{"report_id":"98277607-9927-4af8-a5b9-219a7866a84e","version":6,"status":"done","tags":[],"date":"2024-12-23T21:39:08Z","url":{"schema":"http","addr":"try-dating.fun/?pa=omjyf\u0026s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d31303026263534303937393931323838363339362664693d37672d323233362665643d75732e26693d61646d696e3130302c32373035382c616e74686f6e792e726f6c6c6d616e2e6374724075732e61662e6d696c2c526f6c6c6d616e2c2674733d3137333439383831363826353634313439373530313231383639\u0026","fqdn":"try-dating.fun","domain":"try-dating.fun","tld":"fun"},"ip":{"addr":"172.67.193.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"title":"Are you looking for hot dates in Oslo?"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-03T21:39:08Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"try-dating.fun","ip":{"addr":"104.21.73.244","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-05-14","domain_rank":0,"first_seen":"2024-12-23T21:39:08.768277Z","last_seen":"2024-12-23T21:39:08.768277Z","alert_count":0,"request_count":2,"received_data":8717,"sent_data":1302,"comment":"","tags":null,"fingerprints":null},{"fqdn":"e5gpmrd.elites-sweetsthemeets.com","ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"domain_registered":"2024-12-13","domain_rank":0,"first_seen":"2024-12-17T12:38:46.361984Z","last_seen":"2024-12-17T12:38:46.361984Z","alert_count":26,"request_count":26,"received_data":1261072,"sent_data":14467,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2024-12-18T01:33:35.417727Z","alert_count":0,"request_count":1,"received_data":9166,"sent_data":494,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bigdatajsext.com","ip":{"addr":"136.243.216.252","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2024-06-21","domain_rank":0,"first_seen":"2024-07-01T12:08:48Z","last_seen":"2024-12-20T17:23:23.833605Z","alert_count":0,"request_count":1,"received_data":10054,"sent_data":526,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/bb.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d553e4bac91c74bfee2dbabba61e99e","sha1":"5af71e2377c9c012a7826a695f2724901941b19b","sha256":"1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68","sha512":"105e5b23733e7bb443ba2080d606c2814b0acd2aaf228467d2ce532ff2f2ec0b292f8eb5189a24cd9f79b69a7e983b176dbd29e2d539dae7ca443821084f2894","ssdeep":"","tlshash":"23f02341bd5435f147cf3255861f2230903f08cd7206d583b9a85e916e3179d9e1bbd0","size":639,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.592645Z","times_seen":13211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"74d6b742d29f1afcc42ec2239cb30e55","sha1":"a18196410f59479af95c81013fc0fbf90595f369","sha256":"0f0684f027cf0601d6c2f2dfa65165e3076f5f396ce9277f0cdce1bef7ac23a4","sha512":"118f2c50c32cfab4fe2a31f6bd1dad7ea8d460099b2f11d457931c1d45ffe7b64792df304accace527913185b24e7c617cadf8561973bb7174b963897ceab90e","ssdeep":"","tlshash":"510149c83610ed49d067bc6d9e3d2d376061f93fc15eb5881148c60a38544b0531b9be","size":696,"data":"","first_seen":"2024-12-23T21:39:11.551151Z","last_seen":"2024-12-23T21:39:11.551151Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/js/jquery.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"261c2803d4c5f060a7bb9388a85533be","sha1":"90a234032123056ad72e3a35eabe88f9042923f2","sha256":"4d62766346c8fd39371d0c01f931efae320a5ecceb96f7c8e4716036741e19df","sha512":"6a505adaab6bc468e0aaa728089a44cb7563ba180287e511304b34df0334b32b1987984b9a11bbb95b0ce3edca52661a5754269276b2ae25355fd4fce618a487","ssdeep":"1536:c4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RAfDknv+p0WzH/Io9Z7qABZnu0sFy:cGsKXAI2p0WP9bDrstfa5","tlshash":"3a93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","size":93068,"data":"","first_seen":"2023-04-01T11:04:52Z","last_seen":"2026-04-03T03:13:40.277578Z","times_seen":1170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/js/vegas.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea8391e9e4f905102fef9737e225aba3","sha1":"2111929b9d64a20ecdeea04e3cf2a6633e09f428","sha256":"586607fdd9a798760719c89e72801e7f9f4af96a830fbbcee2889cffd521c239","sha512":"99b74beba57f023eeac792b77f3e3e7109c8fa279f1290d94ea056cd1a6ae784514eb24b3d2d01d511ded74d13b1934724033ea750aa9bdeb471c189b6ded131","ssdeep":"192:hzdEiLcmBWE4spGE9OICxPh+6Qw05RbJ1u1vqGDG2hYSwHSOV9Mfjsf5s9nhaGIt:hpE2/bJ3GLdM9MfjsfohNZvKz","tlshash":"aea2bd897f66510989b7e37a9f6a810ceb7682276503922d3cbd41c45fb1438436affc","size":22473,"data":"","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.906867Z","times_seen":1916,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/util/utils.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"85a42b1d6c8769fce99fb44aefb041b0","sha1":"2c6ba9c724ceec8ab80658429a031f2991eb930b","sha256":"a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718","sha512":"7eebcbd1a5452f24928918d459c99644a61122343f2b6167c29a8c13295550535935ab6764cc75d036ae4fbfcdff7ca91ca9388a3a91428e8da665f2ef540fc5","ssdeep":"192:C018ojHD3/HDg8bQgdT0p+MS0zS6S+8izeLeR4OeH/t060SDWF:T18ojHD3/HDnQgdTDMSES6S+8ibR4OMk","tlshash":"0f02527e3a3e352a1d0a237d1cdad94d247bfc2b754156326929b848d0ece5ce312eb1","size":7514,"data":"","first_seen":"2024-07-01T17:34:09Z","last_seen":"2025-10-23T07:06:12.476416Z","times_seen":6590,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/js/trls_loveme_casual.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe9bcd27c507ed339bb6e127e0ba5a9e","sha1":"d42529b16b5385bf270678bdb5afc4dd62a0333c","sha256":"438d3925fc872661a31e1f5b8ddd550e8c5b2113cfd23ed7e9a727bf4ff26969","sha512":"913673007b15c5a0d0401f91fe03d3a1f0b1199c7d84c84893f738e115ad2d1993aceefed3462346f0597dddac69b246d8d908b8d99b2026b91bb4da5b54311f","ssdeep":"384:SCOCsgtymBJ+Qx79dHbubiNP+ypBP2AcqYCOr3Cf0:rfsgtyM9bP+oRK","tlshash":"8d624e7bfb8f44f9fad023409672e902a41df1bfc399e069356e54aa1191c1482af58b","size":15968,"data":"","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.886522Z","times_seen":1857,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/cookie/js.cookie.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7e9883924072f15259de6888d5ef515","sha1":"7f4f6e5938e68f55aef81e0cd0145f008cd28382","sha256":"985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c","sha512":"f6f2859b644b249cebe21b0af49c0efa046eedc95814ad4cac400b25d6fddbb7a155db420359ccfc8570eb18899cdc369dcbf5c137f4cb21f24b27f8f297be48","ssdeep":"96:3+bMojFkR0WIxWXATmnv5h8VatgNyyd2jMAp0:3zoa0WIcXATs8atgNyM6pp0","tlshash":"ec91b7783c1535b80d06237513bf668b7077bc567c865710b64cd998eb28c6b8316fe2","size":4264,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.580912Z","times_seen":6123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/js/timer.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"db12eacb17d6d147e21495e2f8787fff","sha1":"32c7f9200e989eeb54df98b8ee70331a3b22789b","sha256":"b18fa00e948ce4a17e7cfa703c82e27fc8e1bababa97327ead9562c2281aff0f","sha512":"dd098bf6f1fc64bcd7efec3b6120fa2b5dbba0c063e99d8618c77e638a7765b23b8bf1b1821e52546af7bec6cba3f70be97594be438372da9f006a19b456e0e4","ssdeep":"","tlshash":"7501f238073a3a040d611e7a17cee408561bfc27700f592518dcb8e0d8dee29c149e2a","size":639,"data":"","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.905886Z","times_seen":2626,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/exit-new/exit1.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"625e5e2950612f771e246beb33c9ea61","sha1":"e4fc251c6c000496c285f8dc3fa097040b031681","sha256":"618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46","sha512":"655f0b373c605d0a464bedca4df204fb3aa12442c5b0aa3b8bf13e0604fd1e89480356e9c6cc9a432f81305bf1151caf4ac4ad9d8eb24eb78cbd11318e5b9657","ssdeep":"","tlshash":"ee81407c352d7579499a777c91efe94a207b6c53f001a2320808bc94e86ce4ce325df9","size":3473,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-02-01T11:35:43.37734Z","times_seen":13050,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"try-dating.fun/new/?s=100\u0026\u0026540979912886396\u0026di=7g-2236\u0026ed=us.\u0026i=admin100,27058,anthony.rollman.ctr@us.af.mil,Rollman,\u0026ts=1734988168\u0026564149750121869","fqdn":"try-dating.fun","domain":"try-dating.fun","tld":"fun"},"ip":{"addr":"104.21.73.244","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-12-23T21:38:40.490Z","timestamp":1734989920490,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /new/?s=100\u0026\u0026540979912886396\u0026di=7g-2236\u0026ed=us.\u0026i=admin100,27058,anthony.rollman.ctr@us.af.mil,Rollman,\u0026ts=1734988168\u0026564149750121869 HTTP/1.1\r\nHost: try-dating.fun\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Mon, 23 Dec 2024 21:38:40 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.3.3\r\nSet-Cookie: visited=1; expires=Wed, 22-Jan-2025 21:38:49 GMT\r\nLocation: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=9%2FQDSMODqVghzVm6zS2iJC2sMEHUDVjitGey%2FEoR085bKaHlM8MiOfNmEkL8p1%2BNp4akXq8nRiJ%2FiV%2Bzunaio5Q6l1y1BL6P7doMZFG6CzknZVOyz%2B0YQ2mGssTxw8GCng%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 8f6b7ffb183056a8-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=478\u0026min_rtt=478\u0026rtt_var=239\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=518\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":2,"dns":4,"connect":1,"send":0,"wait":280,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-12-23T21:38:40.778Z","timestamp":1734989920778,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /p7ut3wl?m=1\u0026t=100 HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/html\r\ncontent-length: 6820\r\nset-cookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv; path=/\r\ncache-control: private, no-transform\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6820,"size_decoded":6820,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (562), with CRLF line terminators","md5":"4802e1cbeb68f55242181a582d542229","sha1":"bde0192663857aa85c4f761c7efc9ed0a48aaea6","sha256":"ee8651a66a096aa28e81d4cee6df2d2c7b8322d27fc68e1032b2cd03ed6ec653","sha512":"f3ac25fd20b1af31577cb550c8712c61a41f6a85bbf85c715a55907e80f5862955099bb2a6bee6f6898cc028b70fc26af4ef7274a88edf7552350afcfc45a4f4","ssdeep":"192:x6CtGMRoHcj7x5CiaiGgX9tA2D3edwX6YdU2o:kW7CJ4tA2DedwX6F","tlshash":"9fe13008be0ed60e036203ebd13fe218d4aaed30d3639449f2fd493b57e1b1a5719896","first_seen":"2024-12-23T21:39:11.507214Z","last_seen":"2024-12-23T21:39:11.507214Z","times_seen":1,"resource_available":false,"data":null}},"time_used":621,"timings":{"blocked":226,"dns":38,"connect":34,"send":0,"wait":169,"receive":0,"ssl":149},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/css/bootstrap.min.css","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.374Z","timestamp":1734989921374,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/css/bootstrap.min.css HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/css\r\ncontent-length: 109540\r\netag: \"03d06426a30f77095d7511e1ca74d225\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:08 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 354f9eb41c4f44111da43ee93430d467ccc8f740dac6a89f93d2690a13b4c5b4\r\nx-amz-request-id: 1813EAF726C699C9\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 365\r\nx-ratelimit-remaining: 365\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028622#90909633/gid:0/gname:root/mode:33188/mtime:1732177688#477455732/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:08.524Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":109540,"size_decoded":109540,"mime_type":"text/css","magic":"ASCII text, with very long lines (65367), with CRLF line terminators","md5":"03d06426a30f77095d7511e1ca74d225","sha1":"d1a349294f6fe94ffb17a50097b37bd81e9ba56a","sha256":"3f7e6f3cb6ba8e2effbdd260131ce0d2f332fb00ba3feca1a5bc9c3ee7f9e2a6","sha512":"d726efc5415efba1b060bcd4a24175ae7126312731524e970037b8a8b2fb9be60ba9628106e32781050d34f5c8144bd2c9e7ebe1351ca3e37b9506c832533b7d","ssdeep":"768:PbGxwUkB1mlpztzuRdvGN6eABkdIUIbZbnbJN8gwaKNhL3tqNhkRQmNae:wwlwERdvGNIkabbRk3chs","tlshash":"b6b3d7a0f11031ea7223c55a71d0ed872619a053e66b4fb7f22f25d88f895ca1773f1a","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-02-01T00:37:34.90484Z","times_seen":4010,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":105,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/css/style.css","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.380Z","timestamp":1734989921380,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/css/style.css HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/css\r\ncontent-length: 20163\r\netag: \"f26dd61c20737e37f81af1feded8542d\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:08 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360\r\nx-amz-request-id: 1813EBF12B8F7DF8\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 336\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028622#746975134/gid:0/gname:root/mode:33188/mtime:1732177689#141448685/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:09.186Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20163,"size_decoded":20163,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f26dd61c20737e37f81af1feded8542d","sha1":"039903e8f39b3e667cd36a76126afd1c7a499b58","sha256":"426e3c652a8f228664241c41424a7e1cbbaeaf8b8a2d2248625706f954dec9a1","sha512":"77a1fbb2b02cc691567c5d3a7b5651782e77b27f069c13cedc1fb8417175e1a0a2f87ae8f0b29b8f49872f6e0164d67bc7abae09ec1b5a362d6415d514a9445b","ssdeep":"384:EojKhwQ9V2u7lmNTQdr6ZOPOK1vd7Br6q:EojKL9Yu7YAr6ZOPOK1vd7Beq","tlshash":"739254a9f54b240af31faad8b7b15a506ec540649b1a56dcf8ff20edd3d436c1334286","first_seen":"2024-11-21T16:29:51.944166Z","last_seen":"2026-02-01T00:37:34.892041Z","times_seen":1154,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/css/animate.css","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.383Z","timestamp":1734989921383,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/css/animate.css HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/css\r\ncontent-length: 61188\r\netag: \"1cbfbb2c4ef85880799a74ab2f290f2a\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:07 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EAF71CFD052C\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028621#650865699/gid:0/gname:root/mode:33188/mtime:1732177688#65460104/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:08.111Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61188,"size_decoded":61188,"mime_type":"text/css","magic":"ASCII text, with very long lines (460), with CRLF line terminators","md5":"1cbfbb2c4ef85880799a74ab2f290f2a","sha1":"9b6366d6c7ad05010f7070db70fba10754be6e9c","sha256":"bfdad6766b12a3826bf32024f0fc13fffbcee84f102034b9270da7e538451031","sha512":"58c8d90d0f16205527b110fa50a03b83f001af28841579522c6f9fa1c57bdeba92d6a5b0b4caff4ef84fcc11866e9183ee109c5c891639e1cd1dd8655decec0c","ssdeep":"192:CDvQHnvHQvFpjIBz+a+pjRfBV7lucqBJm7YfPZBWgQc95YKm/0kLyJgprWXhOX8N:CbWz71","tlshash":"1853e86a2c91114457720b25d7de4f6cea3ca17318226efab3c2548b8f61bac13cde57","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-02-01T00:37:34.895204Z","times_seen":5163,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":79,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/util/flag-icon/css/flag-icon.css","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.387Z","timestamp":1734989921387,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /util/flag-icon/css/flag-icon.css HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/css\r\ncontent-length: 40627\r\netag: \"0a47b937981e7389e3ebe63e4a503066\"\r\nlast-modified: Wed, 20 Sep 2023 15:26:15 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EB79E9C671A0\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134513#296037122/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40627,"size_decoded":40627,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"0a47b937981e7389e3ebe63e4a503066","sha1":"01b395ad016a1d9d15016d765f7d2c51a6e2809b","sha256":"d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39","sha512":"bca846a7ebd76adb4ccf01805cda0bfc53673570b58289057b2f595ac5700e83a80b574ee5e005c9ffbb003aa7872e45a9d35fb728bd35701b040435b2425e24","ssdeep":"384:94fWpOSJ/TqlgSxMUj6/GlQ1EzvxqFbyqVD:94+pvJTqlgSxMUj6/GlQY4yqR","tlshash":"9103096b9643e14fb713cf352b16a1086b9d2492dec18f2b297935ba99f7040b436f70","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-04-02T19:40:42.956581Z","times_seen":6766,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/cookie/js.cookie.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.392Z","timestamp":1734989921392,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /cookie/js.cookie.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4264\r\netag: \"a7e9883924072f15259de6888d5ef515\"\r\nlast-modified: Wed, 20 Sep 2023 15:19:53 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EAF5948B880B\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134513#248036972/gid:0/gname:root/mode:33188/mtime:1658397637#354375000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-21T10:00:37.354375Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4264,"size_decoded":4264,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1709), with CRLF line terminators","md5":"a7e9883924072f15259de6888d5ef515","sha1":"7f4f6e5938e68f55aef81e0cd0145f008cd28382","sha256":"985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c","sha512":"f6f2859b644b249cebe21b0af49c0efa046eedc95814ad4cac400b25d6fddbb7a155db420359ccfc8570eb18899cdc369dcbf5c137f4cb21f24b27f8f297be48","ssdeep":"48:MnCmrorDzy9AVYnVReoHEmFZqLghLVQiAdHy9QShp8dLocCTRTvg84Re6YzMtpyX:iCyojFOJEiXA1hyvt4T7tpyD2bm","tlshash":"4b91a5a4344535b9053b237513bf678bf575e8a22c8aa644ba4dc9a07f30c5f031afe6","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.580912Z","times_seen":6123,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/util/utils.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.394Z","timestamp":1734989921394,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /util/utils.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 7514\r\netag: \"85a42b1d6c8769fce99fb44aefb041b0\"\r\nlast-modified: Thu, 01 Aug 2024 07:23:36 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360\r\nx-amz-request-id: 1813EAF59ED57DA5\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 336\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1720010547#640143858/gid:0/gname:root/mode:33188/mtime:1719824938#357078843/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-07-01T09:08:58.357078843Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7514,"size_decoded":7514,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators","md5":"85a42b1d6c8769fce99fb44aefb041b0","sha1":"2c6ba9c724ceec8ab80658429a031f2991eb930b","sha256":"a487d76bb55539f230c127ef33550d5c455ac0b67ca2b78b87452345bb0dc718","sha512":"7eebcbd1a5452f24928918d459c99644a61122343f2b6167c29a8c13295550535935ab6764cc75d036ae4fbfcdff7ca91ca9388a3a91428e8da665f2ef540fc5","ssdeep":"192:nv6UDdoxY4iYiXKF3nwx16qI9S7+6uRIpauZy4hpjgRxtSY8xd:nv6wixY4iYi+3nwx16q97D3Zy47jgRxE","tlshash":"fbf1a79a330f311e87c633b1487e9408ac7ef8391796e095b9fd949464b0e1d3762ee8","first_seen":"2024-07-01T17:34:09Z","last_seen":"2025-10-23T07:06:12.476416Z","times_seen":6590,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/css/vegas.css","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.385Z","timestamp":1734989921385,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/css/vegas.css HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/css\r\ncontent-length: 19822\r\netag: \"357c7befa8bdef911f02f48f49e10628\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:09 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EC241AD5F8D9\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028623#735073788/gid:0/gname:root/mode:33188/mtime:1732177690#137438117/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:10.182Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19822,"size_decoded":19822,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"357c7befa8bdef911f02f48f49e10628","sha1":"47972e3c4591058dce82dd3b08bed8e0b8ae5c8f","sha256":"47f3bef4746b798892c7beff212618616b0950f33f416f03db243578f89135e3","sha512":"a7aac81c704949b79a988e76867fe18765cb7de65cb1f807b5b65bc9140bb76ddbcb32627917698e2e742defadaeac2cab718d8eb46f42aaebd28797040f354a","ssdeep":"192:Xz+OWMF/4yeKWfHVdBHlsQ0seq1jcBhveq1MtQqUFoo+oUaFEqaFEtRFEoRFEWyP:jzAyKew6ewm","tlshash":"d292af99f80759c492375a58e3da4a24d96ea49329127eecf3cd25cf0f7279c01c8ec6","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-02-01T00:37:34.896215Z","times_seen":3988,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":100,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/js/vegas.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.390Z","timestamp":1734989921390,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/js/vegas.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 22473\r\netag: \"ea8391e9e4f905102fef9737e225aba3\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:39 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EC241B9B8615\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1987\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028651#909886812/gid:0/gname:root/mode:33188/mtime:1732177660#44109095/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:40.097Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22473,"size_decoded":22473,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"ea8391e9e4f905102fef9737e225aba3","sha1":"2111929b9d64a20ecdeea04e3cf2a6633e09f428","sha256":"586607fdd9a798760719c89e72801e7f9f4af96a830fbbcee2889cffd521c239","sha512":"99b74beba57f023eeac792b77f3e3e7109c8fa279f1290d94ea056cd1a6ae784514eb24b3d2d01d511ded74d13b1934724033ea750aa9bdeb471c189b6ded131","ssdeep":"192:hzdEiLcmBWE4spGE9OICxPh+6Qw05RbJ1u1vqGDG2hYSwHSOV9Mfjsf5s9nhaGIt:hpE2/bJ3GLdM9MfjsfohNZvKz","tlshash":"aea2bd897f66510989b7e37a9f6a810ceb7682276503922d3cbd41c45fb1438436affc","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.906867Z","times_seen":1916,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/js/timer.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.399Z","timestamp":1734989921399,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/js/timer.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 639\r\netag: \"db12eacb17d6d147e21495e2f8787fff\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 5bbf9b091ca9dd795595b773b0f1d036407937e2098457815217f1ddbc67c996\r\nx-amz-request-id: 1813EAF727274899\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 343\r\nx-ratelimit-remaining: 343\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028649#469643174/gid:0/gname:root/mode:33188/mtime:1732177657#611891895/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:37.665Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":639,"size_decoded":639,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"db12eacb17d6d147e21495e2f8787fff","sha1":"32c7f9200e989eeb54df98b8ee70331a3b22789b","sha256":"b18fa00e948ce4a17e7cfa703c82e27fc8e1bababa97327ead9562c2281aff0f","sha512":"dd098bf6f1fc64bcd7efec3b6120fa2b5dbba0c063e99d8618c77e638a7765b23b8bf1b1821e52546af7bec6cba3f70be97594be438372da9f006a19b456e0e4","ssdeep":"","tlshash":"52f0f44837177b491eb1086e1bbde508d62ee522700f580924ccd0e19c9ee3a838ee6d","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.905886Z","times_seen":2626,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/bb.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.402Z","timestamp":1734989921402,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/bb.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 639\r\netag: \"0d553e4bac91c74bfee2dbabba61e99e\"\r\nlast-modified: Mon, 20 Feb 2023 09:29:45 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360\r\nx-amz-request-id: 1813EB08AA82FB9F\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 336\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676832256#258761277/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":639,"size_decoded":639,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (639), with no line terminators","md5":"0d553e4bac91c74bfee2dbabba61e99e","sha1":"5af71e2377c9c012a7826a695f2724901941b19b","sha256":"1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68","sha512":"105e5b23733e7bb443ba2080d606c2814b0acd2aaf228467d2ce532ff2f2ec0b292f8eb5189a24cd9f79b69a7e983b176dbd29e2d539dae7ca443821084f2894","ssdeep":"","tlshash":"c5f02d81bd1878f685cf3355871f2230903f08dd720ae982a8a46e622e2038dde1b7e0","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.592645Z","times_seen":13211,"resource_available":true,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/exit-new/exit1.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.403Z","timestamp":1734989921403,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/exit-new/exit1.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3473\r\netag: \"625e5e2950612f771e246beb33c9ea61\"\r\nlast-modified: Wed, 20 Sep 2023 15:23:09 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EB08AB479192\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134511#160030446/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3473,"size_decoded":3473,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators","md5":"625e5e2950612f771e246beb33c9ea61","sha1":"e4fc251c6c000496c285f8dc3fa097040b031681","sha256":"618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46","sha512":"655f0b373c605d0a464bedca4df204fb3aa12442c5b0aa3b8bf13e0604fd1e89480356e9c6cc9a432f81305bf1151caf4ac4ad9d8eb24eb78cbd11318e5b9657","ssdeep":"","tlshash":"e36156e4720e31ad93db3764c27fb11a7876e4b2d416a0b5a44c5c907434a1d6376cfd","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-02-01T11:35:43.37734Z","times_seen":13050,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/js/trls_loveme_casual.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.401Z","timestamp":1734989921401,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/js/trls_loveme_casual.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 15968\r\netag: \"fe9bcd27c507ed339bb6e127e0ba5a9e\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:38 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 354f9eb41c4f44111da43ee93430d467ccc8f740dac6a89f93d2690a13b4c5b4\r\nx-amz-request-id: 1813EC24253270D2\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 365\r\nx-ratelimit-remaining: 365\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028651#241820112/gid:0/gname:root/mode:33188/mtime:1732177659#332045504/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:39.381Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15968,"size_decoded":15968,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"fe9bcd27c507ed339bb6e127e0ba5a9e","sha1":"d42529b16b5385bf270678bdb5afc4dd62a0333c","sha256":"438d3925fc872661a31e1f5b8ddd550e8c5b2113cfd23ed7e9a727bf4ff26969","sha512":"913673007b15c5a0d0401f91fe03d3a1f0b1199c7d84c84893f738e115ad2d1993aceefed3462346f0597dddac69b246d8d908b8d99b2026b91bb4da5b54311f","ssdeep":"384:SCOCsgtymBJ+Qx79dHbubiNP+ypBP2AcqYCOr3Cf0:rfsgtyM9bP+oRK","tlshash":"8d624e7bfb8f44f9fad023409672e902a41df1bfc399e069356e54aa1191c1482af58b","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.886522Z","times_seen":1857,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/images/flirt_logo.svg","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.397Z","timestamp":1734989921397,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/images/flirt_logo.svg HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4939\r\netag: \"037c209aa2e3d00d37633d832af76752\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:49 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EBF15CDA8FE0\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028637#8399019/gid:0/gname:root/mode:33188/mtime:1732177670#109008066/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:50.158Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4939,"size_decoded":4939,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"037c209aa2e3d00d37633d832af76752","sha1":"4eab6ad305760586453c1c87ee34b23f03806b8d","sha256":"ea1161fca6b102661f5c1f2b1b10bdda1b7887f608ca13d900c9c596e4480d62","sha512":"88f60e11cd08e3ee5e6264654a124372ceb563fdeedb8812e5a0c644dcefa9217728b2ccaee6526e9441675241102d9c2db4ea16204bff1850ac61213fcb7c3a","ssdeep":"96:mZRnh2Noj8WjtgghNMcwfEb+VtUO3tTRL31Bnh0AF7UdUzKPXG8R:mRLjDZggIcpb+3Z3tFXuAxiUzj8R","tlshash":"d1a142980ba75be8a98473da88131271376fe4feaeb78254c245d732381245cdc408db","first_seen":"2024-11-21T16:29:51.957938Z","last_seen":"2026-02-01T00:37:34.892987Z","times_seen":1139,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":113,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/js/jquery.js","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.389Z","timestamp":1734989921389,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/js/jquery.js HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 93068\r\netag: \"261c2803d4c5f060a7bb9388a85533be\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:36 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360\r\nx-amz-request-id: 1813EC2423C7D352\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 336\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028648#701566486/gid:0/gname:root/mode:33188/mtime:1732177656#859824738/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:36.907Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93068,"size_decoded":93068,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32072), with CRLF line terminators","md5":"261c2803d4c5f060a7bb9388a85533be","sha1":"90a234032123056ad72e3a35eabe88f9042923f2","sha256":"4d62766346c8fd39371d0c01f931efae320a5ecceb96f7c8e4716036741e19df","sha512":"6a505adaab6bc468e0aaa728089a44cb7563ba180287e511304b34df0334b32b1987984b9a11bbb95b0ce3edca52661a5754269276b2ae25355fd4fce618a487","ssdeep":"1536:c4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RAfDknv+p0WzH/Io9Z7qABZnu0sFy:cGsKXAI2p0WP9bDrstfa5","tlshash":"3a93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-04-01T11:04:52Z","last_seen":"2026-04-03T03:13:40.277578Z","times_seen":1170,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/fonts/5c92d5d3e39a260d5dd06ced7eca070d.woff2","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.712Z","timestamp":1734989921712,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/fonts/5c92d5d3e39a260d5dd06ced7eca070d.woff2 HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/css/style.css\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 22284\r\netag: \"5c92d5d3e39a260d5dd06ced7eca070d\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:10 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EC242F6BBDAA\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028624#863186422/gid:0/gname:root/mode:33188/mtime:1732177691#353425218/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:11.4Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22284,"size_decoded":22284,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22284, version 3.786","md5":"5c92d5d3e39a260d5dd06ced7eca070d","sha1":"64df09fd462e6bb76890b7782578777b901f2003","sha256":"2a99c11dd137ef8b515b3a95d2bdb38ec99bf745b2865196aa910628bcb144b9","sha512":"973d8236ff36779be71c75694a1ee5e6ccb6ce656260071e6ff6309a391a7de1357fc00437986a8b42ab3c409e821a58c810701116867b3833df0873dc05b7dd","ssdeep":"384:EWQxHPyVmkdQDmRCsP5V0BKWbOCamb323fyFeP7mplzfHar43CF5Gjru3JFU:EW+HOdeGCsP1/CG3dPqrz/ar005KWJy","tlshash":"3ca2e11c4e18f813b7203a5c99adb965f21e1617da99cc5d0f677ae4b2c0c4e4a51f43","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-05T12:58:43.622733Z","times_seen":4414,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/fonts/b796339b324ec08006ca04dca90284cf.woff2","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.719Z","timestamp":1734989921719,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/fonts/b796339b324ec08006ca04dca90284cf.woff2 HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/css/style.css\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 21796\r\netag: \"b796339b324ec08006ca04dca90284cf\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:11 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EC242FAA7036\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028625#187218772/gid:0/gname:root/mode:33188/mtime:1732177691#705421484/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:11.753Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21796,"size_decoded":21796,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21796, version 3.786","md5":"b796339b324ec08006ca04dca90284cf","sha1":"4283d779705f09e68939572df76c52cb41a3ec68","sha256":"d65bbca022f8953936d6e60b9a59fc27f9bfd74ba96257ffe14df83b3d8eb0e3","sha512":"912eba7649b612ea851ceff16addef13222fbc90656d1f6af737a55f34a24ea6154012afbbe8846d3e6fe1ebaf241de3c331ed97a212060bb979ac449823935f","ssdeep":"384:XuEqeSLLtQo1wtvqD67EE1LagdLGHkTU3brpWPGJyuHabAZOZ7EPmH:sHt5wtvtEEha5HkIJ0GJrFZOZEeH","tlshash":"29a2d12a6c85818c8291d435b3f6222e3572f970e6f1d3db753af478226b44ca35ecd1","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-05T12:58:43.575821Z","times_seen":4417,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/fonts/bcf3bb1b7f7a3436181788e748bae013.woff2","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.716Z","timestamp":1734989921716,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/fonts/bcf3bb1b7f7a3436181788e748bae013.woff2 HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/css/style.css\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 14772\r\netag: \"bcf3bb1b7f7a3436181788e748bae013\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:11 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360\r\nx-amz-request-id: 1813EC24382B566A\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 335\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028625#499249925/gid:0/gname:root/mode:33188/mtime:1732177692#53417792/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:12.1Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14772,"size_decoded":14772,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14772, version 3.327","md5":"bcf3bb1b7f7a3436181788e748bae013","sha1":"8ee24d38f618f070a43619f1d471d90f17d666f1","sha256":"42e50c76c1bf569cb8b597ffc8cdd18a6f4a311832f46fdc1489145027550781","sha512":"3dfc74ace5f336c2c3b2518bc0c991dd4f370b6678d9a96ef9448d056aa1abd7d0884310c23299348f72011610f7d6a0e6772e3fd803e75bf9525dccbebd7860","ssdeep":"384:VI1b2Gbko0p2ZFD/aV74+1NahzVZkHCK967ssUyer:VkbhYo0pqFGVM+1Iny9679Uy+","tlshash":"ef62df91fe949fbbc27cc0bd8a7de9043991d54b03522228066f9f8b38b21378cc1e59","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-05T12:58:43.570948Z","times_seen":4425,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/images/scandinavia5_alt.jpg","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.742Z","timestamp":1734989921742,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/images/scandinavia5_alt.jpg HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 126683\r\netag: \"bffdb574e3ab8f9d16a875f4b6198710\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:55 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: af968cfc53e5d4d46c2a7314ea3774fe010d1d1a8defca6495a09901b4f201c0\r\nx-amz-request-id: 1813EC2439DBDEEB\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 336\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028642#196917051/gid:0/gname:root/mode:33188/mtime:1732177675#629501258/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:55.676Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":126683,"size_decoded":126683,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"bffdb574e3ab8f9d16a875f4b6198710","sha1":"53c165f892c41cb5e9b16d2bc3e231dfc829b057","sha256":"353ae5fbc61b5a9efe59e2047e9e0abeb454b5af1c286a93f12ce3890d458175","sha512":"bd78c06fe3b667dd8c88da95638aedc74cb51b21fade7b3238cfbc5d3dac0612fc25f34e8a83eb893c14c2732f4057c640f2237ea40f95233ce41b35fc13e613","ssdeep":"3072:538CzdvzUU1wtjrO/bBtDASI6xuYfXjByWOs2k02TYovUBDUU5RPZqeVHpDrIRLH:9tzdvzUU1IjAbfDASI9YfzByAj0qYaWk","tlshash":"22c3e0139c59ab93a5108bf9be031ca81f09231cf9d139fe2163aee73d742251d0e56e","first_seen":"2024-01-16T04:09:26Z","last_seen":"2025-10-07T01:21:19.614452Z","times_seen":1820,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":88,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/util/flag-icon/flags/4x3/no.svg","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.906Z","timestamp":1734989921906,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /util/flag-icon/flags/4x3/no.svg HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/util/flag-icon/css/flag-icon.css\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 331\r\netag: \"c7ecfe59439b5fd23924fd206cf2fded\"\r\nlast-modified: Wed, 20 Sep 2023 15:26:17 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EC243B3B3ED5\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134513#304037147/gid:0/gname:root/mode:33188/mtime:1655386305#848080000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:31:45.84808Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":331,"size_decoded":331,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c7ecfe59439b5fd23924fd206cf2fded","sha1":"056fbd2b17c7f08bfb480d21973a96bf86fbd72a","sha256":"4027f3320608508754640a6de4cb1cdabdef4654b5a214e875c134802345683f","sha512":"b599bc79feb6f5f93d191b92beade2c05935b10788e4b31f01ab480695ecb131d007816185cb7f5559a6d94bb7bc7720106fb5e54f60970ce43d3994f7f7f7a1","ssdeep":"","tlshash":"68e0cded91bcfc148b3083102f2d7ae288a5f4c6a09506f7fc51311a615f596cdc3605","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-02T19:40:42.987349Z","times_seen":6404,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700\u0026subset=latin,cyrillic","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.371Z","timestamp":1734989921371,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Dec 2024 08:36:58 GMT","end":"Mon, 24 Feb 2025 08:36:57 GMT"},"fingerprint":{"sha1":"30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D","sha256":"7D:F5:AB:9A:97:34:D8:88:D9:F0:60:60:A2:9D:D1:4F:BF:36:29:43:AA:5D:4E:48:B3:17:0C:A5:B7:05:FF:BF"}}},"request":{"raw":"GET /css?family=Roboto:400,300,700|Raleway:400,700\u0026subset=latin,cyrillic HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 23 Dec 2024 21:38:41 GMT\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8482,"size_decoded":8482,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression","md5":"e2661c09af72c563f7b4aacbc7725e21","sha1":"e9f331830127bc486138e695d214d752a758c75e","sha256":"fb0f76164767ae1b51f566d4e22f85772c6f863e31c2f416d161af95642dae06","sha512":"2da5fb413b5e263d2358f626a4d0b18103fd4030b02d9bc57101437359e046f6470e05c00584bc04f3237631dfcb303c11325716469287a9594b23ab282ce282","ssdeep":"192:6e3cEQRgcEulXvZEQidwCcRnrxFxfGbknNJk+LfT6it2TKrWFkhAS4T/5:MEVOXiwPjxfGbejnfT/t2/FsAS0","tlshash":"c902ae35be944ca5de1c417759b14fe52e2e30087f11cecb5a5e1adca10edda08a12ae","first_seen":"2024-12-23T21:39:11.540887Z","last_seen":"2024-12-23T21:39:11.540887Z","times_seen":1,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":91,"dns":1,"connect":8,"send":0,"wait":21,"receive":0,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/fonts/2e5fca371696cab9fb5a9fe214c1319c.woff2","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.907Z","timestamp":1734989921907,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/fonts/2e5fca371696cab9fb5a9fe214c1319c.woff2 HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/css/style.css\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 21908\r\netag: \"2e5fca371696cab9fb5a9fe214c1319c\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:10 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 5bbf9b091ca9dd795595b773b0f1d036407937e2098457815217f1ddbc67c996\r\nx-amz-request-id: 1813EC2443A34165\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 343\r\nx-ratelimit-remaining: 343\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028624#535153670/gid:0/gname:root/mode:33188/mtime:1732177691#1428951/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:11.045Z\r\nexpires: Tue, 23 Dec 2025 21:38:41 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21908,"size_decoded":21908,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21908, version 3.786","md5":"2e5fca371696cab9fb5a9fe214c1319c","sha1":"4bd3fe039b2f65d10d1b8c1b30c7962bdc313b7a","sha256":"f8b1a05998ba7e93e5c9f41b004496a3576b8d10d9fafc2f7014894ebc3e72e9","sha512":"5e0fc1c5b768d270b1b6fb5abb229d6c668ecc31269818d82b0e33125671aa876a805383d63f3d6b99b24baf8428525240fa05326309640a7c4f5d50c0db4ac5","ssdeep":"384:gBd7eI524xG1u/eBQLE2rPDR5VdqvlG+zFvpLdLAl3sQC15mwA:qZewBj/ZzbXVcvpLtALY5mwA","tlshash":"e0a2d04fef5e681bee938d758d9e908868862946af457760a3fc532374970ea07809d0","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-02-01T00:37:34.902051Z","times_seen":4000,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/favicon.ico","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:42.011Z","timestamp":1734989922011,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:42 GMT\r\ncache-control: no-transform\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/images/scandinavia4_alt.jpg","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:47.000Z","timestamp":1734989927000,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/images/scandinavia4_alt.jpg HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 171781\r\netag: \"e23a20555d1a9fd6f5f7a988dcf84a46\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:54 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EC256BC6F3C6\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028641#768874315/gid:0/gname:root/mode:33188/mtime:1732177675#169460155/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:55.216Z\r\nexpires: Tue, 23 Dec 2025 21:38:47 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":171781,"size_decoded":171781,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"e23a20555d1a9fd6f5f7a988dcf84a46","sha1":"42c966cbbd9e6bec41ceef39e437066acc74295c","sha256":"f042e79c205194be5f3bfe06e3f51f94dd9565ebf2d49a38249b374348c78f64","sha512":"57d703b7f615fb84646915b4c5b37dc0c8518212cc84617d9a7228367adf1fa5de5ad55c052d503c2a790bdced09321063966678293e20c8299552c3e4222236","ssdeep":"3072:5rJpDCTA8XNxqA7FeQtrBBsmLjPioh1htKL2T26Rnv7+sKwCiVC:ZzOH9xt7VtBBBS61ht6kZRnvSsKaY","tlshash":"42f3233ab8125390ca1b5d67aafc280bce69c77ce82015d4d925ccd87c525ccec26f4b","first_seen":"2024-01-16T04:09:26Z","last_seen":"2025-10-07T01:21:19.640134Z","times_seen":1814,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/images/scandinavia3_alt.jpg","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:52.266Z","timestamp":1734989932266,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/images/scandinavia3_alt.jpg HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 170472\r\netag: \"54e56c85dd6db91ed3618f1e762aba17\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:54 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1813EC26A5A316A7\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 1988\r\nx-ratelimit-remaining: 1988\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028641#348832376/gid:0/gname:root/mode:33188/mtime:1732177674#689417266/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:54.735Z\r\nexpires: Tue, 23 Dec 2025 21:38:52 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":170472,"size_decoded":170472,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"54e56c85dd6db91ed3618f1e762aba17","sha1":"1f3970b0dc03ffdf765972273fb4d4f267885e62","sha256":"615e0e68e832666367cf03143faeb1106d064bf65b04cf547b6e85fa4b69bf33","sha512":"bba8a5d4f264740b8c3660a2ba1badc938d352723fd6e12e81f900f07dfa97200531ef662a8199620188f97f0dc35f24d4cf62a8b26e2122ee0e645ab8b8b4d4","ssdeep":"3072:96sXQTHrYKxaSu1eCrwhXr+zzBZDGYXl9hfkDhwEGtvJvUCXD3WSTHL:Ys0krS0NOXCvBRGYX3hMD1Gtx9lDL","tlshash":"7af3129aba122527a405de2055f92b0ea4273c9cc8aa937e4d73f23df44e738c53525f","first_seen":"2024-01-16T04:11:19Z","last_seen":"2025-10-07T01:21:19.619313Z","times_seen":1811,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigdatajsext.com/ExtService.svc/getextparams","fqdn":"bigdatajsext.com","domain":"bigdatajsext.com","tld":"com"},"ip":{"addr":"136.243.216.252","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:41.726Z","timestamp":1734989921726,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P384","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bigdatajsext.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Dec 2024 21:53:28 GMT","end":"Fri, 21 Mar 2025 21:53:27 GMT"},"fingerprint":{"sha1":"0C:3D:22:9F:8F:96:B2:FB:6A:35:14:47:83:F3:2D:3F:2C:FE:B8:B1","sha256":"8F:52:BD:91:96:B1:3C:79:99:60:7F:BE:3D:84:CC:CF:23:FA:6A:CD:A0:CC:A1:2F:E5:41:36:F5:73:4E:69:66"}}},"request":{"raw":"GET /ExtService.svc/getextparams HTTP/1.1\r\nHost: bigdatajsext.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://e5gpmrd.elites-sweetsthemeets.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 23 Dec 2024 21:38:41 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9841,"size_decoded":9841,"mime_type":"application/json; charset=utf-8","magic":"gzip compressed data, from Unix","md5":"83fc0b89ba62da822b2a3d38dd5ac58d","sha1":"b6c556ff2ef79eb3c0e634c9637566e8e7d84369","sha256":"f0539eeba419b6ec56458af303d6097979f9d3987703c3dbb54c7dec01dc9325","sha512":"0e0c63b612e3de0ae32c0d20d9fcf2765719a8b538a1ea4a453e502abd0cce29cd6ce4d7770d68d696381c03c78cd184681f453a18c1acfc4a36a010ea6ff58d","ssdeep":"192:F3knEsKJUNUv+OdtOUY8JVg7yef/DFqDlDPOMjDqlt38iPjgQvyVfXgUkqL9Lu/J:FmEvJwadtRA7yezaW58iPA6/2ixOQ","tlshash":"a012ae93f692e106f75132b357de063075cf38126482eba2492f94e7103282bbb98678","first_seen":"2024-12-23T21:39:11.547318Z","last_seen":"2024-12-23T21:39:11.547318Z","times_seen":1,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":89,"dns":1,"connect":24,"send":0,"wait":25,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/images/scandinavia2_alt.jpg","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":443,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100","date":"2024-12-23T21:38:57.532Z","timestamp":1734989937532,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/images/scandinavia2_alt.jpg HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:38:57 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 146528\r\netag: \"af26061e4eee0ad8268416168c349fac\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:53 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 5bbf9b091ca9dd795595b773b0f1d036407937e2098457815217f1ddbc67c996\r\nx-amz-request-id: 1813EC27E7073995\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 343\r\nx-ratelimit-remaining: 343\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732177674#257378667/gid:0/gname:root/mode:33188/mtime:1732177674#213374736/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:54.262Z\r\nexpires: Tue, 23 Dec 2025 21:38:57 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":146528,"size_decoded":146528,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"af26061e4eee0ad8268416168c349fac","sha1":"5820f240a3c6f0eee93ff60131e10faa88ac460b","sha256":"0e7108ec937b3039342591ac96f32ce20a4f7b65996a444a452163626b62eec5","sha512":"36a617d7bde95910e24b0f0532067ade2695d08afe1fb0b21df6b824761e5a634aa64aeb4e88141d17a37e80b06444e280b82c3a03835d7b56b8a3da0955664c","ssdeep":"3072:R9FU23miGbfhMwNgdQVv+QDgF8+IBiO684Hb7mBrw7CAh:tUAafzN9v+Q0FnkB5B+C6","tlshash":"7be31292592bb15b84e3f931985a68a8cdf745d1d358381f026ea4cc142fb21f34e6fe","first_seen":"2024-01-16T04:09:26Z","last_seen":"2025-10-07T00:50:04.256346Z","times_seen":1820,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"e5gpmrd.elites-sweetsthemeets.com/media/dating/flirtup/images/scandinavia1_alt.jpg","fqdn":"e5gpmrd.elites-sweetsthemeets.com","domain":"elites-sweetsthemeets.com","tld":"com"},"ip":{"addr":"185.155.184.85","port":0,"asn":5398,"as":"AS5398 SA","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-12-23T21:39:03.066677777Z","timestamp":1734989943066,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elites-sweetsthemeets.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Fri, 13 Dec 2024 14:01:57 GMT","end":"Thu, 13 Mar 2025 14:01:56 GMT"},"fingerprint":{"sha1":"DF:06:65:0B:5C:A0:56:37:B5:40:5A:95:63:7B:62:07:F3:DB:F8:C2","sha256":"86:32:44:38:86:A5:88:29:77:64:3B:DE:D4:B9:1D:9C:7D:01:48:CC:01:EE:4C:DA:E7:1B:EA:75:24:73:DD:87"}}},"request":{"raw":"GET /media/dating/flirtup/images/scandinavia1_alt.jpg HTTP/1.1\r\nHost: e5gpmrd.elites-sweetsthemeets.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://e5gpmrd.elites-sweetsthemeets.com/p7ut3wl?m=1\u0026t=100\r\nCookie: sid=t4~rgjwb1u0o5oeiiqj2ymbdexv\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 23 Dec 2024 21:39:02 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 132802\r\netag: \"19b66b80d93b12a4f00f18a467d9e6be\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:53 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, Accept-Encoding\r\nx-amz-id-2: 5bbf9b091ca9dd795595b773b0f1d036407937e2098457815217f1ddbc67c996\r\nx-amz-request-id: 1813EC2923D23EA0\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 343\r\nx-ratelimit-remaining: 343\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028640#296727331/gid:0/gname:root/mode:33188/mtime:1732177673#781336136/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:53.827Z\r\nexpires: Tue, 23 Dec 2025 21:39:02 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":132802,"size_decoded":132802,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"19b66b80d93b12a4f00f18a467d9e6be","sha1":"226d6a060f76324be719be6317828f1547208bb0","sha256":"6b7139ccbab356327e683edfde4cc7d9f75654dc6162a0970b31543f73d0ca17","sha512":"2d4e6bb30a10e42276b4d96827157e52ee3fdc489a2f9d9bac449ac3cdb65cc50b81f48090527f6388e23017b666f613bfb878a929abbd0675a0af03bbef1d8a","ssdeep":"3072:Gw3DnbwG8zEY31p8tEF5Ml0ePx/6yEh8xpYn49q21DU/D:GGDUZzEW1p+GO/6Jko40kQD","tlshash":"70d3123e5c5a02257b8e97dc598f319b7272ec143e35399f5b091d4b32b8b90353292a","first_seen":"2024-01-16T04:09:26Z","last_seen":"2025-10-07T01:21:19.675818Z","times_seen":1825,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-12-23","alert":"Sinkholed","trigger":"elites-sweetsthemeets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"try-dating.fun/?pa=omjyf\u0026s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d31303026263534303937393931323838363339362664693d37672d323233362665643d75732e26693d61646d696e3130302c32373035382c616e74686f6e792e726f6c6c6d616e2e6374724075732e61662e6d696c2c526f6c6c6d616e2c2674733d3137333439383831363826353634313439373530313231383639\u0026","fqdn":"try-dating.fun","domain":"try-dating.fun","tld":"fun"},"ip":{"addr":"172.67.193.120","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-12-23T21:38:40.205Z","timestamp":1734989920205,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"try-dating.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 09 Nov 2024 07:38:44 GMT","end":"Fri, 07 Feb 2025 07:38:43 GMT"},"fingerprint":{"sha1":"C6:27:1C:87:19:01:D9:37:2D:86:D1:F7:4A:87:39:A5:30:20:87:71","sha256":"D0:0D:4D:FF:9A:45:55:4A:B9:CF:9D:88:B8:3C:51:CC:DE:97:62:CA:BC:A9:95:AF:A7:E5:40:2E:66:08:DA:D1"}}},"request":{"raw":"GET /?pa=omjyf\u0026s=687474703a2f2f646174696e6773722e636f6d2f6e65772f3f733d31303026263534303937393931323838363339362664693d37672d323233362665643d75732e26693d61646d696e3130302c32373035382c616e74686f6e792e726f6c6c6d616e2e6374724075732e61662e6d696c2c526f6c6c6d616e2c2674733d3137333439383831363826353634313439373530313231383639\u0026 HTTP/1.1\r\nHost: try-dating.fun\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 23 Dec 2024 21:38:40 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: http://try-dating.fun/new/?s=100\u0026\u0026540979912886396\u0026di=7g-2236\u0026ed=us.\u0026i=admin100,27058,anthony.rollman.ctr@us.af.mil,Rollman,\u0026ts=1734988168\u0026564149750121869\r\nx-powered-by: PHP/5.3.3\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=mfBqtlvfNbZ2H3oyGBWL9ZzNXWFnDBquYfm0vurcXPhgLgm2qVJFyxk84V5w5AwLl%2BMF%2FHVcXUJvpsh6a77yg39LPQJF%2FOrfwDY9EmSWBbohcXZZlZvPs5c96BDHv1AAlQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8f6b7ff959c45688-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=1552\u0026min_rtt=941\u0026rtt_var=700\u0026sent=8\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3208\u0026recv_bytes=1346\u0026delivery_rate=4414634\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=7100232486ebef7f\u0026ts=259\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":6820,"size_decoded":6820,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":9,"dns":1,"connect":2,"send":0,"wait":240,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}