e481fae8d1299353e0694123c7b94be13d47c2ed41fc41316ecbe1bec93fb1212e5f5df74ade3a2961e60e2501bc121534b8255458ab2034d4268e7","ssdeep":"384:JCBo6UzR7csCgKfxbrbQ7FBQds1qYbrw3hq:MjU17csCgKf1bmFBys1qYbrd","tlshash":"4dd20029a2e11c31685739bd4e7f2c097525110b5f90be1c3a4ca2d4df2c82e67b6f9d","first_seen":"2026-06-11T20:19:30.472945Z","last_seen":"2026-06-11T20:19:30.472945Z","times_seen":1,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":710,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/_buildManifest.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.212Z","timestamp":1781209126212,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/_buildManifest.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"2eb-652be07ccd1c0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pYi0jiSngqik1vd2YuxwmEbdhZht2sRvdA36lvnOKY8%2F0q1%2Ftc0u5q06%2B4PtbqXuW85fYytyP68Mgs7ZtVREnfDBwtqxU80q022BrJwDg2bi1Ch%2F1zG3BiZfahodNBpr0pJ5aQ%3D%3D\"}]}\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:46 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 362\r\ncf-ray: a0a34e8edbc88deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":747,"size_decoded":1122,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (747), with no line terminators","md5":"18732ba5b3f197c12eab873a4c12ecbe","sha1":"2af93a72e6ec5afe82dca477c5a3ac0aceed1f69","sha256":"36816cad180893f39e666c7fcb33f4747b501b4e2d509273a8c0b6ca4322edd6","sha512":"08375fb7b7b118527f071037e5264c6cf9269f81adece52c83d045f3fe0222f61cc628db603bd7d737742a7bbf39129e7126d0109cdd332ec50e67af750a7bcc","ssdeep":"","tlshash":"a3014cd31319f5055c9acd56382bf3239f81fcba5438069b87ad4b2c467001b8b5ec95","first_seen":"2026-04-04T07:06:01.111499Z","last_seen":"2026-06-11T20:19:30.474546Z","times_seen":31,"resource_available":true,"data":null}},"time_used":726,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":726,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/imgs/hero-image.png?\u0026w=640\u0026q=75","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.219Z","timestamp":1781209126219,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/imgs/hero-image.png?\u0026w=640\u0026q=75 HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:11:41 GMT\r\netag: \"26dec-652be1a766a37\"\r\naccept-ranges: bytes\r\npriority: u=3,i\r\ncontent-type: image/png\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eVotoqr2iH27p8lSUxig5JhGAv6r33YxWWNjMJL9g8nQuhxNPclWa4EAqhgvpkhP9crvHo2%2FRpg2Epx5D%2FwQ5hFbDWbpNyU2diIRb7NtNvdF8h0%2B8iks%2Fny0%2BXYrXa%2FOU51niQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 159212\r\ncf-ray: a0a34e8eebce8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":159212,"size_decoded":159920,"mime_type":"image/png","magic":"PNG image data, 560 x 881, 8-bit colormap, non-interlaced","md5":"71d5aefe844ec6edb25f0f7f901c81e1","sha1":"80bca521f0514244c7b1af3889dae54854bb5d25","sha256":"25aad1c17fec45b63cab571537c8681a2a90bde2cc89f26d0496e8ec9446839c","sha512":"4bc2d1b5b49adf1dfd9ab49067f591bee074b90d4ba4efc6a0677c6f8c32f9bd0273f5a2f6424f1c37fb624a1b8242a5e903819d86b80d098fe89cb0f4d565c4","ssdeep":"3072:dU1vdo4FlAhXbVa+qNxeo6q+nbSO3R2K1w9Ahz5nTAzDof:SE4kXbVaNX6q+nbSO3RqAhz54DK","tlshash":"04f3236cd2418ad88cd9712e3c55663af24e188ba26f975bf3106e1163c2034cd7ff6a","first_seen":"2026-06-11T20:19:30.475264Z","last_seen":"2026-06-11T20:19:30.475264Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":982,"receive":482,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/8f0f9b2b82fbec43.js?2.2","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.203Z","timestamp":1781209126203,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/8f0f9b2b82fbec43.js?2.2 HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 21:16:50 GMT\r\netag: \"11a7c8-652bf036eefd7-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:46 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8ClzlnEWWaOBji7rbgPSNTKUKiVM%2BeYpcA9nCE2mZqoj2iKGLOxK%2BZowxu8s3F3HVhN%2FTcJ7xGWYbiD0q%2FsipGzsDFB9QSrAUF3MZ3E%2FY8NAyiZIHIS%2BlA%2FBzthNqGGFlu4yJw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0a34e8ecbc08deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1157064,"size_decoded":158892,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2529)","md5":"d9a7f8bae0381d831dfb8899571ccc57","sha1":"91b3a96891dc85cce90648630f1e83fb584edb76","sha256":"2ce75991cfe1fbb60f8c1c22f911cc7557260e96248c19dded1588c1481a2f12","sha512":"27baff28046f53ff97efd29242dfb98da60272f5f5f6900782b86cd01ede71fb0c1f1fc0660d2af396985090922eb28c7514e9516c775afe092382fc9e75046b","ssdeep":"3072:VPvvf+4ZSAE5UQHxDDxDrd9DRb5qX0z033gX25dtOq83r8JaeiMm2SPnDKHM7XjA:9vvf+4ARdYlpJaeUBhGDvms","tlshash":"6125538a9be114e91447b8bc9f2fa5023125146b2cb4fd403f4ca254ef1e82ea775f9d","first_seen":"2026-06-11T20:19:30.476885Z","last_seen":"2026-06-11T20:19:30.476885Z","times_seen":1,"resource_available":false,"data":null}},"time_used":962,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":471,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ggoldexchange.com/badoo_files/gdpr-tcf.27718c8cb9d29947d2c1.bundle.js","fqdn":"ggoldexchange.com","domain":"ggoldexchange.com","tld":"com"},"ip":{"addr":"172.67.171.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:46.215Z","timestamp":1781209126215,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ggoldexchange.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 04:24:04 GMT","end":"Sun, 06 Sep 2026 05:22:45 GMT"},"fingerprint":{"sha1":"CE:B7:7A:27:B9:53:5F:90:73:2B:27:A0:6D:E3:1F:CB:92:35:60:2E","sha256":"51:1F:2E:BB:35:C0:8E:9F:20:64:88:27:EB:05:AC:EA:17:37:C5:30:F9:E7:0A:B7:07:E4:65:96:41:43:C1:D6"}}},"request":{"raw":"GET /badoo_files/gdpr-tcf.27718c8cb9d29947d2c1.bundle.js HTTP/1.1\r\nHost: ggoldexchange.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ggoldexchange.com/home_page\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=btmv8468vspqvctbqcaljoqfuq\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Tue, 26 May 2026 20:06:28 GMT\r\netag: \"281f6-652be07cd1040-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncontent-type: text/javascript\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eBsyC8bWeEklq3fAa3WbYpCLXxvMnQkQuH4VKxQxAzB0TyYJF1Jra6kKO9YQTVawt8639PfBOBl3FJkZpSY2QarzSGd9a7GluHrABvaqv5%2FYBWK5wSI%2F0e%2F9kcmhd4LGKxVkKQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 29771\r\ncf-ray: a0a34e8edbca8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":164342,"size_decoded":30533,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7346b54d559e4a3d7c8a0bd69d653dfc","sha1":"8c230d0bf7b4fcfe760e5574971cddd8931e2c75","sha256":"02aa605423b0682f9df507dd719cd536591c2b6f3669d72d27c48fbbc13fb5be","sha512":"e5e0fae49f512f9a923c7ea70191901b659c8f92c87d55ea101aa634a23c3e2e992dd9284eda7f60d2c66cd37e48f4106a1d87f14a4dd853fd7d614a40441a59","ssdeep":"768:MC4d4bCODQ01rEUkEM+uCHsjcQyPHCJTMXCJNCwLjspLH+PkXJ3+5NoU13TAIGGf:2KXTaQKHspLbooU13TAIZb4tpLGbC5Bm","tlshash":"91f3b48cb2d1f0b143d7a2b1402f500bf3796965989dd0a0a275dcf1adf688e8677f1a","first_seen":"2026-02-25T16:23:40.90149Z","last_seen":"2026-06-11T20:33:50.40622Z","times_seen":5076,"resource_available":true,"data":null}},"time_used":972,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":971,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"ggoldexchange.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"consent.badoo.com/wrapper/v2/meta-data?hasCsp=true\u0026accountId=1789\u0026env=prod\u0026metadata=%7B%22gdpr%22%3A%7B%22groupPmId%22%3A589610%7D%2C%22ccpa%22%3A%7B%22groupPmId%22%3A589604%7D%7D\u0026propertyId=22304\u0026scriptVersion=4.40.1\u0026scriptType=unified","fqdn":"consent.badoo.com","domain":"badoo.com","tld":"com"},"ip":{"addr":"13.249.8.36","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ggoldexchange.com/home_page","date":"2026-06-11T20:18:47.584Z","timestamp":1781209127584,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"consent.badoo.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:43:58 GMT","end":"Wed, 29 Jul 2026 06:43:57 GMT"},"fingerprint":{"sha1":"CA:BE:3F:1E:A2:4A:E1:DB:F5:17:E7:6F:B2:23:99:6A:F8:DC:BD:27","sha256":"80:8E:05:E0:9A:B6:31:BC:C1:09:AA:A7:5A:8D:B6:1A:CF:F5:3A:0C:1F:F6:E0:29:2F:88:B6:96:7F:98:F7:FA"}}},"request":{"raw":"GET /wrapper/v2/meta-data?hasCsp=true\u0026accountId=1789\u0026env=prod\u0026metadata=%7B%22gdpr%22%3A%7B%22groupPmId%22%3A589610%7D%2C%22ccpa%22%3A%7B%22groupPmId%22%3A589604%7D%7D\u0026propertyId=22304\u0026scriptVersion=4.40.1\u0026scriptType=unified HTTP/1.1\r\nHost: consent.badoo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ggoldexchange.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ggoldexchange.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 350\r\ndate: Thu, 11 Jun 2026 20:18:47 GMT\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION\r\naccess-control-allow-methods: GET, PUT, POST, DELETE\r\ncache-control: max-age=3600, s-maxage=3600\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 01f0043a35749795f1f4c557444b246a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P3\r\nx-amz-cf-id: Zv3NstvwovCwxTgXwqbICPz_jUFrrxRv-9thUKZqZPqsUm6bnJCQYg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":350,"size_decoded":1079,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b0d26946baccbb963fe7380a6fceea81","sha1":"8f552ded193314f73406b629068dd9d5b208e079","sha256":"0bfcf69c4a801d75ea97e545962f265d7503248486cdce644e263d19d466e613","sha512":"5073a7bf1051fe028c043af38dbdc6d42dc2ef6c4020a67374c201b4c2087b13b4d387260e2203fbdd046a7a593822259a805983aa1beea15d0d3507e7839775","ssdeep":"","tlshash":"f6e0c013506386f2d78453314008b9e71ef820f154ca1114b8dc434220ee2b9306ef8b","first_seen":"2025-11-08T12:42:46.139729Z","last_seen":"2026-06-11T20:19:30.479196Z","times_seen":121,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}