{"report_id":"c22af427-1295-4563-bb0f-e6a5785df484","version":6,"status":"done","tags":[],"date":"2023-09-11T01:30:52Z","url":{"schema":"http","addr":"hentainudes.com/https:/hotgaymovies.com/https:/hotgaymovies.com","fqdn":"hentainudes.com","domain":"hentainudes.com","tld":"com"},"ip":{"addr":"104.21.66.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"title":"Looking for sex tonight in Oslo?"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-28T07:35:18Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"hentainudes.com","ip":{"addr":"104.21.66.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-07-07","domain_rank":0,"first_seen":"2015-12-20 13:28:21","last_seen":"2023-09-11 03:29:59","alert_count":0,"request_count":7,"received_data":239905,"sent_data":3475,"comment":"","tags":null,"fingerprints":null},{"fqdn":"a.magsrv.com","ip":{"addr":"205.185.216.10","port":0,"asn":20446,"as":"STACKPATH-CDN","country":"United States","country_code":"US"},"domain_registered":"2023-08-01","domain_rank":0,"first_seen":"2023-08-04 18:18:00","last_seen":"2023-09-10 19:41:14","alert_count":0,"request_count":2,"received_data":68372,"sent_data":820,"comment":"","tags":null,"fingerprints":null},{"fqdn":"a.orbsrv.com","ip":{"addr":"205.185.216.42","port":0,"asn":20446,"as":"STACKPATH-CDN","country":"United States","country_code":"US"},"domain_registered":"2020-05-16","domain_rank":0,"first_seen":"2023-08-10 09:24:24","last_seen":"2023-09-11 01:16:11","alert_count":0,"request_count":1,"received_data":34187,"sent_data":403,"comment":"","tags":null,"fingerprints":null},{"fqdn":"i.redd.it","ip":{"addr":"151.101.1.140","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2010-05-31","domain_rank":5933,"first_seen":"2016-05-24 22:20:56","last_seen":"2023-09-10 20:14:45","alert_count":0,"request_count":1,"received_data":294938,"sent_data":424,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.207.202","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2023-09-10 22:17:38","alert_count":0,"request_count":1,"received_data":1893,"sent_data":482,"comment":"","tags":null,"fingerprints":null},{"fqdn":"data-jsext.com","ip":{"addr":"54.37.5.177","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2022-07-27","domain_rank":0,"first_seen":"2022-07-27 07:02:20","last_seen":"2023-09-10 19:59:54","alert_count":0,"request_count":1,"received_data":728,"sent_data":498,"comment":"","tags":null,"fingerprints":null},{"fqdn":"easy-bestwoman.life","ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2023-08-30","domain_rank":0,"first_seen":"2023-08-30 11:30:02","last_seen":"2023-09-10 23:20:59","alert_count":24,"request_count":24,"received_data":1074295,"sent_data":13001,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":175,"first_seen":"2018-07-01 08:43:07","last_seen":"2023-09-10 18:13:14","alert_count":0,"request_count":1,"received_data":699,"sent_data":333,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sw.onedragon.win","ip":{"addr":"104.21.7.167","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-03-05","domain_rank":0,"first_seen":"2022-06-16 13:04:37","last_seen":"2023-08-24 01:29:39","alert_count":0,"request_count":1,"received_data":20652,"sent_data":546,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:38Z","timestamp":1694395838,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41161,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:38.338784+0000\",\"flow_id\":91383712852832,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":41161,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":9419,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:38.338784+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:38Z","timestamp":1694395838,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58728,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:38.338606+0000\",\"flow_id\":1275742419561134,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":58728,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":38300,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:38.338606+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:38Z","timestamp":1694395838,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":32934,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:38.828095+0000\",\"flow_id\":812628980966079,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":32934,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":48971,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:38.828095+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:38Z","timestamp":1694395838,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39331,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:38.830846+0000\",\"flow_id\":1683124362587518,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":39331,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":41074,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:38.830846+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:38Z","timestamp":1694395838,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45233,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:38.833099+0000\",\"flow_id\":1381536054031947,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":45233,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":23428,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:38.833099+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:38Z","timestamp":1694395838,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35358,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:38.831544+0000\",\"flow_id\":2033722542960696,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":35358,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":865,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:38.831544+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:38Z","timestamp":1694395838,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41799,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:38.834543+0000\",\"flow_id\":616029000481775,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":41799,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":56701,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:38.834543+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:39Z","timestamp":1694395839,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45988,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:39.243740+0000\",\"flow_id\":2248623379167260,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":45988,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":37127,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:39.243740+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:39Z","timestamp":1694395839,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":54907,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:39.244746+0000\",\"flow_id\":2141380193270794,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":54907,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":32352,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:39.244746+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:39Z","timestamp":1694395839,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60097,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:39.246374+0000\",\"flow_id\":873022663672422,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":60097,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":50811,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:39.246374+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:39Z","timestamp":1694395839,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50838,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:39.248836+0000\",\"flow_id\":2060235376151556,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":50838,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":39377,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:39.248836+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:39Z","timestamp":1694395839,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59834,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:39.249835+0000\",\"flow_id\":622720559599595,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":59834,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":13851,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:39.249835+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:39Z","timestamp":1694395839,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60256,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:39.459533+0000\",\"flow_id\":299479173366541,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":60256,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":19590,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:39.459533+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:44Z","timestamp":1694395844,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46769,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:44.562611+0000\",\"flow_id\":193745668838835,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":46769,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":39254,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:44.562611+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-09-11T01:30:49Z","timestamp":1694395849,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":54583,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Observed DNS Query to .life TLD","source":"{\"timestamp\":\"2023-09-11T01:30:49.880217+0000\",\"flow_id\":65839395597913,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.134\",\"src_port\":54583,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027867,\"rev\":5,\"signature\":\"ET INFO Observed DNS Query to .life TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_08_13\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":44460,\"rrname\":\"easy-bestwoman.life\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":90,\"bytes_toclient\":0,\"start\":\"2023-09-11T01:30:49.880217+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/js/vegas.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"85310f0fc6d54ab6c4aa2a2efa1e8514","sha1":"dbd124ed40a22170b23709711d4572ff93c9fe6f","sha256":"17d0a5e4e45104aec83860cf51f19bb232747a586a74fc841b9771a9aa9e42b2","sha512":"6714e26d04e4385529a740b740ec11f06235f5b323f233120b9d0358d2b9300f9497d97677f5f091e18016ad7f440f7d3e1aadd67e16ff39dd19ac0f564e56fd","ssdeep":"192:hz8shmGr7AU7AF2pI7oP0zd6ilknsV7JViSiSCluzdF2UImlCIkdeA3sfddNdzrh:hq9p7iQF91rKeRlzW1oPImdLNlDlOq","tlshash":"38a297497ef750098997e07a5fdf9008e674810b680aea2c3c9d52c49f9563853baff8","size":21792,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2024-08-21T09:43:52.475697Z","times_seen":2074,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/cookie/js.cookie.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7e9883924072f15259de6888d5ef515","sha1":"7f4f6e5938e68f55aef81e0cd0145f008cd28382","sha256":"985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c","sha512":"f6f2859b644b249cebe21b0af49c0efa046eedc95814ad4cac400b25d6fddbb7a155db420359ccfc8570eb18899cdc369dcbf5c137f4cb21f24b27f8f297be48","ssdeep":"96:3+bMojFkR0WIxWXATmnv5h8VatgNyyd2jMAp0:3zoa0WIcXATs8atgNyM6pp0","tlshash":"ec91b7783c1535b80d06237513bf668b7077bc567c865710b64cd998eb28c6b8316fe2","size":4264,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-12T06:19:36.709046Z","times_seen":6127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/util/utils.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"01816d15ca03032751161a746e2fb7c3","sha1":"dcc72ea5fa1356490ba473288159df9786b4a3c3","sha256":"8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea","sha512":"88f23b9e14db5d4cde23de38ac1a33e0423c9bf33ae714b39b79ba7a062eae33b74515fd9c095d86c1b6971e21990050f6457814a151dc01539a56f624996b9f","ssdeep":"192:C018ojHD3/HDg8bQgdT0p+MSRzS6S+8izeLeR4OeH/t060SDWF:T18ojHD3/HDnQgdTDMSJS6S+8ibR4OMk","tlshash":"a502517e3a3e352a1d0a237d1cdad949247bfc2b754156326929b848d0ece5ce312eb1","size":7512,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-02-04T20:58:21.377863Z","times_seen":8809,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b8444e94fdf3716d2bb5b53defa7cc77","sha1":"0f2f13cbc7aee158c64629aef74bcd9f65095cc2","sha256":"e4239da106861a3e0a6c00e09817ab4f1453403bc53dec6f43cc8f4f3c68702b","sha512":"2ac44710c527957198240bd5c8ca9c909487fe29cfaedb3dc53bd446a5c5da904bc680cbb3f17645d04687980d06e8b1d9d8a37ec46e589d5f8382ff4f572ef4","ssdeep":"","tlshash":"550144c43a21ec49d063bcad9e3c6d372051bc3ec28eb4882488c20a79544b0631acb9","size":665,"data":"","first_seen":"2024-08-21T07:05:49.109703Z","last_seen":"2024-08-21T07:05:49.109703Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/js/timer.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"40fe503eb84093a37b15e39365ffc587","sha1":"911128043c901314d283fe478477d26e2b3d821a","sha256":"60b0f0de4c72c1ce9c05b36ba776f12538b1d9b80858b7099068a3e7e0415bc1","sha512":"d7858b59dda7bc0e9709db874d1a41afb8624a670e2ac3ca1dfdca72fe043b5af17eaa97d9b6f7afa287ec43b48e5bb06dd3dc3f97a05e133c2fc374a2fbcf06","ssdeep":"","tlshash":"6501f91807376b2c0eb51f8e07aee808561bfd15712f990918ddf8e0589ee29d54de2e","size":621,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2025-12-31T22:01:34.290298Z","times_seen":2692,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/js/jquery.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"df6173bad69801a82b84701789ab16c5","sha1":"94908755cae039762ad53086b858eac553e3f56e","sha256":"cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb","sha512":"57ea8824e1005bff40a73db3b79c2e7768dcf438c653abe52bb26164590362338dbb4b9c0896cf6fb4133538058d42d1ee0b1f2e5dc779b928c8ca45cbc565c8","ssdeep":"1536:t4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:tGsKXlI2p0WPSbDrstfam","tlshash":"5693f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","size":93064,"data":"","first_seen":"2023-03-07T01:06:35Z","last_seen":"2026-04-28T12:58:59.704938Z","times_seen":4572,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/js/trls.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb1b6bc6776b3e1f520ad0d6c03a92ad","sha1":"5adcdd94fd541e5ff347cb317418f77ebcd7a714","sha256":"d87b9de60e8a4d614e0f4e34da021c835852d802f8b6de2aee6a3fa034e3b2b5","sha512":"1b6d2de73369aff8325acaf09a31773260b55747c759214565b941785e5049b8b464c7e6fa6a785a9a9d53d78fcdaf8337ba54c37af514891d89ea7798d67b92","ssdeep":"384:6C0CrBg9YphRgCK/4HDF4lt6bukVI92p4pSuLwjjjYCwx3L:T5Fg9IhRLFRp4suLEwd","tlshash":"af72a47acfcf40f8f5d016608b5ea4c6a09cb1b7c795d4fe292e48e906d1c0480af58b","size":17300,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2024-08-21T09:43:52.490234Z","times_seen":1542,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/bb.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d553e4bac91c74bfee2dbabba61e99e","sha1":"5af71e2377c9c012a7826a695f2724901941b19b","sha256":"1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68","sha512":"105e5b23733e7bb443ba2080d606c2814b0acd2aaf228467d2ce532ff2f2ec0b292f8eb5189a24cd9f79b69a7e983b176dbd29e2d539dae7ca443821084f2894","ssdeep":"","tlshash":"23f02341bd5435f147cf3255861f2230903f08cd7206d583b9a85e916e3179d9e1bbd0","size":639,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.592645Z","times_seen":13211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/exit-new/exit1.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"625e5e2950612f771e246beb33c9ea61","sha1":"e4fc251c6c000496c285f8dc3fa097040b031681","sha256":"618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46","sha512":"655f0b373c605d0a464bedca4df204fb3aa12442c5b0aa3b8bf13e0604fd1e89480356e9c6cc9a432f81305bf1151caf4ac4ad9d8eb24eb78cbd11318e5b9657","ssdeep":"","tlshash":"ee81407c352d7579499a777c91efe94a207b6c53f001a2320808bc94e86ce4ce325df9","size":3473,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-02-01T11:35:43.37734Z","times_seen":13050,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"hentainudes.com/https%3A%2F%2Fnhentai.net%2F","fqdn":"hentainudes.com","domain":"hentainudes.com","tld":"com"},"ip":{"addr":"104.21.66.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:36.907991394Z","timestamp":1694395836908,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /https%3A%2F%2Fnhentai.net%2F HTTP/1.1\r\nHost: hentainudes.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 301 Moved Permanently\r\ndate: Mon, 11 Sep 2023 01:30:36 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: /https:/nhentai.net/\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=qWKoGIqRzTxCU4x%2BjUdsWUKTkZZMBlg%2FqzQDz5WayBzsJ1TBRnnmqqLTPXhO0SNKgFjAcW5%2FnkdBcWBQ%2BKzxfzXHcrAt3aS7GAlSG7j5iMPPG60DJQuonFAnVYVbbVJWucQ%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 804c25777e5eb50f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"a.magsrv.com/ad-provider.js","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"205.185.216.10","port":0,"asn":20446,"as":"STACKPATH-CDN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:37.888783515Z","timestamp":1694395837888,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /ad-provider.js HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hentainudes.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Sep 2023 01:30:37 GMT\r\ncontent-encoding: gzip\r\ncontent-length: 33767\r\ncontent-type: application/javascript\r\naccept-ranges: bytes\r\nserver: nginx\r\netag: W/\"bdcd31715ffc48a61b59a833750\"\r\naccept-ch: \r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-hw: 1694395837.dop009.sk1.t,1694395837.cds262.sk1.hn,1694395837.cds257.sk1.c\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":33767,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (32336)","md5":"0d65d2af9888847a0995c06bffbb6f1f","sha1":"bdcd31715ffc48a61b59a8337502d174e1fb81a7","sha256":"93e8a7072d356d288d3ea294046246618c560100f528f062c64be7f504151991","sha512":"4aff66898432c3fadeff8e08fe348467dd80fc1bc3d56cbdbed5a02a6cd2ca0a6e9fe2b993c643dd9bd427f42af6c32c076e7abf8b7119ba39655254c597f93a","ssdeep":"1536:EO6Z8AzEToR5L4xFG7kKZcxOxw8hwMjNOKVhMfhcgAHZ1Z8r1Z1AdOpkCOZkMD+J:LVyp28VOkPD+Y38C02KV3Q4Ql485I","tlshash":"3ea34b892b92703452d3a12d69ff57093331407ee90e4894bf4ee8a427aded65173bbc","first_seen":"2023-09-07T20:08:23Z","last_seen":"2023-09-18T13:24:01Z","times_seen":181,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"a.orbsrv.com/ad-provider.js","fqdn":"a.orbsrv.com","domain":"orbsrv.com","tld":"com"},"ip":{"addr":"205.185.216.42","port":0,"asn":20446,"as":"STACKPATH-CDN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:37.909007082Z","timestamp":1694395837909,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /ad-provider.js HTTP/1.1\r\nHost: a.orbsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hentainudes.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Sep 2023 01:30:37 GMT\r\ncontent-encoding: gzip\r\ncontent-length: 33768\r\ncontent-type: application/javascript\r\naccept-ranges: bytes\r\nserver: nginx\r\netag: W/\"10cf5cb9f12c7adb68b563712c7\"\r\naccept-ch: \r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-hw: 1694395837.dop003.sk1.t,1694395837.cds264.sk1.hn,1694395837.cds218.sk1.c\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":33768,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (32336)","md5":"2221fe3869fa5f94d0986a7590acc5af","sha1":"10cf5cb9f12c7adb68b563712c72ca32e19cec84","sha256":"eeeb543a2b7373992fe9d899f7643f775216a2c38cfa5b63ce6560cb1a2aaf16","sha512":"cca9ece8bcff20cb4e677fbbc15cbe5e8a8a371e2ec7ea36d7dc1b4d1ef7e272d7901bba23ced37689461966dc111e75a3aefedfba1970d1d0ecc084a4b1b802","ssdeep":"1536:EO6Z8AzEToR5L4xFG7kKZcxOxw8hwMjNOKVhMfhcgAHZ1Z8r1Z1AdOpkCOZkMD+9:LVyp28VOkPD+Y38C02KV3Q4Ql485s","tlshash":"67a34b892b92703452d3a12d69ff57093331407ee90e4894bf4ee8a427aded65173bbc","first_seen":"2023-09-07T20:08:22Z","last_seen":"2023-09-18T12:36:45Z","times_seen":31,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hentainudes.com/classic-themes.min.css","fqdn":"hentainudes.com","domain":"hentainudes.com","tld":"com"},"ip":{"addr":"104.21.66.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:37.99591698Z","timestamp":1694395837995,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /classic-themes.min.css HTTP/1.1\r\nHost: hentainudes.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hentainudes.com/r9k+4chan\r\nCookie: visitor=true\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 11 Sep 2023 01:30:37 GMT\r\ncontent-type: text/css;charset=UTF-8\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 899712\r\nlast-modified: Thu, 31 Aug 2023 15:35:25 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=RPYsVjyXwrYOxfJH%2BipAwFft%2FjjPhT30xnoBGO0mHRhQqKOivW1Fk4eWRZo%2B6W7uHNAXfOp7MLPvxpQHj%2FvIuFxeO0CtGx0MvS5KwJuxmp4VG%2BaaZVZGsdy7BPjfLBnJZxo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 804c2581f8bdb50f-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":408,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"1a0804b1a9d09705657f91fe7cad4c5a","sha1":"feeece6f0b3e0bcf090547c475329a2772f6b26b","sha256":"dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48","sha512":"9bc7a9fe6cb51765537f21a79f015d1de49aa8b1de2613e072c5e108d88ca1877df320c80842ee7c512bfcd29b9166bdc3c73919b267dd8a20c1962275fa1738","ssdeep":"","tlshash":"9bd02bd1769f04e1701fe25c4515458990b40180ccb39fb1d4dbf0dee5e90f936ea68b","first_seen":"2023-04-05T02:48:12Z","last_seen":"2026-04-30T12:00:46.429992Z","times_seen":19557,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"a.magsrv.com/ad-provider.js","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"205.185.216.10","port":0,"asn":20446,"as":"STACKPATH-CDN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:38.014051542Z","timestamp":1694395838014,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /ad-provider.js HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hentainudes.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Sep 2023 01:30:37 GMT\r\ncontent-encoding: gzip\r\ncontent-length: 33767\r\ncontent-type: application/javascript\r\naccept-ranges: bytes\r\nserver: nginx\r\netag: W/\"bdcd31715ffc48a61b59a833750\"\r\naccept-ch: \r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-hw: 1694395837.dop009.sk1.t,1694395837.cds262.sk1.hn,1694395837.cds257.sk1.c\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":33767,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (32336)","md5":"0d65d2af9888847a0995c06bffbb6f1f","sha1":"bdcd31715ffc48a61b59a8337502d174e1fb81a7","sha256":"93e8a7072d356d288d3ea294046246618c560100f528f062c64be7f504151991","sha512":"4aff66898432c3fadeff8e08fe348467dd80fc1bc3d56cbdbed5a02a6cd2ca0a6e9fe2b993c643dd9bd427f42af6c32c076e7abf8b7119ba39655254c597f93a","ssdeep":"1536:EO6Z8AzEToR5L4xFG7kKZcxOxw8hwMjNOKVhMfhcgAHZ1Z8r1Z1AdOpkCOZkMD+J:LVyp28VOkPD+Y38C02KV3Q4Ql485I","tlshash":"3ea34b892b92703452d3a12d69ff57093331407ee90e4894bf4ee8a427aded65173bbc","first_seen":"2023-09-07T20:08:23Z","last_seen":"2023-09-18T13:24:01Z","times_seen":181,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hentainudes.com/navigation.js?ver=20141205","fqdn":"hentainudes.com","domain":"hentainudes.com","tld":"com"},"ip":{"addr":"104.21.66.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:38.020238337Z","timestamp":1694395838020,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /navigation.js?ver=20141205 HTTP/1.1\r\nHost: hentainudes.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hentainudes.com/r9k+4chan\r\nCookie: visitor=true\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 11 Sep 2023 01:30:37 GMT\r\ncontent-type: application/x-javascript\r\nvary: Accept-Encoding\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 805142\r\nlast-modified: Fri, 01 Sep 2023 17:51:35 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=OBhEaK6FqbDTk22fDmKbz%2BDEz8RsoqbBeq4ocDbvJ21oSS4jcLYcSb%2F%2BO5z3gk0cK3Gen%2BPzZz96H6vZ74FzULgE9xvdlkQolIMu41BYSHTJJHQZGsN1nsj6zHqq3JiqqPM%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 804c258238d1b50f-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":34386,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"6e26dcae5f37cd7dbc99443304d0d4b6","sha1":"1149f4a86285fb1cbf08f3748659368410be6892","sha256":"ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78","sha512":"d2bf7eced880963c5a72a77293658ae76eda39b246a55d703c4453738f42af333e740c829e27d42e4d707d33ba2801e9e785165810eeb0c43db3fb13a26ee77c","ssdeep":"","tlshash":"4831f48735b5223b5266bf4057aec0223b2f1844eb107112bc7ef5812b58605c9bbf7e","first_seen":"2023-03-07T01:24:12Z","last_seen":"2026-04-30T10:40:29.54277Z","times_seen":471,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"i.redd.it/n1qx42qgfdd31.jpg","fqdn":"i.redd.it","domain":"redd.it","tld":"it"},"ip":{"addr":"151.101.1.140","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:38.028222086Z","timestamp":1694395838028,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /n1qx42qgfdd31.jpg HTTP/1.1\r\nHost: i.redd.it\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hentainudes.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 30 Jul 2019 04:48:08 GMT\r\netag: \"b0e3d9400b207c60b420a693e7664d81\"\r\nexpires: Thu, 31 Dec 2037 23:59:59 GMT\r\nx-amz-version-id: null\r\ncontent-type: image/jpeg\r\nx-canonical-filename-image-generation: 1\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Mon, 11 Sep 2023 01:30:37 GMT\r\nserver: snooserv\r\nreport-to: {\"group\": \"w3-reporting-nel\", \"max_age\": 14400, \"include_subdomains\": true,  \"endpoints\": [{ \"url\": \"https://w3-reporting-nel.reddit.com/reports\" }]}, {\"group\": \"w3-reporting\", \"max_age\": 14400, \"include_subdomains\": true, \"endpoints\": [{ \"url\": \"https://w3-reporting.reddit.com/reports\" }]}, {\"group\": \"w3-reporting-csp\", \"max_age\": 14400, \"include_subdomains\": true, \"endpoints\": [{ \"url\": \"https://w3-reporting-csp.reddit.com/reports\" }]}\r\nnel: {\"report_to\": \"w3-reporting-nel\", \"max_age\": 14400, \"include_subdomains\": false, \"success_fraction\": 1.0, \"failure_fraction\": 1.0}\r\ncontent-length: 293960\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":293960,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1052x1995, components 3\\012- data","md5":"b0e3d9400b207c60b420a693e7664d81","sha1":"6376c41cdfd0ab7235b637d9fb9aa871e1b4b9ef","sha256":"3ff2ea77dd97f5b3226736ca20880791baa2ad3776372b712cad1e7c453a4235","sha512":"a4ade67c56172be8b7213cc30a3fe3097af8a7027eb0aed036df8e9d12d9b42f776db99075cc53245696fef6758d482c307e676feb51f33d845681eb40620b27","ssdeep":"6144:U02umqFNyvVAqpIP4ODbThKDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDqr2x3G7IG9c:72uRNy9AqpIPthKDDDDDDDDDDDDDDDDp","tlshash":"665412da3242a2dbff4e2d70a48f7fc71354f92117865548a22ecd77a2b36ec181b484","first_seen":"2023-09-11T03:30:57Z","last_seen":"2023-09-11T03:30:57Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-09-11T01:30:38.339Z","timestamp":1694395838339,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sw.onedragon.win/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:38 GMT\r\nContent-Type: text/html\r\nContent-Length: 6640\r\nConnection: keep-alive\r\nset-cookie: sid=t2~xa45mtl4zwzyujdkfoeueimr; path=/\r\ncache-control: private, no-transform\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6640,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (531), with CRLF line terminators","md5":"3e5360cebc9122afa5ec6638d00d57e7","sha1":"91b2423d7fcf6e325f40dc23c66f7324289cb5a2","sha256":"50a983f336e60e897652ef22428e601cea7ff76465f00f4e4b2a67379f71e211","sha512":"1c602156d04ad4c42d4f6bb910abab9e957c9078279694c6a6122a6ca82d72a3a1803ebe9324d3bf2fc4067e5dcac3037a8dad89d41981feb0ab0d6953193473","ssdeep":"96:gYumCRYNhNXNOoGpGKj7ElXktKalYYoCsbRZ6GFJAEbiGXo8OQyr/kJQGJBPEWqO:gfmCC/9Uo2Lj7c15CEviGDyr/k9","tlshash":"19d14500bd19da0e037202e5d57fe618d8a6ec70d3539498f6f90a3b87e2f19672dc91","first_seen":"2023-09-11T03:30:57Z","last_seen":"2023-09-11T03:30:57Z","times_seen":1,"resource_available":false,"data":null}},"time_used":496,"timings":{"blocked":167,"dns":29,"connect":45,"send":0,"wait":160,"receive":1,"ssl":91},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:38.906976967Z","timestamp":1694395838906,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Mon, 11 Sep 2023 01:30:38 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"6177dcf0a4eb5ad573053fd1caca1572","sha1":"0127fcb5e3e6f18919894194eb2e5cad031d0c22","sha256":"b7375560b308d11b9bb7e01888d62afa373069aa912d7b9c2945251bfc1b9cdf","sha512":"99e93db17734ebcc193ddfadd43e4bb241178910ee70ab297bef92dc87debbe3bf78525fc4c3ecf7dcc8141375630cb25507dfa138eeea4e079a5c1b32fe68e1","ssdeep":"","tlshash":"16f0d44e7e782a12cc171f6d6de2dd13b006382e1ece5a11be75174415151fdd908c38","first_seen":"2023-09-10T18:01:30Z","last_seen":"2023-09-12T05:50:33Z","times_seen":2057,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hentainudes.com/https:/ecchi.iwara.tv","fqdn":"hentainudes.com","domain":"hentainudes.com","tld":"com"},"ip":{"addr":"104.21.66.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:38.956633624Z","timestamp":1694395838956,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /https:/ecchi.iwara.tv HTTP/1.1\r\nHost: hentainudes.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 301 Moved Permanently\r\ndate: Mon, 11 Sep 2023 01:30:34 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://hentainudes.com/%2Fr%2Fgonemild\r\nset-cookie: visitor=true; Expires=Tue, 12 Sep 2023 01:30:34 GMT\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=PouNwtv6PjscR9tyKyZilE13CJmD7W9InJwhD%2BY5Co1wSM9OF1t3uKpCuGQ%2FuoQG2T1wC%2BPDibMU35VqPQIEnYQJei%2FeFMBoIiOXOjjTY%2FlAo9P0oNThniSRaTokGYMZTpA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 804c2569ab60b50f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":126068,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16528, version 1.0\\012- data","md5":"5ea7635f6e90147652e355703d1faeab","sha1":"f185df87ded666a0bd52160d446fda8b0bec6be9","sha256":"aa393572ea975160decfea22a4cb35ad3497b31423e18b056c383b7785fd52fa","sha512":"7d56172e9aacb1362212c6ff65d8607686697c91c53a944a3c7a719e277e84f57d368baf74f356e550d060c743191c46a0370cc999a01f8088ef1605fd7121e6","ssdeep":"768:qmrQWB6SAcmrgLstJbGxwUkB1mlpztzuRdvGN6eABkdIUIbZbnbJN8gwaKNhL3tv:d6pcJQCwlwERdvGNIkabbRk3chs","tlshash":"6ec3f8a0f21031da7223c55a71d0ed873619a052e66b4fb7f26f29d88f895ca0773f16","first_seen":"2023-09-11T03:30:57Z","last_seen":"2023-09-11T03:30:57Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700\u0026subset=latin,cyrillic","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.207.202","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.824Z","timestamp":1694395838824,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 14 Aug 2023 08:22:09 GMT","end":"Mon, 06 Nov 2023 08:22:08 GMT"},"fingerprint":{"sha1":"09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38","sha256":"51:9F:EC:84:6E:75:1D:8B:F5:23:58:A2:24:2B:C1:8E:91:C4:20:61:49:69:0D:3E:83:47:F0:3C:36:08:DF:BA"}}},"request":{"raw":"GET /css?family=Roboto:400,300,700|Raleway:400,700\u0026subset=latin,cyrillic HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 11 Sep 2023 01:30:38 GMT\r\ndate: Mon, 11 Sep 2023 01:30:38 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1263,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression\\012- data","md5":"754c6553f3c64e883993b84beff36b51","sha1":"ab150219f506fe0441685c9b0f0de0741ac9d5d5","sha256":"df76abb9fdb6c49649b6d12e820e7930ef76e43cbd99bd11b2135a2c5797a479","sha512":"ad688ded0eefea0efcfc7da13092cf5a52ce1ed599b53c57a21b0dab6ac806228e76b2782130d45dd905028e96c15cb4bc12eaeb7e22a07ec4b305b175bdfa06","ssdeep":"","tlshash":"0a21980e7ba45622dc375f3a5bd5e9737099295a0feed551bd3404050a4a0eccf894b8","first_seen":"2023-09-11T03:30:57Z","last_seen":"2023-09-11T16:18:53Z","times_seen":3,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":84,"dns":12,"connect":8,"send":0,"wait":21,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/js/vegas.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.842Z","timestamp":1694395838842,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/js/vegas.js HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:38 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 21792\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"85310f0fc6d54ab6c4aa2a2efa1e8514\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:06 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B3CCE0933249\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676801713#1186412/gid:0/gname:root/mode:33188/mtime:1659086506#637908000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-29T09:21:46.637908Z\r\nExpires: Tue, 10 Sep 2024 01:30:38 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21792,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"85310f0fc6d54ab6c4aa2a2efa1e8514","sha1":"dbd124ed40a22170b23709711d4572ff93c9fe6f","sha256":"17d0a5e4e45104aec83860cf51f19bb232747a586a74fc841b9771a9aa9e42b2","sha512":"6714e26d04e4385529a740b740ec11f06235f5b323f233120b9d0358d2b9300f9497d97677f5f091e18016ad7f440f7d3e1aadd67e16ff39dd19ac0f564e56fd","ssdeep":"192:hz8shmGr7AU7AF2pI7oP0zd6ilknsV7JViSiSCluzdF2UImlCIkdeA3sfddNdzrh:hq9p7iQF91rKeRlzW1oPImdLNlDlOq","tlshash":"38a297497ef750098997e07a5fdf9008e674810b680aea2c3c9d52c49f9563853baff8","first_seen":"2023-03-07T01:03:18Z","last_seen":"2024-08-21T09:43:52.475697Z","times_seen":2074,"resource_available":true,"data":null}},"time_used":161,"timings":{"blocked":116,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"hentainudes.com/sqr721c-webfont.woff2","fqdn":"hentainudes.com","domain":"hentainudes.com","tld":"com"},"ip":{"addr":"104.21.66.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:39.055210332Z","timestamp":1694395839055,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /sqr721c-webfont.woff2 HTTP/1.1\r\nHost: hentainudes.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hentainudes.com/style-1.css\r\nCookie: visitor=true\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 301 Moved Permanently\r\ndate: Mon, 11 Sep 2023 01:30:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://hentainudes.com/%2Fr%2Fassholebehindthong\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=jGXAwf5Ab5WGrpQ8K6DjiQmVhanHF4oDt6ayn7ottt6lfWvDCEA60Vehzt%2BUwpCwlC34mqMkiZ7Q%2F9m0Wm5MySPT%2FkJ6JoQNHOxb0T%2BHCFd8WUdg%2Fq4BjPCpL1WHXX2bi50%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 804c25837912b50f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":4264,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (1709), with CRLF line terminators","md5":"a7e9883924072f15259de6888d5ef515","sha1":"7f4f6e5938e68f55aef81e0cd0145f008cd28382","sha256":"985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c","sha512":"f6f2859b644b249cebe21b0af49c0efa046eedc95814ad4cac400b25d6fddbb7a155db420359ccfc8570eb18899cdc369dcbf5c137f4cb21f24b27f8f297be48","ssdeep":"96:3+bMojFkR0WIxWXATmnv5h8VatgNyyd2jMAp0:3zoa0WIcXATs8atgNyM6pp0","tlshash":"ec91b7783c1535b80d06237513bf668b7077bc567c865710b64cd998eb28c6b8316fe2","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-12T06:19:36.709046Z","times_seen":6127,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sw.onedragon.win/dtc?q=r9k+4chan\u0026domain=hentainudes.com","fqdn":"sw.onedragon.win","domain":"onedragon.win","tld":"win"},"ip":{"addr":"104.21.7.167","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:39.073648158Z","timestamp":1694395839073,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /dtc?q=r9k+4chan\u0026domain=hentainudes.com HTTP/1.1\r\nHost: sw.onedragon.win\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hentainudes.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 11 Sep 2023 01:30:38 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding, *\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=YURlp0ys20pIgkNUBtN2ZcIO7MM7DHGG2fRSvcU9Ta3UXjB0JXPlWCrMVm2mWPZic4P8IjrPa2VKWaUzi%2B4EwY9VN%2Fxc7p93VvK3H%2BqRwtYFt6KMIvpUP7KdXUN1Jd2hW8FP\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 804c25841b0fb529-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":19981,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with no line terminators","md5":"dd1f24bd8a53271957aacebf1c8816cf","sha1":"343aec7a6cbea9c16969312c02ebd38c56b1b5ab","sha256":"03bfc8c7d30b41e6d181fd6c0f934ef482d11df616d6aec8dcd7cab8d2f91094","sha512":"c8b35a4df76ce94510b85d3f79758edb72a5102efb5e232179d6193a8cfe91494f66d9b61616a7153fb3ea49b2787db150f44c4c18ede91a1f07d6692d9aa4db","ssdeep":"","tlshash":"97d022fb59d2e61b03c031a10dabbb0c082623a73c23470449d8583cf42036e5e25bfa","first_seen":"2023-09-11T03:30:57Z","last_seen":"2023-09-11T03:30:57Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/css/vegas.css","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.837Z","timestamp":1694395838837,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/css/vegas.css HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:38 GMT\r\nContent-Type: text/css\r\nContent-Length: 19822\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"357c7befa8bdef911f02f48f49e10628\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:03 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B26E6951B27C\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#347665198/gid:0/gname:root/mode:33279/mtime:1655387456#430591588/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.430591588Z\r\nExpires: Tue, 10 Sep 2024 01:30:38 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19822,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"357c7befa8bdef911f02f48f49e10628","sha1":"47972e3c4591058dce82dd3b08bed8e0b8ae5c8f","sha256":"47f3bef4746b798892c7beff212618616b0950f33f416f03db243578f89135e3","sha512":"a7aac81c704949b79a988e76867fe18765cb7de65cb1f807b5b65bc9140bb76ddbcb32627917698e2e742defadaeac2cab718d8eb46f42aaebd28797040f354a","ssdeep":"192:Xz+OWMF/4yeKWfHVdBHlsQ0seq1jcBhveq1MtQqUFoo+oUaFEqaFEtRFEoRFEWyP:jzAyKew6ewm","tlshash":"d292af99f80759c492375a58e3da4a24d96ea49329127eecf3cd25cf0f7279c01c8ec6","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-02-01T00:37:34.896215Z","times_seen":3988,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":148,"dns":7,"connect":58,"send":0,"wait":44,"receive":45,"ssl":91},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/util/flag-icon/css/flag-icon.css","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.838Z","timestamp":1694395838838,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /util/flag-icon/css/flag-icon.css HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:38 GMT\r\nContent-Type: text/css\r\nContent-Length: 40627\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"0a47b937981e7389e3ebe63e4a503066\"\r\nLast-Modified: Mon, 20 Feb 2023 09:36:38 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B3378D0F21B1\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676841679#813157920/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z\r\nExpires: Tue, 10 Sep 2024 01:30:38 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40627,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"0a47b937981e7389e3ebe63e4a503066","sha1":"01b395ad016a1d9d15016d765f7d2c51a6e2809b","sha256":"d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39","sha512":"bca846a7ebd76adb4ccf01805cda0bfc53673570b58289057b2f595ac5700e83a80b574ee5e005c9ffbb003aa7872e45a9d35fb728bd35701b040435b2425e24","ssdeep":"384:94fWpOSJ/TqlgSxMUj6/GlQ1EzvxqFbyqVD:94+pvJTqlgSxMUj6/GlQY4yqR","tlshash":"9103096b9643e14fb713cf352b16a1086b9d2492dec18f2b297935ba99f7040b436f70","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-04-09T20:04:58.081796Z","times_seen":6767,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":150,"dns":8,"connect":58,"send":0,"wait":44,"receive":45,"ssl":92},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/util/utils.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.844Z","timestamp":1694395838844,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /util/utils.js HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 7512\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"01816d15ca03032751161a746e2fb7c3\"\r\nLast-Modified: Mon, 20 Feb 2023 09:36:45 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B28536CBECD7\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676885559#334512232/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7512,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (641), with CRLF line terminators","md5":"01816d15ca03032751161a746e2fb7c3","sha1":"dcc72ea5fa1356490ba473288159df9786b4a3c3","sha256":"8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea","sha512":"88f23b9e14db5d4cde23de38ac1a33e0423c9bf33ae714b39b79ba7a062eae33b74515fd9c095d86c1b6971e21990050f6457814a151dc01539a56f624996b9f","ssdeep":"192:C018ojHD3/HDg8bQgdT0p+MSRzS6S+8izeLeR4OeH/t060SDWF:T18ojHD3/HDnQgdTDMSJS6S+8ibR4OMk","tlshash":"a502517e3a3e352a1d0a237d1cdad949247bfc2b754156326929b848d0ece5ce312eb1","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-02-04T20:58:21.377863Z","times_seen":8809,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":203,"dns":0,"connect":0,"send":0,"wait":45,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"hentainudes.com/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"hentainudes.com","domain":"hentainudes.com","tld":"com"},"ip":{"addr":"104.21.66.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:39.115450272Z","timestamp":1694395839115,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: hentainudes.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hentainudes.com/css.css\r\nCookie: visitor=true\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 11 Sep 2023 01:30:37 GMT\r\ncontent-type: application/octet-stream\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 803634\r\nlast-modified: Fri, 01 Sep 2023 18:16:43 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=TxkM3CTy%2BWEd5co%2Fe4LKHixLuq5zYt54CXw3mdikRzIH54idVU689OOiEcPlpHXTEGdYeJAl0pO7Ds4%2BNoKEZSpKTf9Zyg70firj3rs2M%2F2QvJX9GPdMoAPMAOuGZNDr%2FSY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 804c25831900b50f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":49033,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\\012- data","md5":"fd0b0457b1fad449cf4088c03d7f8108","sha1":"fd89ee8160d16cfba5561081a7c5e33d4c948969","sha256":"1b9e55e5a0110d26a0112ee05a20aa9120070d1260dc072754d5537c0d6b8ebc","sha512":"a2bc9384ecfbe8ff1710803a408c77ed1d7af24ca47b5bfe9e525f6279a3df158d5b0ec3ad2ba46ee4bcff2b92f879c3e9d29652cb4ddc247680c12b8c6aba09","ssdeep":"768:X/6AC2MNOM7jh3RiQWD9+jubIHSimEZ/eTJIptCYVMXRt9fYa3G7u5DouZWLB2lb:XMNLRhFy9u1HOEZ/w2OfO6lwQlgd9Y","tlshash":"222302432e4f94f1c46a7f34328e3601b765e250fe7e745e3c6cfa99424667b4066878","first_seen":"2023-09-11T03:30:57Z","last_seen":"2023-09-11T03:30:57Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/css/animate.css","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.835Z","timestamp":1694395838835,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/css/animate.css HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:38 GMT\r\nContent-Type: text/css\r\nContent-Length: 61188\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"1cbfbb2c4ef85880799a74ab2f290f2a\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:03 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B318BBC530DA\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#347665198/gid:0/gname:root/mode:33279/mtime:1655387456#430591588/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.430591588Z\r\nExpires: Tue, 10 Sep 2024 01:30:38 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61188,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (460), with CRLF line terminators","md5":"1cbfbb2c4ef85880799a74ab2f290f2a","sha1":"9b6366d6c7ad05010f7070db70fba10754be6e9c","sha256":"bfdad6766b12a3826bf32024f0fc13fffbcee84f102034b9270da7e538451031","sha512":"58c8d90d0f16205527b110fa50a03b83f001af28841579522c6f9fa1c57bdeba92d6a5b0b4caff4ef84fcc11866e9183ee109c5c891639e1cd1dd8655decec0c","ssdeep":"192:CDvQHnvHQvFpjIBz+a+pjRfBV7lucqBJm7YfPZBWgQc95YKm/0kLyJgprWXhOX8N:CbWz71","tlshash":"1853e86a2c91114457720b25d7de4f6cea3ca17318226efab3c2548b8f61bac13cde57","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-02-01T00:37:34.895204Z","times_seen":5163,"resource_available":false,"data":null}},"time_used":437,"timings":{"blocked":147,"dns":4,"connect":58,"send":0,"wait":44,"receive":90,"ssl":91},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/js/trls.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.852Z","timestamp":1694395838852,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/js/trls.js HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 17300\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"eb1b6bc6776b3e1f520ad0d6c03a92ad\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:06 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B2E9D41C7F1F\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676801713#1186412/gid:0/gname:root/mode:33188/mtime:1659086506#449908000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-29T09:21:46.449908Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17300,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"eb1b6bc6776b3e1f520ad0d6c03a92ad","sha1":"5adcdd94fd541e5ff347cb317418f77ebcd7a714","sha256":"d87b9de60e8a4d614e0f4e34da021c835852d802f8b6de2aee6a3fa034e3b2b5","sha512":"1b6d2de73369aff8325acaf09a31773260b55747c759214565b941785e5049b8b464c7e6fa6a785a9a9d53d78fcdaf8337ba54c37af514891d89ea7798d67b92","ssdeep":"384:6C0CrBg9YphRgCK/4HDF4lt6bukVI92p4pSuLwjjjYCwx3L:T5Fg9IhRLFRp4suLEwd","tlshash":"af72a47acfcf40f8f5d016608b5ea4c6a09cb1b7c795d4fe292e48e906d1c0480af58b","first_seen":"2023-03-07T01:03:18Z","last_seen":"2024-08-21T09:43:52.490234Z","times_seen":1542,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":222,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/bb.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.852Z","timestamp":1694395838852,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/bb.js HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 639\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"0d553e4bac91c74bfee2dbabba61e99e\"\r\nLast-Modified: Mon, 20 Feb 2023 09:29:45 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B2857EF16F41\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676832256#258761277/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":639,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (639), with no line terminators","md5":"0d553e4bac91c74bfee2dbabba61e99e","sha1":"5af71e2377c9c012a7826a695f2724901941b19b","sha256":"1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68","sha512":"105e5b23733e7bb443ba2080d606c2814b0acd2aaf228467d2ce532ff2f2ec0b292f8eb5189a24cd9f79b69a7e983b176dbd29e2d539dae7ca443821084f2894","ssdeep":"","tlshash":"23f02341bd5435f147cf3255861f2230903f08cd7206d583b9a85e916e3179d9e1bbd0","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.592645Z","times_seen":13211,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":225,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/js/jquery.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.840Z","timestamp":1694395838840,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/js/jquery.js HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:38 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 93064\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"df6173bad69801a82b84701789ab16c5\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:06 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B3CCE0083536\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676801713#1186412/gid:0/gname:root/mode:33188/mtime:1659086505#825907000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-29T09:21:45.825907Z\r\nExpires: Tue, 10 Sep 2024 01:30:38 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93064,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (32072)","md5":"df6173bad69801a82b84701789ab16c5","sha1":"94908755cae039762ad53086b858eac553e3f56e","sha256":"cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb","sha512":"57ea8824e1005bff40a73db3b79c2e7768dcf438c653abe52bb26164590362338dbb4b9c0896cf6fb4133538058d42d1ee0b1f2e5dc779b928c8ca45cbc565c8","ssdeep":"1536:t4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:tGsKXlI2p0WPSbDrstfam","tlshash":"5693f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-03-07T01:06:35Z","last_seen":"2026-04-28T12:58:59.704938Z","times_seen":4572,"resource_available":true,"data":null}},"time_used":473,"timings":{"blocked":153,"dns":9,"connect":58,"send":0,"wait":44,"receive":104,"ssl":95},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/exit-new/exit1.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.854Z","timestamp":1694395838854,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/exit-new/exit1.js HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3473\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"625e5e2950612f771e246beb33c9ea61\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:43 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B27AC67ED30E\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843279#623580037/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3473,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (641), with CRLF line terminators","md5":"625e5e2950612f771e246beb33c9ea61","sha1":"e4fc251c6c000496c285f8dc3fa097040b031681","sha256":"618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46","sha512":"655f0b373c605d0a464bedca4df204fb3aa12442c5b0aa3b8bf13e0604fd1e89480356e9c6cc9a432f81305bf1151caf4ac4ad9d8eb24eb78cbd11318e5b9657","ssdeep":"","tlshash":"ee81407c352d7579499a777c91efe94a207b6c53f001a2320808bc94e86ce4ce325df9","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-02-01T11:35:43.37734Z","times_seen":13050,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":239,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"hentainudes.com/styles_thumbnails.css","fqdn":"hentainudes.com","domain":"hentainudes.com","tld":"com"},"ip":{"addr":"104.21.66.132","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:39.192220379Z","timestamp":1694395839192,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /styles_thumbnails.css HTTP/1.1\r\nHost: hentainudes.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hentainudes.com/r9k+4chan\r\nCookie: visitor=true\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 11 Sep 2023 01:30:37 GMT\r\ncontent-type: text/css;charset=UTF-8\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 920089\r\nlast-modified: Thu, 31 Aug 2023 09:55:48 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=d3djbBspJRSVILTfCFeryA5T4K6JQmBuQcumDenw1Eezryslg8CAecvZQeT1BcsO%2Bxn%2BC5wCUrwG%2FfJ9FfUOTfThEjsJytuontKIuP5u5ecCjGFX8goZUwIdkleBgc2jwtA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 804c258208c9b50f-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":21248,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (515), with no line terminators","md5":"94143f6469e0e4c4f63cd8ba4153f935","sha1":"e816353d739166018f8043786e0a695b3da881c1","sha256":"2a961da4c33a1489e786bc080d8181278cd8711262e2203bf386e7c57728b33f","sha512":"e14ef3d845ec13f900a81bbe38c1bea7b511fb464083edbd8fd5fdc1ee1729d8e9c0b17d37565305c0c5c974da59bf30af6b508294d839508deac49644aed04c","ssdeep":"","tlshash":"81f058e1b60043a1f51b56b0c2488e5e9890c6a85ffb28fc59d8f400c6de5d97def147","first_seen":"2023-04-05T23:27:02Z","last_seen":"2026-04-30T07:41:04.02488Z","times_seen":522,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/fonts/5c92d5d3e39a260d5dd06ced7eca070d.woff2","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:39.250Z","timestamp":1694395839250,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/fonts/5c92d5d3e39a260d5dd06ced7eca070d.woff2 HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/media/dating/sinderv2/css/style.css\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 22284\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"5c92d5d3e39a260d5dd06ced7eca070d\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:03 GMT\r\nNo-Gzip-Compression: true\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B37460BD58D3\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#347665198/gid:0/gname:root/mode:33279/mtime:1655387456#426591579/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.426591579Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22284,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22284, version 3.786\\012- data","md5":"5c92d5d3e39a260d5dd06ced7eca070d","sha1":"64df09fd462e6bb76890b7782578777b901f2003","sha256":"2a99c11dd137ef8b515b3a95d2bdb38ec99bf745b2865196aa910628bcb144b9","sha512":"973d8236ff36779be71c75694a1ee5e6ccb6ce656260071e6ff6309a391a7de1357fc00437986a8b42ab3c409e821a58c810701116867b3833df0873dc05b7dd","ssdeep":"384:EWQxHPyVmkdQDmRCsP5V0BKWbOCamb323fyFeP7mplzfHar43CF5Gjru3JFU:EW+HOdeGCsP1/CG3dPqrz/ar005KWJy","tlshash":"3ca2e11c4e18f813b7203a5c99adb965f21e1617da99cc5d0f677ae4b2c0c4e4a51f43","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-25T04:33:07.330419Z","times_seen":4426,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/fonts/bcf3bb1b7f7a3436181788e748bae013.woff2","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:39.251Z","timestamp":1694395839251,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/fonts/bcf3bb1b7f7a3436181788e748bae013.woff2 HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/media/dating/sinderv2/css/style.css\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 14772\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"bcf3bb1b7f7a3436181788e748bae013\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:03 GMT\r\nNo-Gzip-Compression: true\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B37460E3889F\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#347665198/gid:0/gname:root/mode:33279/mtime:1655387456#426591579/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.426591579Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14772,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14772, version 3.327\\012- data","md5":"bcf3bb1b7f7a3436181788e748bae013","sha1":"8ee24d38f618f070a43619f1d471d90f17d666f1","sha256":"42e50c76c1bf569cb8b597ffc8cdd18a6f4a311832f46fdc1489145027550781","sha512":"3dfc74ace5f336c2c3b2518bc0c991dd4f370b6678d9a96ef9448d056aa1abd7d0884310c23299348f72011610f7d6a0e6772e3fd803e75bf9525dccbebd7860","ssdeep":"384:VI1b2Gbko0p2ZFD/aV74+1NahzVZkHCK967ssUyer:VkbhYo0pqFGVM+1Iny9679Uy+","tlshash":"ef62df91fe949fbbc27cc0bd8a7de9043991d54b03522228066f9f8b38b21378cc1e59","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-25T04:33:07.332503Z","times_seen":4437,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/util/flag-icon/flags/4x3/no.svg","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:39.253Z","timestamp":1694395839253,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /util/flag-icon/flags/4x3/no.svg HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/util/flag-icon/css/flag-icon.css\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 331\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"c7ecfe59439b5fd23924fd206cf2fded\"\r\nLast-Modified: Mon, 20 Feb 2023 09:36:40 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B289EFEBEA92\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676841679#849157974/gid:0/gname:root/mode:33188/mtime:1655386305#848080000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:31:45.84808Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":331,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with CRLF line terminators","md5":"c7ecfe59439b5fd23924fd206cf2fded","sha1":"056fbd2b17c7f08bfb480d21973a96bf86fbd72a","sha256":"4027f3320608508754640a6de4cb1cdabdef4654b5a214e875c134802345683f","sha512":"b599bc79feb6f5f93d191b92beade2c05935b10788e4b31f01ab480695ecb131d007816185cb7f5559a6d94bb7bc7720106fb5e54f60970ce43d3994f7f7f7a1","ssdeep":"","tlshash":"68e0cded91bcfc148b3083102f2d7ae288a5f4c6a09506f7fc51311a615f596cdc3605","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-09T20:04:58.085685Z","times_seen":6405,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/fonts/b796339b324ec08006ca04dca90284cf.woff2","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:39.252Z","timestamp":1694395839252,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/fonts/b796339b324ec08006ca04dca90284cf.woff2 HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/media/dating/sinderv2/css/style.css\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 21796\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"b796339b324ec08006ca04dca90284cf\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:03 GMT\r\nNo-Gzip-Compression: true\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B409DA7A6B96\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#347665198/gid:0/gname:root/mode:33279/mtime:1655387456#426591579/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.426591579Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21796,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21796, version 3.786\\012- data","md5":"b796339b324ec08006ca04dca90284cf","sha1":"4283d779705f09e68939572df76c52cb41a3ec68","sha256":"d65bbca022f8953936d6e60b9a59fc27f9bfd74ba96257ffe14df83b3d8eb0e3","sha512":"912eba7649b612ea851ceff16addef13222fbc90656d1f6af737a55f34a24ea6154012afbbe8846d3e6fe1ebaf241de3c331ed97a212060bb979ac449823935f","ssdeep":"384:XuEqeSLLtQo1wtvqD67EE1LagdLGHkTU3brpWPGJyuHabAZOZ7EPmH:sHt5wtvtEEha5HkIJ0GJrFZOZEeH","tlshash":"29a2d12a6c85818c8291d435b3f6222e3572f970e6f1d3db753af478226b44ca35ecd1","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-25T04:33:07.333131Z","times_seen":4429,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/fonts/2e5fca371696cab9fb5a9fe214c1319c.woff2","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:39.253Z","timestamp":1694395839253,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/fonts/2e5fca371696cab9fb5a9fe214c1319c.woff2 HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/media/dating/sinderv2/css/style.css\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 21908\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"2e5fca371696cab9fb5a9fe214c1319c\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:03 GMT\r\nNo-Gzip-Compression: true\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B409DA9D933B\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#347665198/gid:0/gname:root/mode:33279/mtime:1655387456#426591579/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.426591579Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21908,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21908, version 3.786\\012- data","md5":"2e5fca371696cab9fb5a9fe214c1319c","sha1":"4bd3fe039b2f65d10d1b8c1b30c7962bdc313b7a","sha256":"f8b1a05998ba7e93e5c9f41b004496a3576b8d10d9fafc2f7014894ebc3e72e9","sha512":"5e0fc1c5b768d270b1b6fb5abb229d6c668ecc31269818d82b0e33125671aa876a805383d63f3d6b99b24baf8428525240fa05326309640a7c4f5d50c0db4ac5","ssdeep":"384:gBd7eI524xG1u/eBQLE2rPDR5VdqvlG+zFvpLdLAl3sQC15mwA:qZewBj/ZzbXVcvpLtALY5mwA","tlshash":"e0a2d04fef5e681bee938d758d9e908868862946af457760a3fc532374970ea07809d0","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-02-01T00:37:34.902051Z","times_seen":4000,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"data-jsext.com/ExtService.svc/getextparams","fqdn":"data-jsext.com","domain":"data-jsext.com","tld":"com"},"ip":{"addr":"54.37.5.177","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:39.186Z","timestamp":1694395839186,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"data-jsext.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 15 Aug 2023 12:16:30 GMT","end":"Mon, 13 Nov 2023 12:16:29 GMT"},"fingerprint":{"sha1":"E4:91:1E:70:AA:9A:C6:6A:97:28:57:42:72:C2:18:7D:66:65:D4:B3","sha256":"88:05:EA:EF:A4:C8:76:92:E8:E9:DE:78:C1:10:83:B4:DE:B9:AB:E7:09:95:28:AC:65:E0:4E:97:33:ED:44:0D"}}},"request":{"raw":"GET /ExtService.svc/getextparams HTTP/1.1\r\nHost: data-jsext.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://easy-bestwoman.life\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 535\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":535,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON data\\012- , Unicode text, UTF-8 text, with very long lines (492), with no line terminators","md5":"4f303e972d6958ae4238c79d87fdc9cf","sha1":"b869b3f97d046c145166af1aaea6f33d7c91e2df","sha256":"0c7a4c08514bf3744154b3a091287839faeeb25a69d7653c2384a6f97a94cfa5","sha512":"46c2b639c11c7f1923a7e07e6c33284956d53818b5ddf522251d45183ab39498734c436aa311f87670a06ad8b53fde73c5c76889609ab8f0fef2f79c223a7637","ssdeep":"","tlshash":"41f024946c1e3e2a9e6ec2de800fe90762f624ecd049e6829047dd05c28077d718ccfa","first_seen":"2023-09-06T02:31:06Z","last_seen":"2023-10-10T15:28:56Z","times_seen":334,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":99,"dns":5,"connect":30,"send":0,"wait":105,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/images/scandinavia30.jpg","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:39.254Z","timestamp":1694395839254,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/images/scandinavia30.jpg HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 226699\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"a388364d8d1e4684a2cd72c68d625b73\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:05 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B409DAA4DA0F\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#439665338/gid:0/gname:root/mode:33279/mtime:1655387456#286591257/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.286591257Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":226699,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2018:12:04 13:04:35], baseline, precision 8, 1980x1080, components 3\\012- data","md5":"a388364d8d1e4684a2cd72c68d625b73","sha1":"ce210b5b755bae87788ca2eeca7799d284e8477a","sha256":"36e0d2fd85c40dfc080246c7f7c426fc23ebd8f7937c86ef2b435c345ec5c2a2","sha512":"b147397df76ba6f262464e2b0cb42ca0598b88221b69d1ce1c798d1cbcf29e269c37ef52ce556c6f39c28aa634fd672c6a191c741693fc56cef3c5efbaed98bb","ssdeep":"6144:RoWx/Yl02x8omDxmlxptwnfKMphKIrkuOmb:RoiaHVmwRmnzNrZOmb","tlshash":"f4241220a0984d31daca4734faa3cf9ce785b98e3eeff587395d5d8933a8b811d09145","first_seen":"2023-04-06T17:38:25Z","last_seen":"2024-08-21T09:43:52.499116Z","times_seen":978,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":140,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/favicon.ico","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:39.460Z","timestamp":1694395839460,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nConnection: keep-alive\r\nCache-Control: no-transform\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T15:35:17.961431Z","times_seen":14429233,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/images/scandinavia25.jpg","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:44.564Z","timestamp":1694395844564,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/images/scandinavia25.jpg HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:44 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 130919\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"b43a0c525444d73171788f59be0179ac\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:05 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B40B175D2A27\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#439665338/gid:0/gname:root/mode:33279/mtime:1655387456#282591248/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.282591248Z\r\nExpires: Tue, 10 Sep 2024 01:30:44 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":130919,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2018:12:04 12:41:02], baseline, precision 8, 1980x1080, components 3\\012- data","md5":"b43a0c525444d73171788f59be0179ac","sha1":"ae4bc4daef2fcf28286a139ee5f40f7965c85ee3","sha256":"cedab3477ba5b9dbdd7dcccb3209185508470f466bfd18d3a8c499052b312e38","sha512":"f3a41ab9c88350bd9d012c12a1d8a23c5b7b12e59fff25ad155c2b5c2578fb121494f1411fd7937f9d798501b7068be5cd67ba7ace1b1001757bfc6d0accb766","ssdeep":"3072:anCnO77bWkr7MzpehCkZESZ5DVu1TVOL6jko6eDN:anCnE+S81kZESZ5DoRK6go6aN","tlshash":"b2d30125a3296ba3d1f1d4784de0de67a4312a30f05b76e135deadfe3711ec1a848b12","first_seen":"2023-04-05T13:57:37Z","last_seen":"2024-08-21T09:43:47.714865Z","times_seen":998,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":73,"receive":134,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/images/scandinavia16.jpg","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-09-11T01:30:50.066900082Z","timestamp":1694395850066,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/images/scandinavia16.jpg HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:49 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 207498\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"fd9c73b2d026f59cec868b6ddd4e6e45\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:05 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B39FA587E86B\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#435665332/gid:0/gname:root/mode:33279/mtime:1655387456#214591091/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.214591091Z\r\nExpires: Tue, 10 Sep 2024 01:30:49 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":207498,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2018:12:04 12:28:26], baseline, precision 8, 1980x1080, components 3\\012- data","md5":"fd9c73b2d026f59cec868b6ddd4e6e45","sha1":"3a4d08aedd8de3bb84b45e835bd01576da486abf","sha256":"9e950992b30a448d423ebb65a190dafa78eadf3aadd23dc9c2768ad273b948a0","sha512":"d63d8d25e6d22910f2e326c931bccd9dc211f9388ff6f177f02676a4cb39760154ac3ee82b73e56f1e00a3a199514313e39769c01e05e13937f43ca3ccdb15d9","ssdeep":"6144:CtQ/AbLT+rkpvaXdUJEA5hR4eTHxd4myKkPxpF:pAbLT44KUxfR4yH34myKkZpF","tlshash":"131412098b418c91f5d0c27de446e3862f17bc92fab73969f12c7061b7392ea45be790","first_seen":"2023-04-07T13:32:54Z","last_seen":"2024-08-21T09:43:52.497942Z","times_seen":942,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/css/bootstrap.min.css","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.829Z","timestamp":1694395838829,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/css/bootstrap.min.css HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:38 GMT\r\nContent-Type: text/css\r\nContent-Length: 109540\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"03d06426a30f77095d7511e1ca74d225\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:03 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B26E588CA55B\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#347665198/gid:0/gname:root/mode:33279/mtime:1655387456#430591588/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.430591588Z\r\nExpires: Tue, 10 Sep 2024 01:30:38 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":109540,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65367), with CRLF line terminators","md5":"03d06426a30f77095d7511e1ca74d225","sha1":"d1a349294f6fe94ffb17a50097b37bd81e9ba56a","sha256":"3f7e6f3cb6ba8e2effbdd260131ce0d2f332fb00ba3feca1a5bc9c3ee7f9e2a6","sha512":"d726efc5415efba1b060bcd4a24175ae7126312731524e970037b8a8b2fb9be60ba9628106e32781050d34f5c8144bd2c9e7ebe1351ca3e37b9506c832533b7d","ssdeep":"768:PbGxwUkB1mlpztzuRdvGN6eABkdIUIbZbnbJN8gwaKNhL3tqNhkRQmNae:wwlwERdvGNIkabbRk3chs","tlshash":"b6b3d7a0f11031ea7223c55a71d0ed872619a053e66b4fb7f22f25d88f895ca1773f1a","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-02-01T00:37:34.90484Z","times_seen":4010,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":92,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/js/timer.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.850Z","timestamp":1694395838850,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/js/timer.js HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 621\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"40fe503eb84093a37b15e39365ffc587\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:06 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B318C2C41D83\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676801713#1186412/gid:0/gname:root/mode:33188/mtime:1659086506#89907000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-29T09:21:46.089907Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":621,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (672), with no line terminators","md5":"c0ffa5b166c956c171a8168e14c6902d","sha1":"feda58dcc1ea018ce0e488adf14b76efcd1858ad","sha256":"f56e5e5e7348a3ce7632817179a1e1b3678ecdd0d04413e33b44235738ad5494","sha512":"fca7e40a9f4c85b448ccec00b8eab807d9b1b8d720ff1f1f8d103ec3a6eee1562b80469205f43e3ee7c070727e44377aaf364dd35950b4d2b3e3911efb57259b","ssdeep":"","tlshash":"d001f91807376a2c0eb51f8e07aee808561bfd15712f590918cdf8e0589ee29d54de2e","first_seen":"2023-04-07T20:43:52Z","last_seen":"2024-08-21T07:58:04.543589Z","times_seen":37,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":218,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/images/logo-loveme_white1.svg","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.849Z","timestamp":1694395838849,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/images/logo-loveme_white1.svg HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:39 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 4564\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"896592d7f2fa3d761c0b767e9399b010\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:05 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B397C94BF775\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#463665375/gid:0/gname:root/mode:33188/mtime:1655387527#38754000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:52:07.038754Z\r\nExpires: Tue, 10 Sep 2024 01:30:39 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4564,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- XML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (4814), with no line terminators","md5":"4c9bc305b630ddadcbf85f73da8f6c62","sha1":"d1ef59a2f0a66cb692961acbe8fc11a85fd217c2","sha256":"3d2888cd0928377eaf9b32418c555f36f893132575b7b7ef7c1e85510f825d96","sha512":"0903a5f77db8524d1336a999ca72ac294c7b7b012aade9a839a796a45902e64379b722f7bac9c75fae54c2ed1642fc782d1b08b41691fdc6da8afa4d6e29039a","ssdeep":"96:QRJVvB1Wodtu3MIkU+A1zF0wLSyzXcxWHdeoLW3A9oF8a5uQS1hhBOuYZ5aW1iaE:CvB1WWtSMTUt1zqwGywEDQwqjfS1hXOe","tlshash":"c3a1db678314ebf9ae89473d550424457193dcabb4b0f2d8aa9f3052e04cce4e65cfea","first_seen":"2023-05-09T05:49:40Z","last_seen":"2024-11-09T16:33:01.412716Z","times_seen":76,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":292,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/media/dating/sinderv2/css/style.css","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.833Z","timestamp":1694395838833,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /media/dating/sinderv2/css/style.css HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:38 GMT\r\nContent-Type: text/css\r\nContent-Length: 19825\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"481d04e228d83633ad28310d09905526\"\r\nLast-Modified: Mon, 20 Feb 2023 09:32:03 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B3CCC1B27AAC\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1676843335#347665198/gid:0/gname:root/mode:33279/mtime:1655387456#430591588/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:50:56.430591588Z\r\nExpires: Tue, 10 Sep 2024 01:30:38 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19825,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"481d04e228d83633ad28310d09905526","sha1":"f5c81ac5514271f64001c41f5b03e92df55c1a02","sha256":"25fc219b42657e82593f2b07e3d4ae7d615031234f9b2732f5457338d779cf30","sha512":"9374f315cbbb0bd4a8b3109326a36983b3e01f3f8818c0ddc90ae826b20f0f7abf58fdd57f24fcd2d235bbd4fa3660859b9defa238ef62184508cd63713a8577","ssdeep":"192:EojKIow9coe9V2u1iYfRDfyceNlZQdPtfvqpDveiS5271visMFtw7ZEFPEFr2fRR:EojKhwQ9V2u7lgNTQdr6ZOPOK1vd7BrT","tlshash":"7f9254a9f14b240af31faed8b7b15a506ec540649b1a56dcf8ff20e9d3d43ac1334286","first_seen":"2023-04-05T08:47:50Z","last_seen":"2023-11-25T03:43:01Z","times_seen":955,"resource_available":false,"data":null}},"time_used":392,"timings":{"blocked":147,"dns":8,"connect":45,"send":0,"wait":44,"receive":44,"ssl":91},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"easy-bestwoman.life/cookie/js.cookie.js","fqdn":"easy-bestwoman.life","domain":"easy-bestwoman.life","tld":"life"},"ip":{"addr":"116.203.255.117","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu","date":"2023-09-11T01:30:38.843Z","timestamp":1694395838843,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"easy-bestwoman.life","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 30 Aug 2023 08:31:44 GMT","end":"Tue, 28 Nov 2023 08:31:43 GMT"},"fingerprint":{"sha1":"BF:9A:B5:2F:A0:7D:A5:8F:37:14:55:49:5D:C3:B1:F2:AE:83:6A:74","sha256":"34:D8:50:FD:18:92:A3:80:13:60:6E:AD:3F:E5:55:4B:92:08:42:62:5A:8C:82:35:B4:37:44:1A:A8:DA:B1:A2"}}},"request":{"raw":"GET /cookie/js.cookie.js HTTP/1.1\r\nHost: easy-bestwoman.life\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://easy-bestwoman.life/?u=dmzpte4\u0026o=v49g540\u0026t=dt\u0026cid=dtc|cjlrIDRjaGFu\r\nCookie: sid=t2~xa45mtl4zwzyujdkfoeueimr\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 11 Sep 2023 01:30:38 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 4264\r\nConnection: keep-alive\r\nContent-Security-Policy: block-all-mixed-content\r\nETag: \"a7e9883924072f15259de6888d5ef515\"\r\nLast-Modified: Wed, 31 Aug 2022 09:31:17 GMT\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nVary: Origin, Accept-Encoding\r\nX-Amz-Request-Id: 1783B27AA8DB566E\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\nExpires: Tue, 10 Sep 2024 01:30:38 GMT\r\nCache-Control: max-age=31536000, no-transform\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4264,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (4532), with no line terminators","md5":"28792605aa4c45fe0b784971e772db11","sha1":"daf7a1639580b428860f078c568ffb78842ffd00","sha256":"4fd533b3bcaef8e06e933d2bb14afb8acb8a266fd600ab7b9585d37f2fdcb324","sha512":"565645287be12ded505aa9a5406f3f1a46dad3d43c8b2fd3492806acd7d76f743087a2631b860292b47d9a7c08a5a8d5316c48fdeda72fc09f8615d9a456feb6","ssdeep":"96:X+bMojFkR0WIxWXATmnv5h8VatgNyyd2jMApS:Xzoa0WIcXATs8atgNyM6ppS","tlshash":"3b91b7783c1535780d06237513bf668b7077bc567c865710b64cd998eb28c6b8316fe2","first_seen":"2023-04-05T09:58:24Z","last_seen":"2025-03-17T09:57:26.17357Z","times_seen":154,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":160,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2023-09-11","alert":"Sinkholed","trigger":"easy-bestwoman.life","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}