{"report_id":"c7092a85-b989-4828-b478-82b3a5a4c06d","version":6,"status":"done","tags":[],"date":"2026-03-03T12:32:50Z","url":{"schema":"http","addr":"predictivebeautyy.com","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"predictivebeautyy.com/m/index","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"title":"Shopee","dom":{"size":39714,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (32216)","md5":"8a58917142a09bc5be9ead583a30ced0","sha1":"1e6642774ed6139b7be3aec1901312832cda7363","sha256":"b7cefc2cdd5eb4eec0676931ba279b4960d6a9a6c63256200ffa8ce5b5b860ca","sha512":"727f5dc6e39052413cdc37f808d3e022678993a778be2e015be33c320ee51076a9038cbc123b8f2be07162f14d4521d9913c8bd9394c6a7ef956057949801a66","ssdeep":"384:VEZUaJkat06HsTjbLwLIIISqGMQ4sF+3YthRGMrYYSOu6Mkn83VOjVokPhctp:VEiZeCwLIIISq8w3VOjVokPhctp","tlshash":"6803e031d0022aaf6263ddd1f134fb49a0b6e70fc235d40076ad875d7fd2ee86a6419a","dom_hash":"domhashf3b085deafc483612a2b1c80f519abf9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"predictivebeautyy.com","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-07T12:32:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":9}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"kosmetikskin.net","ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-02-06","domain_rank":0,"first_seen":"2026-02-11T16:15:04.117402Z","last_seen":"2026-02-26T12:09:46.495123Z","alert_count":90,"request_count":18,"received_data":1025502,"sent_data":7809,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-03-01T22:28:03.022415Z","alert_count":0,"request_count":13,"received_data":1717716,"sent_data":5923,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"down-sg.img.susercontent.com","ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2022-07-18","domain_rank":506728,"first_seen":"2023-02-16T02:40:30Z","last_seen":"2026-02-26T12:54:11.535362Z","alert_count":0,"request_count":20,"received_data":4423260,"sent_data":9620,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-01T22:18:12.522658Z","alert_count":0,"request_count":1,"received_data":1251,"sent_data":455,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"predictivebeautyy.com","ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":644,"request_count":161,"received_data":3442671,"sent_data":75115,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.13.2/vant.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"644f13180f8d398c886f534b07044cdd","sha1":"2d3349d384b50a385ed0b0d84a256be60a1e2201","sha256":"f5d6379be3cba230a20bfd8bf264805de16223e0aa0277c0fb68c3c0751acff6","sha512":"700886a3c2a288eeadeec4b09884566eecb30f2530259b18a45147f07a02103fb94e144ed643f690de26e8b76119aa639f210c0d687cc957c82318be053ec72a","ssdeep":"3072:XuhzovpPNdJ+fzFgMxnnocXJjyv7mF4Betr1G661LlS+b6aNSnIum/yXN:+hzopC0TmRQBPSWyd","tlshash":"0b54d78ab1c5b425079770b5403f110ab237298cb81a84dcba79e4e66d7ca5ca13ff7d","size":279653,"data":"","first_seen":"2024-04-24T18:56:37Z","last_seen":"2026-06-08T12:58:48.419707Z","times_seen":951,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-06ae24a4.686330fb.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"676e3a2df47d8e40c29c2d1a67127eec","sha1":"e54e8144ef939162c151a843933a98ff020a2641","sha256":"6499fae751b066d09b0d93a067502c15d6fecd5b460c7f5a981dc1fb3b286fb4","sha512":"4314d28a687dba60202a2a5974ea1b39b02a45a2fea359503396553b4bf9c1eebcc4168357fe2e43875ddd2e61c2af72b926ee6a61bc978fae9474a77de421bb","ssdeep":"","tlshash":"c0b02bbe2804790808bfa0e4300b33d8048301003f711ce507b020902b74e8e4303a4b","size":129,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.434355Z","times_seen":841,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"2675fab97e66abb2dc482356efb999b7","sha1":"3311edff263714f305e1e345e152bbee777cc844","sha256":"bc87ac65daaf5582b0084af46d5f173f84e35b6b39733943e908fd9023cf3bb6","sha512":"6d1ed57e31ecba4fd8d5e5bad006be0928245259a0d0a57a6c99029dc00cb4d2e74f0ee31a7c4e198b51bef9c544d9a55c559aad033e38acf75be73bb53873bc","ssdeep":"","tlshash":"121180cb99618a6896e214ee36fe3750b573e052f9446130751fcd103d9c70f036aaeb","size":889,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.466637Z","times_seen":1124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-df347502.fa343716.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e5044e7f519706388a93765e3ee63fcf","sha1":"2b29363ce1134605f9992cbd9e5cdf9ba554d329","sha256":"66839891fd9fdca1f3fa9abc65a3f39ad53936731a1a7508eb6a00215fa1f2a8","sha512":"ca6907084adb9729115b88a1421ba7f64491842d4e4f6299e9cb1fbbb4455e67d697d10aea99fccf085acc030433fa11855e114984e712af7d4fa23d24775bae","ssdeep":"3072:hNn/ViAs300OOMgXZ1P3TCyAhLIKpB68W4PEoS3rTJXm1V7GP:nn/ViAs300OOMgXZ1PM68WBbTJXmfO","tlshash":"3ee33b1ab587e1aecc2ae051801f1934e1262fe9d125d086f738cdd496d8db83b7e72d","size":154007,"data":"","first_seen":"2026-01-20T14:17:30.564514Z","last_seen":"2026-06-04T10:55:59.571098Z","times_seen":177,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa93e8894edb6245ab03883633b12b6e","sha1":"e3ba4c7d1a8876090756fd31715b4f6af6fd649e","sha256":"3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15","sha512":"263612833aa8f4ad08798184b25311604f1a3bdb6aecacb71103661159007ba0a9d7803094930b3276f47e980492bdd8c49f208508ab88ebd9c0875166278621","ssdeep":"","tlshash":"0c8124b0bb8d35ab0e0e21145b1f60cd927ce43a085949f6ec9df1321468c2e977ad6e","size":3883,"data":"","first_seen":"2023-03-07T12:01:36Z","last_seen":"2026-06-08T12:58:48.428004Z","times_seen":3338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/lib/jquery-1.11.2.min.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6355f3cc28006e33bad2e765cde30e0d","sha1":"909cd6318d5047f3c8e83528253b256981394414","sha256":"39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7","sha512":"b22d3868a7b311f82bb149f8afccee03c68dcd5e7152a061b8e18d97aef794b106dd1cc081d49f4d638193924ffa5885239cf67152fc339ff0cf3cd1d194d175","ssdeep":"1536:0Hg1kz+hAmcGmVFnlkFybx+amELolY+30k1dml+BQZX6YPnrCtn8JkDnlwMxVW2:0HDdc2F3c2G7mIW2","tlshash":"13930add76c2b06387a720b9506f550bf276599e280c4440f268e8fabc7ca49a137f7d","size":96382,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T21:13:47.024133Z","times_seen":1828,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c019be63e713ce6f2aa221c0df8fa0cb","sha1":"e5471888945144f233714d470959059c010eb667","sha256":"87e6aba4bd25be4196ad7f269a62de823242abe105df538f218d4e6e268f74ce","sha512":"6ca3ae5fb17dc20a2c27d4008454feb7cefc626bf104252354c1abd0977f73a315001d94293a7d4379ecfda6ba21d3f49a992f243a6f9249c935195527d407be","ssdeep":"384:BPdUYakDlUGQrDQxMQ4rJaT30WCxQI1cg:DUYzhUGmUMQUX3","tlshash":"cea2b7c6f56270270a9260e5183f1107a33f241d648d855df2d6e8ee2ebdd8e91a3f39","size":22805,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.462559Z","times_seen":1154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"32e2eb91e6ed0512057b2ad1e6d1b242","sha1":"27809df1b99a4b81b6b82ba2985cdd4b1c8bebb6","sha256":"e8707a396dd2f8d74eaaeb2f784074a24d7a71cbe15dcc70297f726b31c160d5","sha512":"0ab7b445b586dd27a0aeb72396350982783129c9ba028ba1db847c9d2acc0de9c90c3c9636e76a21553fedf81031220f3676ea64bf7336644c04da33d744563d","ssdeep":"384:UUcnX3xpR5tumD+EaKGZRpqB1UdEPQFWmexTMCJ:7E3jXtuW+qGZK1UCP5mqMk","tlshash":"01b2c7ddb581b03547e326a0412f250bf27b358db44e8498f269e4d52cba85ec42bf79","size":24822,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.444421Z","times_seen":1173,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.4/index.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c51f03d35129d9d1a9da65b24cef7fa7","sha1":"1e1d550d978378980dc3aeb60012da86c2355c4b","sha256":"339747e3a960dd82946bb6b06fcf1dda76b9ee786a337726b535a1d86d6b9c0c","sha512":"8c83157d1a2d4bacafc89ed01d444551151772f1119272c303ace71aa12b6f1fba29da8c9597e2a9baf670c93768286a405a70186b92ba5aae84554b9123c1eb","ssdeep":"6144:K4lrdS1Vqp5xb+XzxEXdUfM2Z0a54VXTnDBHiSuLx8isMZg07LQi:7vS1Mp5xb+XzxEXufM2DEDVHDub7LQi","tlshash":"04c41b8d72c1b5314ba36070503f250bb33b299c680980dcb679d8ea6dbd949526ffbd","size":585656,"data":"","first_seen":"2024-03-05T16:56:16Z","last_seen":"2026-06-08T12:58:48.445305Z","times_seen":820,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-vendors.42f07336.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"bdaaed4e9e1d5e0322ea968e6f47ac0c","sha1":"85c58af8151ed5badcdca952295e8c6e7b3e1e15","sha256":"c9634af5f9b16a9f44d78311163effd76467a2441f744859c96fc066a3b58aa8","sha512":"e23c153981e588a4d6b99c8341da319ce7e9bb16036ff952a8a469910640505b6e7ee7bb9e6d06dc59082f537053bb46cc8d800b82de8a730abee7d743bf03d5","ssdeep":"1536:qJuH03+0goh0dbU2Q+39Ya7C5x+eccVdofh3q4A6R:qJuU3bCbU2Q+3MXccgpE6R","tlshash":"0553e788f2d5b070439771a8402f610bf37ae959b44d8498f625e8e1bdb8dce546bf38","size":65536,"data":"","first_seen":"2024-04-24T18:56:38Z","last_seen":"2026-06-08T12:58:48.448056Z","times_seen":804,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0a01fa31e644ca44836356a172ba7c9","sha1":"e81438a79e8a7f34423168c70696cff2a820dbf1","sha256":"840ea076b43dbf564a909bb082dc287740a96f3c4483fcc024f7176306daecc7","sha512":"a18f9c600996f8f31c046e80334cc794efff550c2286bc822ba7bbc197d99e4ce5f032133866b18cb9743a717b76e578cdb2a9fb5f6ebe42614d08ea1ea2e47c","ssdeep":"1536:XFWQV1ZGORGWiB67hAHLY/IyYT3uu+OLFckh:XFW8tG967hAHM/IyYT/Law","tlshash":"5853e8c5f46134a213e7a2b582bf11032376953a640c85b4b798dcf98d7d98c532bf7a","size":62797,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.423793Z","times_seen":1157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ea671664a4781158f00958fc37fff43","sha1":"85da357f6e79636c538688e45ec51d157c6294c6","sha256":"e7f9727d063ee11e78aa2edd32d0a142fb798fb7154bdae1fcef99a637c1c1ef","sha512":"1314bd9f0c883f518cf680dddad1098d2792ae8d8b55b9eb0c797daf764002c67b2112665fab030db9ddae5ea891513ed240c143bcce53a66f0e8b785294833e","ssdeep":"","tlshash":"ac21a42c2d5babf8930338b1a032c65068f8e51ff114af0677ae0fd04b757ee8918824","size":1301,"data":"","first_seen":"2023-03-08T23:52:18Z","last_seen":"2026-06-08T12:58:48.467126Z","times_seen":844,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/lib/flexible.js?2222","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1572c9446821f8b1dc1136b64b44e739","sha1":"6a786ef63db48581f50e85601ef4a3effe8bf095","sha256":"264ef2e4767a942ee634794619d94edbd7da642cb79277c16b974cac9795c246","sha512":"4283dbb16b94c7db39673fb92808835e7f2ccb34f64502d0524cd571fb28e91c82abddcbf1224d4b83c1fb30908c96a4d16b604b22ef0f491c2bdf2d00213598","ssdeep":"","tlshash":"5b81322806e322361e2330348fbf210539728067055ace447d5ee79e6fe4a654ef6bf5","size":4065,"data":"","first_seen":"2023-03-07T12:58:51Z","last_seen":"2026-06-08T12:58:48.42752Z","times_seen":858,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"334149adf44476f28bfbf16c7b0382c2","sha1":"ad2ea246ebb53ed655ab50d44b33d4d6f942387d","sha256":"6d2c0a450a04b5d1492f77d7e512fe6af26e95c2feac596825f45e71b9ffa4d6","sha512":"0f9d66a68e400a2499cc1dbd79331892e9e62e278d8b4784e354b7a281c91fcc1401eedb0857ff6911d842ea853d39081b459fbdc0e30d927ee93b5ba1ecdbea","ssdeep":"384:hpI8XyWPbWeAExXqgxH7RqzGbcQdVzxbUm6HwT9eei:LbXdyGbcczx/6QT9e1","tlshash":"f25285ce7861b0a757e320f0805f4a0fb2b6552a754d84a0f660e9f66db542e8733f5c","size":13638,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.423279Z","times_seen":1179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ac19265b38d14235141d184bca54d9a","sha1":"c725eb5a33d093e331e25c3a5ef1272b0f1f648c","sha256":"e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e","sha512":"6476ae51cfef0724ba254cff1e5d68f2cda477840954b01b933f1c9608ed6ca5094fe006d5cef7e5a32d54b25fb4a418a3e2c3eb642bcafa0d6bebaacbeac21d","ssdeep":"1536:O/pPCitsufJthaK85kqzOAkRlojU6tU8r5MhkhGllpcXvH7WcWUKcOqylFE8BtOa:+JthJkOAkaRaaGl4fH7WcWUKcOqjtYD","tlshash":"2bc31849b35071e551e72256539ed601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","size":128745,"data":"","first_seen":"2023-03-07T12:58:52Z","last_seen":"2026-06-08T19:37:58.80964Z","times_seen":2389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/app.53577dab.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"d977558c73a4fd5d2c6f5516ada74835","sha1":"57d9314b318071fc02a4f3d7f73dcfb5da19897a","sha256":"8f52d856fe5bd83c7ad1d07008e01a06eb402f10429ee297f09d9d22c18e35c7","sha512":"02a26f13fd8f34ea1d16aff9e9bb38e527247f20246aa4a48e46e0cd1d6b6980da300d567631666ceaef503ea613b75982ccb080f8fef6f2ec08d667df3fa311","ssdeep":"12288:y8T/2f2k6qFtDu2XKkd6lX8I82S11yo52ZQixQn1+paHil6OHpAQ9ogO/xX+jaNG:y4fu0iSyuA5iy8","tlshash":"63457c9833de76f60042e456600f3e3c71661ebaf74691816c71e6dc26e9ab14633e3b","size":1246747,"data":"","first_seen":"2026-01-20T14:17:30.759934Z","last_seen":"2026-06-04T10:55:59.78239Z","times_seen":177,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-9c1c641c.471bd454.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1630e44870c051f166fa952f722d4725","sha1":"bc968080544a2e59e8e026de0abe54359d28e39d","sha256":"6c95e0a7e350c2c80e72c4240857bec35219ccbc7ad3fc34d61290e62a7c20c0","sha512":"a45ad5fc2885dd1e50f162373b8dd381440eded0a0ec9907082e5c05f0ec84ebe51874bd3d3835a1b53995f552adcb05f9007d845adb0c1e3cc046d2237966b1","ssdeep":"","tlshash":"7811cb4d39a5b1133b2b64a4106f72889de7218639bf6c91d164c4909f7258f116bace","size":925,"data":"","first_seen":"2024-07-16T23:08:15Z","last_seen":"2026-06-08T12:58:48.446981Z","times_seen":632,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vuex/3.1.1/vuex.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c66594705de51675f08e3b83b9b9b38c","sha1":"40fa40f722043957a56324174ec6f80389391971","sha256":"e973901e74ff65888bbe2e58b95cfb957d5db316bb185a106f543d99176d1d65","sha512":"3cb0d6b77ac49d3c6c5c5740efa2fd9e3e0c79158c88a9d4f0b709f4713a38a7b72109a2b4c636377c783effc3c6457c718d8cdc2e9c7577db9691562e95375f","ssdeep":"192:90DuIfY7JtjC5ydUypH82+H8urFLR7BD4GOUo1MQl+B2GHPpB3QE7WA+MWnBP:9guIw7JtWqmhfldD4Eo64UgH3nx","tlshash":"4f1261ccf661b0764a377460623f120fe276a46d200a4468f598e4ef6cbe14d94abf3c","size":9875,"data":"","first_seen":"2023-03-07T12:05:56Z","last_seen":"2026-06-08T12:58:48.443895Z","times_seen":1413,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"17e942ea0854bd9dce2070bae6826937","sha1":"434cdec1669f2c6c7406297a72120936bc56ed52","sha256":"72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26","sha512":"3f0439fa3817c71a6b34673cd32707137b29823e93b8389e1deff24e46c427e5396a897b753ba98bfe156f01c7ce54155bbed56f418b388b22622807802e6f72","ssdeep":"1536:1UXY7qLtpHt2Pqe1mZ8I6H82RaLiMBlo2VV2B/S/g:MYeJpN2yefjMBlPV00/g","tlshash":"529308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","size":93675,"data":"","first_seen":"2023-03-07T01:18:07Z","last_seen":"2026-06-08T12:58:48.433882Z","times_seen":4059,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"622c4c9d5dc4b1ee29a2eb908186ec88","sha1":"491753a3f979f7d180af11e1929ffff85e30f921","sha256":"794d1c7ab27be77d366e0497e641488e50f5ae6581b4db51cc08de1e142eb47a","sha512":"2b2485006e3a36dbae0d0d8488ab63ae6085c34d5a6f72c3558c52b492294c157f67ce47c1c3b89498db9ff72f748485fedc04a881f1877f903cfa0df1c8be8e","ssdeep":"1536:PLFpwkiSucuVH8MBfaQQ979S17LMgRCSRjMbEjeb6Gt6UQ:PLbw1Sucu3Qw8gc3gk6Gt61","tlshash":"1f93618cbec6f06642636675413f900bb27a1a86745f89d0e12ed1e4bc7c98f413be6d","size":92050,"data":"","first_seen":"2023-04-06T20:58:39Z","last_seen":"2026-06-08T14:02:53.831373Z","times_seen":1468,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-9c1c641c.471bd454.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-9c1c641c.471bd454.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-39d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":925,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (925), with no line terminators","md5":"1630e44870c051f166fa952f722d4725","sha1":"bc968080544a2e59e8e026de0abe54359d28e39d","sha256":"6c95e0a7e350c2c80e72c4240857bec35219ccbc7ad3fc34d61290e62a7c20c0","sha512":"a45ad5fc2885dd1e50f162373b8dd381440eded0a0ec9907082e5c05f0ec84ebe51874bd3d3835a1b53995f552adcb05f9007d845adb0c1e3cc046d2237966b1","ssdeep":"","tlshash":"7811cb4d39a5b1133b2b64a4106f72889de7218639bf6c91d164c4909f7258f116bace","first_seen":"2024-07-16T23:08:15Z","last_seen":"2026-06-08T12:58:48.446981Z","times_seen":632,"resource_available":true,"data":null}},"time_used":320,"timings":{"blocked":144,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/poster/homeList","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"POST /api/poster/homeList HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: https://predictivebeautyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://predictivebeautyy.com\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-08T16:21:52.003534Z","times_seen":5286,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":98,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/cfg/202601/20/d7009b01ceb64a51bad66cb011b5f192_.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/cfg/202601/20/d7009b01ceb64a51bad66cb011b5f192_.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 86811\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Tue, 20 Jan 2026 03:25:25 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"8e88821bb1dac647065b32143d790ef0","sha1":"01ea1c3b276898ee3348eaf65979d12cb989052b","sha256":"c13cb4b58d8680f6308f8fe40cf28e2ac9bd1243a01b0aeb67a208a44027b9e0","sha512":"420eba64061ffda0c2401ce9205a6f82b564dc1c5cfbfbc4e07576066fbf807f41fff486ab4eb0e392cb0f847b79cb504dd16f5d55ad1296d2d383656377872f","ssdeep":"1536:VMCAVk8EwI65Cpg0WW7IZeE38Je55Eea7DWzhGF6Nk+D4zXkS:VMdkgfQWW7Qn38OFaMzzD4zXkS","tlshash":"4d8302c9c88655015e1633cce252f5e0cb0eea10ea35070ec59ef89a4feb136dbd6583","first_seen":"2025-12-18T19:47:47.598607Z","last_seen":"2026-06-04T10:55:59.54671Z","times_seen":267,"resource_available":false,"data":null}},"time_used":1704,"timings":{"blocked":543,"dns":0,"connect":179,"send":0,"wait":360,"receive":254,"ssl":362},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-37bdd3b6.e09af95a.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-37bdd3b6.e09af95a.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-7a3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1955,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1955), with no line terminators","md5":"7b9c54390fb3760f7b24fb6ff534a1f2","sha1":"8bc648894b0a00e669faefff31e5567ebaa7484b","sha256":"2782db1d2b5d5dc87af62ede8da2b2f4a3bd5d95f974fa54a32c893a504fa85e","sha512":"6bec6bc0a77a46bf36b3f40b7359e9648344e1bc8ba845da4bded6e5ebd1343f139ead57cb0391c859ba936239da82c7fc8cdd36c9419f84b4832b46ef3308e2","ssdeep":"","tlshash":"e241303c7292fdf849e6b190143f7201d12627086435e882fbe0cac19aa199f52a9f37","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-06-07T01:38:16.152811Z","times_seen":655,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/core-js/2.6.9/core.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27060\r\ncf-ray: 9d68a9f6a94f32fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e2d-16793\"\r\nlast-modified: Mon, 04 May 2020 16:09:17 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 308802\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=y5JOAXCkbHVUqK8H7TsnuFqMbRjr6qH1sMgqWm25AcIj8JwTXEhPJXq84G9poGw7dOFOra%2Fs3Y3ZRzOARKQiruKoom8S0iXVXddu3Zcc9VVDW8wE%2FWcUIcWxBjlVW6F0bpGk9RTM\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92051,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32000), with LF, NEL line terminators","md5":"622c4c9d5dc4b1ee29a2eb908186ec88","sha1":"491753a3f979f7d180af11e1929ffff85e30f921","sha256":"794d1c7ab27be77d366e0497e641488e50f5ae6581b4db51cc08de1e142eb47a","sha512":"2b2485006e3a36dbae0d0d8488ab63ae6085c34d5a6f72c3558c52b492294c157f67ce47c1c3b89498db9ff72f748485fedc04a881f1877f903cfa0df1c8be8e","ssdeep":"1536:PLFpwkiSucuVH8MBfaQQ979S17LMgRCSRjMbEjeb6Gt6UQ:PLbw1Sucu3Qw8gc3gk6Gt61","tlshash":"1f93618cbec6f06642636675413f900bb27a1a86745f89d0e12ed1e4bc7c98f413be6d","first_seen":"2023-04-06T20:58:39Z","last_seen":"2026-06-08T14:02:53.831373Z","times_seen":1468,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":1,"connect":11,"send":0,"wait":29,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-vendors.42f07336.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-vendors.42f07336.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-10000\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65536,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29775)","md5":"bdaaed4e9e1d5e0322ea968e6f47ac0c","sha1":"85c58af8151ed5badcdca952295e8c6e7b3e1e15","sha256":"c9634af5f9b16a9f44d78311163effd76467a2441f744859c96fc066a3b58aa8","sha512":"e23c153981e588a4d6b99c8341da319ce7e9bb16036ff952a8a469910640505b6e7ee7bb9e6d06dc59082f537053bb46cc8d800b82de8a730abee7d743bf03d5","ssdeep":"1536:qJuH03+0goh0dbU2Q+39Ya7C5x+eccVdofh3q4A6R:qJuU3bCbU2Q+3MXccgpE6R","tlshash":"0553e788f2d5b070439771a8402f610bf37ae959b44d8498f625e8e1bdb8dce546bf38","first_seen":"2024-04-24T18:56:38Z","last_seen":"2026-06-08T12:58:48.448056Z","times_seen":804,"resource_available":true,"data":null}},"time_used":1447,"timings":{"blocked":526,"dns":4,"connect":181,"send":0,"wait":364,"receive":1,"ssl":368},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-250cd2dc.4cf16b04.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-250cd2dc.4cf16b04.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-96\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"091f4c0d35cf00184a04622ae52b2624","sha1":"176269dc52ce5d5f6d777745c61c10c2a04c7d25","sha256":"54e7f16f1832e2a3fa11b2c114ad46c90142c333b5c155353bc0878662bfde4e","sha512":"bac2f02a0f493b697ffa5492e76831eb473c0f97b5ba6fd87d6faee7cad38992b1e66f69b0b2f3fd18017a9caef9d410e5e8f90ee6eee141fc40eb9d1738aeb1","ssdeep":"","tlshash":"73c02b50b60c56508037d0c5c4c00851206a3b1ae62797f78d01ed35cfcf160b58e584","first_seen":"2025-01-10T12:51:25.86084Z","last_seen":"2026-06-07T01:38:16.230756Z","times_seen":548,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/banner/1/list","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /api/banner/1/list HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1053,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"14a12bbe0d810a07fce208e82c8ec26b","sha1":"ff50ebe5ecd49376c08254388b9cd22ddbd2f149","sha256":"c51affbc1bf1d1db5b317e3715d29070c1aa70eb101cd9771e252c32505d6392","sha512":"6e2fee0de1f375774e85fdf2f59fc773138100b5f09458a352b8092f8fa952a4b360c4370ccdf7d39531c0c445f36f968c4f066836e2d5a8a4fea6f05c9bd77e","ssdeep":"","tlshash":"5c118c19db2ef8f8b98b804361bee1d6a01c336fd4c0675532c2c94c89d94756f1aa2f","first_seen":"2025-12-18T19:47:47.678996Z","last_seen":"2026-04-22T09:54:52.12574Z","times_seen":224,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-604fc2c2.a4b4e3a9.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-604fc2c2.a4b4e3a9.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-ed1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3793,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3793), with no line terminators","md5":"0b2102b102f5b23caa1f39cadecb75ac","sha1":"fa151273a14bef5cf2c71247a0e226a2d42a623d","sha256":"88146ad7576caf74130473e68384707ee55465e20bff4eb34c040c8ac03782b3","sha512":"77373ec39719c3404d56fe48b62527a86306dc507eb9366aa1ac0f4cb0af00e6632da7e1b05c602a7836996fc962b46f626d61f83a692f9c845658a72f86eb11","ssdeep":"","tlshash":"9c711127f3891251e4a2c2d0b7e04dddc23ae912331189bbdb836e395f9f317216655a","first_seen":"2025-03-31T13:39:50.47206Z","last_seen":"2026-06-07T01:38:16.227413Z","times_seen":417,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":325,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/6.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/6.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: image/png\r\nContent-Length: 14547\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-38d3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14547,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"567f222c91a0adf2736760e9bd1ebf4e","sha1":"8f8df5a135c97c0b14c0fb5573ca00e822a19e9b","sha256":"cee5b962a078c675d90e9a0f9cefda41478d9a93e80ee69a0131e8931a531aef","sha512":"1155748926bd0d7379a8140f969caf8d6bcb508657c9a3a819501a008c8a114e745ff2f597d400147bf43147c0949f8016868d074781003c54ca66c3826f2d72","ssdeep":"384:6gJn5nsqCGCJs8P63+vOt1PAmO+INCl7SuIo:FJ6aif636FUIND4","tlshash":"c362c1ac36462c11a704fb24ce8414e3a7b314f0d2436ba39dc8dae61d715fa5c956dd","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-06-06T04:24:34.458909Z","times_seen":321,"resource_available":false,"data":null}},"time_used":1051,"timings":{"blocked":868,"dns":0,"connect":0,"send":0,"wait":182,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-932adb64.d362d6ae.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-932adb64.d362d6ae.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-a41\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2625,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2625), with no line terminators","md5":"6baf6301c2e215f8e8ecec373a734e7c","sha1":"8eee0eca4c9b0fc3a69866a730afd72b88a5635f","sha256":"0576a55858af13ef94bb893a1d0a1e30e77872294ffb95be0d0ac7d4a4c208df","sha512":"24206346f932e96bddedd75cfd79d50ba46121b6fe381548585f58bb6134c8ada39806e28a09d71303f5265cdb3cace4b9a0e76d1fe9cba19d37ebe22cb4f103","ssdeep":"","tlshash":"a151113364585209f13bddd11a0429e66970ba17f0029ffe8d5d3c30efc759626a2389","first_seen":"2025-01-10T12:51:25.879985Z","last_seen":"2026-06-07T01:38:16.114981Z","times_seen":551,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2232cdce.bbf14f04.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2232cdce.bbf14f04.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-4597\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17815,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17619), with no line terminators","md5":"00143820da7385f7be28bf1e4a8a972a","sha1":"b0b4706b8b2ff718a957d187d14ca552cf307c49","sha256":"342eb92bdd7693ec213999e94ad0878ef1fe26916499569a6e2b4e70386f8856","sha512":"698975a093b7f710a41e0a1eaa4f0621a902d66eb832ce90f3e80367751842d2a24caf3e171c42c0baa740d98e61b078640238bc609f7d8055179473d87bcffc","ssdeep":"192:cN3zkwOxCcgpCU91Rmym6bJ14QYsdUcc6c7+Pj6zjRn+sDZ+wFLiaU:cNeCcgpe6bJ1nlb65ewxiaU","tlshash":"ff828818b5c7e6ab9caa9021443e3525e1323ed9a026e186ff34cdc46968d74371df3d","first_seen":"2025-01-10T12:51:25.900233Z","last_seen":"2026-06-07T01:38:16.20299Z","times_seen":534,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-0d0be872.aa4f4d2e.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-0d0be872.aa4f4d2e.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-770\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1904,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1904), with no line terminators","md5":"c0fa8b970e1a95485b19fb2002187225","sha1":"d1237ef5ab7f91b54d120c89b1edd59d7a3ffba0","sha256":"77c1eb5c835475532899b897a657d279217e3a9e4443037b6e308dcc5ed4c133","sha512":"7266f52d2729e6cdcb571a7ab0e52e63fccf9a0084b84319a34de8cc2a36ca7ce120440e55ee375562572e23bf4e6fbc36f3af93b66755292b918125b633f4c8","ssdeep":"","tlshash":"b841ed32b59c440db037f6613525a8d8764cfa03e21222e39c12623adfc7b833672e8c","first_seen":"2025-05-18T06:03:19.612245Z","last_seen":"2026-06-07T01:38:16.185686Z","times_seen":443,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":166,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-5915ee8d.4006cc4e.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-5915ee8d.4006cc4e.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1292\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4754,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4754), with no line terminators","md5":"f2cf758791111fd2d848603463e99178","sha1":"6efa309eee6c7aebb25f7eb378ebb367680cea9f","sha256":"be18a5cd6c8dd5547446a18363472d5ee56a0d2008b3d187fda6f866ed32facc","sha512":"33df9c558a43f266d0231279d5d2c940a857326b2e9e6de968d1b17983e6a784938bc4de991b04007f737e16b67f475a7c1fbab4e82228b22ec105c37d238cb3","ssdeep":"96:92hnM63MqkM6uoSYbc+7fb3bDb9UKUea6:yM63MqkM65bc+7fb3bDblUea6","tlshash":"eea159db78d68112d277ea5216ccd51adf336be73ba10cea71d8284dd706a80631f0a7","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.110616Z","times_seen":1107,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-5a173067.53a2b734.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-5a173067.53a2b734.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":245,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"cc0b1c5556a569c8746b150d74f5c06a","sha1":"5aea86fb969662e1cb85c552c633a9257d381b9b","sha256":"58e86d4a9236520d6ac3714632ba2a30a239dad74de1d394b1252c9324072e65","sha512":"87a43a5039fc9c01e56ea7100da8eaf4c98fffc094a3b9fc8f067eaf24e981cd5881424ee956808ee58f021d44310c8629eab11392f7d74ed51d74efc85f0438","ssdeep":"","tlshash":"aad05e743f4c5876b49ef251254c12c413c09b57119083cbdee210399e078c0559b7e1","first_seen":"2025-05-18T06:03:19.592498Z","last_seen":"2026-06-07T01:38:16.178399Z","times_seen":401,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":119,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-6e4f04a4.5a255384.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-6e4f04a4.5a255384.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-75\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"61e2bba3a72b590e1223e0428d00de84","sha1":"36ee41d679d6e52cb18d786a076641e54ec932ca","sha256":"d2e81b03a1686104de770d618c2b38bdf2a667382dd24ddf24913420bfa5fe54","sha512":"d8018d3e835a37a4250e876505266890f25938e1de02cf403a63d46f4d38a89eeb4756dddc1337be4c89bbf63db1aa381bf806b0e390aa0c890247050e319b3d","ssdeep":"","tlshash":"54b0924829cd0092ac9fd0e0a02044c18212a322ca120312ab20947c8d930f82169a16","first_seen":"2023-11-09T03:37:00Z","last_seen":"2026-06-07T01:38:16.234056Z","times_seen":770,"resource_available":false,"data":null}},"time_used":629,"timings":{"blocked":437,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/theme3/tabbar/mine.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/theme3/tabbar/mine.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 4660\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-1234\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 138 x 134, 8-bit/color RGBA, non-interlaced","md5":"9257d7d41f0aeb65c674ea3ee19ef1b4","sha1":"826e3ae0ef20a7f48f69fd5740ff48212d05ecb0","sha256":"f4e0220e488ebe9e5176c587603b0756cc755a8649c13344aea8652d57cd5562","sha512":"e459264955355f76655df49a7ee28a76e31b84ebd37a8fcd2703d011b8eb29696ed01177dbf79758c952b29802b4afb7da894aa869b6e6c596f988764a444de0","ssdeep":"96:F9ICo03ee/GROo9AO7s0BPYx6GYWNHo6JxG/jgIZpEN25Vnj802NKo+pTp3p1:4L0uqrydGthNI6DOgIZzVnjj2NAp3p1","tlshash":"95a16e1391ede97e449c890166d2053db96b3bf0c68897f4149b2fdcd3b0e72b6810b8","first_seen":"2023-05-03T23:27:44Z","last_seen":"2026-06-08T12:58:48.463625Z","times_seen":478,"resource_available":false,"data":null}},"time_used":813,"timings":{"blocked":632,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-74d1c393.2928084f.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-74d1c393.2928084f.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-512\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1298,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1298), with no line terminators","md5":"1fe245f2830b10534ae77924560ec401","sha1":"1feacb8014a296352318b1697944b097d55ba92b","sha256":"a7bf0d2d8a328645eb9822334530a707baf64fac7625855b717fedbfb321525c","sha512":"05dbf5c934a71f4e9a909e8eebec316766529767ec7169ad5c868d6e40e8b3274a01e0de21e59f3efc696ef912870726f9952129a3cbb4dfbe5cba1a460bcf1c","ssdeep":"","tlshash":"ad21f6a1bcba1f671bf9c64d8045bff5461ab145ca285b39e05433ec06128ea13e2312","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.161826Z","times_seen":833,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":80,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-9fd116e2.be26ba7f.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-9fd116e2.be26ba7f.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-14d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":333,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (333), with no line terminators","md5":"ad2d88123d51a4b6e8e3495e9ebece3d","sha1":"d16ec779eefb27ab84d6b438d233184a3e31d559","sha256":"0835e15c3a5c71c15aec5f475c0d5f02d5044d78cc4739a345343b69543d7a38","sha512":"cc6160d1a07c4324bb4b08f9a6f23197d8d3d5fb944895d05fee0ec18b91efaeee9a432b510bdeee58fda5a913dbead577af67e6224b37cfe449c35f01be8c18","ssdeep":"","tlshash":"01e02c697aec5c313c36e918214a08ab23046b23a3e0aa50ae607022cd4b1a7210a38a","first_seen":"2025-01-10T12:51:25.880805Z","last_seen":"2026-06-07T01:38:16.162292Z","times_seen":551,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-5c9d0d19.68c5aa56.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-5c9d0d19.68c5aa56.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2ae7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10983,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10905), with no line terminators","md5":"303c1fcc5622ea9b77c65814e59f70d1","sha1":"0434defdddeddbc04ac27471262e5b28623c33f0","sha256":"e1cec4a2cf47193216e9610bdb8bdd04e31f9b45fa03c40afcf982fbc10fc992","sha512":"03988115ddf9b3fb28d9fe14413532ece4fb3d17d17a119a2b08293f9bbebab9ce1470c029281c7cbb4047d46fabbcd18b4678659bd0bb62d8282dd443fa8dde","ssdeep":"192:WwjcV8+s+lp0WyLAhU50QFB5+npu1JF1wR242JxAvuZy/0vnA1z+Wf3+jMMq+rUr:XcNs+QWglFFFaR2BTmMeXkQLMNjsLxFx","tlshash":"1732f8cce68aec270fe3b2aa343b30d5a20b902d7815141bf3b0dadd259f9415921776","first_seen":"2025-06-13T14:30:24.525807Z","last_seen":"2026-06-07T01:38:16.111192Z","times_seen":355,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/lib/flexible.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /lib/flexible.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:27 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-408\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1032,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"7524a2ba32138a0363ad48a78f4c7b9a","sha1":"aab46e82603b9de5b1880c0aaddc0d0f29dbf7a6","sha256":"d68ca73f7b227d0da6b310867a0a588530657bc433fce241b3b2aea1502c10c6","sha512":"77518eea3846fafd71ba1a086f06975e9ab22c2d1e55265795f62604d2411eec3a9a9ce50e6f5ce369fad4ad22e4346fb4547beae00e043fd7f48b5b21e9c252","ssdeep":"","tlshash":"081175315350b490a4f78e33320d955865304352cc378a60f320f198d5e203b27a2b8d","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-08T12:58:48.462012Z","times_seen":833,"resource_available":false,"data":null}},"time_used":1274,"timings":{"blocked":538,"dns":2,"connect":179,"send":0,"wait":179,"receive":0,"ssl":367},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vue-router/3.0.7/vue-router.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 7869\r\ncf-ray: 9d68a9f6a95c32fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402b-60f6\"\r\nlast-modified: Mon, 04 May 2020 16:17:47 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1765646\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=HdPajHtsMcMcWK4XsROd6dUJOUgN9glX9pCnA1OmwqVV09BejdUPX6b232ochSH4LBwmAfAYuQVoI5kk%2FWTvrxgjvACRVElGGiAFDV7SNeonS4rFrdoqbBAb%2FWm7QJgdkU3z%2FuxP\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24822,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (24752)","md5":"32e2eb91e6ed0512057b2ad1e6d1b242","sha1":"27809df1b99a4b81b6b82ba2985cdd4b1c8bebb6","sha256":"e8707a396dd2f8d74eaaeb2f784074a24d7a71cbe15dcc70297f726b31c160d5","sha512":"0ab7b445b586dd27a0aeb72396350982783129c9ba028ba1db847c9d2acc0de9c90c3c9636e76a21553fedf81031220f3676ea64bf7336644c04da33d744563d","ssdeep":"384:UUcnX3xpR5tumD+EaKGZRpqB1UdEPQFWmexTMCJ:7E3jXtuW+qGZK1UCP5mqMk","tlshash":"01b2c7ddb581b03547e326a0412f250bf27b358db44e8498f269e4d52cba85ec42bf79","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.444421Z","times_seen":1173,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-df347502.fa343716.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-df347502.fa343716.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-25997\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154007,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65006), with no line terminators","md5":"e5044e7f519706388a93765e3ee63fcf","sha1":"2b29363ce1134605f9992cbd9e5cdf9ba554d329","sha256":"66839891fd9fdca1f3fa9abc65a3f39ad53936731a1a7508eb6a00215fa1f2a8","sha512":"ca6907084adb9729115b88a1421ba7f64491842d4e4f6299e9cb1fbbb4455e67d697d10aea99fccf085acc030433fa11855e114984e712af7d4fa23d24775bae","ssdeep":"3072:hNn/ViAs300OOMgXZ1P3TCyAhLIKpB68W4PEoS3rTJXm1V7GP:nn/ViAs300OOMgXZ1PM68WBbTJXmfO","tlshash":"3ee33b1ab587e1aecc2ae051801f1934e1262fe9d125d086f738cdd496d8db83b7e72d","first_seen":"2026-01-20T14:17:30.564514Z","last_seen":"2026-06-04T10:55:59.571098Z","times_seen":177,"resource_available":true,"data":null}},"time_used":583,"timings":{"blocked":48,"dns":0,"connect":0,"send":0,"wait":356,"receive":179,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-5c9d0d19.8d1b5cf5.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-5c9d0d19.8d1b5cf5.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-fd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":253,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"c14d474133726cdef23c1cf11c805190","sha1":"eda5e624d044af4d0ff6b0f2ba68de82d879cc55","sha256":"25f9445d1431156cb9fd8e80af2b2a6667587ca0da34a0c3d0e554db04d366d1","sha512":"8dacd5f508901b6f5782c32f404e6d192bd47a00068324d685ba25edbe1fd422715d2c1381820ff5b928d7189f2c6fbe8dc029d850094f48436bf25eb128cf87","ssdeep":"","tlshash":"b0d02b14294c4861bc77c494a2750848020cb3dfdf0382408e64a4558ec30562480dd6","first_seen":"2025-06-13T14:30:24.423988Z","last_seen":"2026-06-07T01:38:16.169256Z","times_seen":358,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/banner/6/list","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /api/banner/6/list HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-08T16:21:52.003534Z","times_seen":5286,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":149,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/banner/bottom_nav/list","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /api/banner/bottom_nav/list HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1340,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"67d058e16183811377df109331944eae","sha1":"3e755ca938b7950612b417d97426b7dcd13a2947","sha256":"4638edb9af2378bd169ae1a0cc22d635fe984bed03bcb01f921672fe35e74bd5","sha512":"12cc462bc310a70af1d8e7bd3b2e25b392b0a8b3489795f67412f49969aee9fff0787ae68e71ab6fb3682a44b58d4108cdd95df575f6855521824056428af56b","ssdeep":"","tlshash":"b8215a1286a8fc795dd0d18215afb886840d322fc1e1e124b5d6eddd86c8aeb370b5cf","first_seen":"2026-01-17T10:26:57.117703Z","last_seen":"2026-06-04T10:55:59.766395Z","times_seen":169,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":205,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-925a3b70.11d3217e.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-925a3b70.11d3217e.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-75\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"ed7f88f9b7f99042eda629536d2dc0a9","sha1":"c61d47c506e1148456c852656b484d574c28abcd","sha256":"a1a2ab3daa36c4ec3c95db0848653e6c47a8592b7b43c8e068f6c777661bb463","sha512":"9a504eb33cdcd8d78bc1d2f4ec0b29ff78c404a861aca377dd6af8a1217270a24244810072bb1131fa594c448e8601251ed9f9ba4aca5decfa5b5c00fe03e483","ssdeep":"","tlshash":"03b09244298c2812ae5fd0f8a02164c18112e3bacf060393df20e86c8d830b82481d15","first_seen":"2023-11-09T03:37:00Z","last_seen":"2026-06-07T01:38:16.182285Z","times_seen":770,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-7dd52cfb.22305141.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-7dd52cfb.22305141.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-deb\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3563,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3529), with no line terminators","md5":"7366e2843a611744e4283c9d3fafb6dc","sha1":"f801ab9804692885ff7960297da89067f6ca13ea","sha256":"c4c8ae0d46797a33adaad493835f11d1964158be41388fea2c098da31367c91a","sha512":"d5d04c8046b57551c6572cf94a5aebe2e53ee890dadf7d536cb4ad50f68715ff809833803c898ac905a88368cf45066fb532711163a8eb97e938e805618180a3","ssdeep":"","tlshash":"0771225cb0c3f028896eb036611f217ae5357dc55513d590af24cee0ba65c3c632e6de","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-06-07T01:38:16.099151Z","times_seen":609,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-03T12:32:25.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:26 GMT\r\nContent-Type: text/html\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3491\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13457,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (8611)","md5":"4347341d9e269d50734f44cb71eb3cc0","sha1":"146e04a38cda3954b74631656344ec1f483799f3","sha256":"149081b8ea51a11d789eb9d20abd208acc70e8d2db7edde4885581bcf5b45065","sha512":"39b41d266b2b8b6fac0d3c5113e8ec549c44400b2b578af69458c686cbb17512cc1408e53b91246871c21309d1f6dbf9022a219d1c771b4f1b9d85c549aa625e","ssdeep":"192:vsNZeKIC+LFGSFGmQnqQnIBmADd/oC+hnYyQgiAQntyztM4/Z0tf+ahaOa0acain:vOZU2m+lIyQntyztM4/Z0t9","tlshash":"7c523b79d60161afa9d1dd9b9e29f72ac4eb8c7b2070e440b66d8c4f8f74fd40626483","first_seen":"2026-01-20T14:17:30.595031Z","last_seen":"2026-06-04T10:55:59.709887Z","times_seen":181,"resource_available":true,"data":null}},"time_used":1651,"timings":{"blocked":735,"dns":184,"connect":181,"send":0,"wait":181,"receive":0,"ssl":368},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-24a6615b.a23aac98.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-24a6615b.a23aac98.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-208\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (520), with no line terminators","md5":"3b034eece220695de5d1cf1e5340f893","sha1":"ee3ff58be43b222b03fb5ac816269313f532379f","sha256":"50c4e3c1205c156fe2250a09dc1bdf74c5ef5e1f31d28db7290ecce59c291a64","sha512":"1a3789a58f28f386c88168e8fa1a283606528f71ed231c0f01622a925c044f3f108ee29dd4f2638d6d9b061a53305554c2c8323dc629977587af8c620ea71d16","ssdeep":"","tlshash":"dff050328025211cc0b7d43057e8358e5278f11be633518448a1f33197c764618b56dc","first_seen":"2025-06-13T14:30:24.524112Z","last_seen":"2026-06-07T01:38:16.215167Z","times_seen":402,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/banner/5/list","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /api/banner/5/list HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-08T16:21:52.003534Z","times_seen":5286,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":100,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-6849d582.97746849.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-6849d582.97746849.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-38\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"6f5eac1a0bc7fd5bcfa72e8d381d3492","sha1":"f21a840caacf71b07464c0b927fe1cc72e791950","sha256":"32996bec3551596c0e9140a4e7bb630946a92d65e3e268efe149c74cb717e520","sha512":"3e55cdae8d0e6443aa3fef6f681beeafe305bfcc95e93f1d49aef20f6cb588fe4b3385c5457c32ed1d92c455fde7a47523418b814615e0a43471457755d0f8f9","ssdeep":"","tlshash":"c79002a51d28b0ad84b3544642d00d443158710e520990d54e15a974248a1052e12a95","first_seen":"2025-03-31T13:39:50.427732Z","last_seen":"2026-06-07T01:38:16.216859Z","times_seen":417,"resource_available":false,"data":null}},"time_used":595,"timings":{"blocked":418,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-079fc55c.c7b51110.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-079fc55c.c7b51110.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-14ce\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5326,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5214), with no line terminators","md5":"485d627c42962ee0200dac66adf41dd4","sha1":"ca8e716c2fce7870f27ce6b489a333033a9254c4","sha256":"4a2b5528bff5b712a661c2f48dea798bb01eb6b7483c95050a4393eef0f39c81","sha512":"672c83e0b25c6b7a35a019664750aa61dff0f7d6f03ff6ebee9c0cc6a45b2b4c97a4715711d41428933f72350a7cf33c878869c803d2debe78314c4a05266009","ssdeep":"96:D42+m67Kxh98ITfv3gppLSqHYhFhRGPgeHmv7t2Vl63Al7:BNhP1hRqgkmzEP","tlshash":"87b1a74cb1e3f5a601a66562102f235af2b13e987416e011bbb0d6c07e2487a635fb7f","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.182955Z","times_seen":811,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-14939100.2fe8cfce.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-14939100.2fe8cfce.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-d6a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3434,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3416), with no line terminators","md5":"93d0e224bd12c00a770a74d8c1dace6b","sha1":"e6c2e8385f949bfd4d44ff1ffc0fe6ea44ed6d5d","sha256":"cf1a24a9260bb4e2cf1b78f2734d48d182578e8c43348928c7e4c3fe616d2649","sha512":"603b793c1822b2301d9dc0aef86eb92e619a7b69ce1547c40e5680f9a587683630f223c63a4c5e2f9f463bf3fc8e59046c8d14474e60f57f54d57ab542d0a573","ssdeep":"","tlshash":"62611004559af6b5c87a9011a22e3720f1793fa58032e08af7a0cf951ad4df7571eb2d","first_seen":"2025-01-10T12:51:25.894809Z","last_seen":"2026-06-07T01:38:16.201908Z","times_seen":576,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-210173e0.c0dac991.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-210173e0.c0dac991.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1f8d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8077,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7977), with no line terminators","md5":"3856338d5b4912dcd744ac73432235a7","sha1":"ca8e82e6caad4cb825f1b50fdfd244bc352c9b5f","sha256":"3356599398fc293cd0d182d64272678ac8c5abe7865d48653f31abc3edd93ed5","sha512":"3f15ecbc998f171b40dce305086627f776b5198d5bcc249340ced7e81f112889cc211e9651c3c4ceb653b72c77f6d308f0597df5d750b50bd673665dc5ff8cd5","ssdeep":"96:5L9GcFsE93gIqYIuOf957+3Ft6CEMYH3CT/8TDvrTu3sL4SGiHsJhr1t0R:5K/L7IaH3wkTrrK3sL47hr1e","tlshash":"11f11345a0c7f6fadc6e9213841e0a31e1312feaa525e087b678cfd01a54d792b2d7b4","first_seen":"2025-01-10T12:51:25.899246Z","last_seen":"2026-06-07T01:38:16.179018Z","times_seen":579,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-6698de45.0ce58e89.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-6698de45.0ce58e89.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-4347\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17223,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17043), with no line terminators","md5":"5f3fe7b4391a1b7304abcd9c3c6f55cd","sha1":"f2de771ca78295b85e6cc623d79f4fe6af541b07","sha256":"38c6a2d4960cfb06cf15e5e3efab2a5ab8bfddc1b4bb68489722bb1109c01239","sha512":"deec0997cd72961560169f45c630f18c177590e86756f2d6e79cee1e80ef975c2e42fc963a285941cac996ae2d051ba9fdff2f749995741375c40877e5f2e069","ssdeep":"192:i3xkwOxCMgpCU91RhPj6YhOWvDZ+J2B6bJi4QyvdUcc6ca4f2:i8CMgp7b6F526bJi2K2","tlshash":"73727614b5c7e6ab9cae9021442e3525e1323ed9a026e186ff34cec46928c75371ef7d","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-06-07T01:38:16.174525Z","times_seen":608,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/5ccb806f4887401d9f3074842216c7e3_.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/5ccb806f4887401d9f3074842216c7e3_.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 86811\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:29:27 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"8e88821bb1dac647065b32143d790ef0","sha1":"01ea1c3b276898ee3348eaf65979d12cb989052b","sha256":"c13cb4b58d8680f6308f8fe40cf28e2ac9bd1243a01b0aeb67a208a44027b9e0","sha512":"420eba64061ffda0c2401ce9205a6f82b564dc1c5cfbfbc4e07576066fbf807f41fff486ab4eb0e392cb0f847b79cb504dd16f5d55ad1296d2d383656377872f","ssdeep":"1536:VMCAVk8EwI65Cpg0WW7IZeE38Je55Eea7DWzhGF6Nk+D4zXkS:VMdkgfQWW7Qn38OFaMzzD4zXkS","tlshash":"4d8302c9c88655015e1633cce252f5e0cb0eea10ea35070ec59ef89a4feb136dbd6583","first_seen":"2025-12-18T19:47:47.598607Z","last_seen":"2026-06-04T10:55:59.54671Z","times_seen":267,"resource_available":false,"data":null}},"time_used":983,"timings":{"blocked":621,"dns":0,"connect":0,"send":0,"wait":181,"receive":181,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-f045b624.fcc4b9c8.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-f045b624.fcc4b9c8.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-78\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":120,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"7a2294f71fa3fcb9df3f49fc4b6af4a0","sha1":"e3737db7515fb7f5ee71f08e997263adc7859680","sha256":"53d54f04576875a8355e595f7a10f2530c5f8468f1e5bf954669f7f119b5c8e8","sha512":"b4093c4522fc7a720a005d30b757639615f52c39ecc5140e8c69d0e9f016e11a1707f0442341922e61f38e182c2ec5ea238b991c2c17e1c51aaa24ec2d1f295b","ssdeep":"","tlshash":"aeb09270bc4c080d23b7b3592264ada01e247152ea8012296cb0d262ae033a2344ac86","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-06-07T01:38:16.137585Z","times_seen":827,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2d237720.724c18ff.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2d237720.724c18ff.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-ade\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2782,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2772), with no line terminators","md5":"921620e96be524fffd62ac1e3eb4ee5f","sha1":"511b2be8f54ff6670d29086f78c2448d8824ca3f","sha256":"246d5330e04910431a9ccba22bb57791ccdb1d0fa6322ad451b38e962fcd7d1e","sha512":"8d29e3b06167939debe0b5bfdf235a55e279ed0ba855630d81bbc352a4600378a89584cf249eb344f1369b1bbd21cc9556c748f9aa836176d981828ddd9e892a","ssdeep":"","tlshash":"ad51988c71b6f99702d28247602f078be37537184c32e4117bb2c7c4e9aa496236675d","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-06-07T01:38:16.106729Z","times_seen":804,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-932adb64.fabf691d.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-932adb64.fabf691d.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3597\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13719,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13595), with no line terminators","md5":"3db019dd6954f9874e67fcb54cc10431","sha1":"e16e55da7ba80c46c6231385c1a32045c79a31b5","sha256":"c28857661ba5c6e48d7e449816878c9cb7b64529e216f9bdab600752abf40266","sha512":"dfd05947aaf6661c813ce960ad4737a79fd6a56d9badfefa1f4472a692b7ecf27bbdb19ffa80178acb939887fcbedcbb46e04492841ea48da8442a4eef586ce5","ssdeep":"192:Ff5EVraVcIJnPB+n4dFP9v6NYstio/jPmIcR25h:l5EcrtkNUo//cR25h","tlshash":"97527409b9c3f5aa8c6aa051402f2935e1363ed5a022f141ff34cde06a65c75371dbae","first_seen":"2025-01-10T12:51:25.929695Z","last_seen":"2026-06-07T01:38:16.139061Z","times_seen":532,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-9bd26c66.42209a04.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-9bd26c66.42209a04.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-39d97\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":236951,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30304)","md5":"4d3f68051de2d039b972d0f67e7ad350","sha1":"80bd171558df0b1819c35a54678a18e8f5139edb","sha256":"9d0c01748fd6a638557e7aa025946145f416c7630d4f72d831c7b84b12b506eb","sha512":"d2283be980e3b336244e7bb184f51c0171a067022fedcc2912cb9ee889e744396d57a0c814dc993b433e134c46378e194e9b13aa6fb542104eb7b5b906ce4bf3","ssdeep":"3072:AokxAxSqddJqG+J6LXtqQ4kCjIMcI7iYvoB6VsMQzBUXtqCxPWQ:axg9nLXuQssEf","tlshash":"ec3497b477a72cde0b7ef09b001b2d438d981b57107ec1a8f25aada22d74706deb1674","first_seen":"2025-05-18T06:03:19.607337Z","last_seen":"2026-06-07T01:38:16.111722Z","times_seen":391,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":182,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-b81b8d9e.9cbb57d7.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-b81b8d9e.9cbb57d7.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-12d8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4824,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4774), with no line terminators","md5":"c527d2ee0b84ab00c0bddc8904c3a5b1","sha1":"4c26e31f41e24ba0258fc88cb8348b57e18753e0","sha256":"ab8a9a7286dbb0b3778af36ceb8736f7bb613c0ecb600e9b18f73d1915cd0c24","sha512":"beb9d4b32bc36338444d2a5181321adf0fc388f50534d78eafdd30283f7264145d678b5c8f650165c7c38d56bf9263c55055c8883fbda9aa8b42d768c33d474c","ssdeep":"96:qeeZ+Ac66Rt6qwe6yz4Ud9WCuqk6SL0MaW4Qu65Rw9aMniU4ANN/KZq/K2/KRQNz:qfZ+rbWC+L0MvRRMnEk","tlshash":"28a1564976c3f16e457be221843f261af1693a95d816a841ef30c5c47c28c79b339eeb","first_seen":"2025-04-11T11:01:20.486699Z","last_seen":"2026-06-07T01:38:16.153366Z","times_seen":449,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-fb459430.b781e075.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-fb459430.b781e075.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-37b1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14257,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (13991), with no line terminators","md5":"e0896caee41fd2b5c18a1a1ece8d5eef","sha1":"41a0de622fedf52315e0a4f62541c73f18ee7ef3","sha256":"a7a9094befb4167c4068cd80039c8c781fa539da1c4ff740e2504611a601d2d1","sha512":"ce4e07d449b61b1b01b5561aaf303f6ae7ef4a05adf59e6a07b323011af191961aa33f16511ee5728a42169ac2d6269799e99bbaaea1b7bc3d8fb95a85e37be7","ssdeep":"192:GYdkQ2uE1tJS87BmQzmvH/CCoblLZ+Se4:GEE1tJS8FkKdWSe4","tlshash":"61528654b487e6afac6e9522411f3a35e1312fe4e026e043bb34c9d05da4d7c272db6e","first_seen":"2025-04-07T11:12:04.222332Z","last_seen":"2026-06-07T01:38:16.130899Z","times_seen":531,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-ffc2961e.b443a13d.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-ffc2961e.b443a13d.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-29de\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10718,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10654), with no line terminators","md5":"881474b27e9e004327f03f6ef6698400","sha1":"8756e7d95bd51485c00488a4437493fdc20c58e2","sha256":"08c6496487409059e483e74dbadc14d9e467756921397eeea737289ee6b9b616","sha512":"8a574705d5a67569009decca3f7b93d50753709aab532f8dc0897c6603e4ca5b1328014679f30cb93be46560899758a69ba900ef92271f8082bba404dc99e6f7","ssdeep":"192:nwKcJl8B+lp0WyLAhU50QN5+npu1QwRL2JxAvuZy/0vnA1z+Wf3+jMMq+rUBd+uu:9cY+QWglxRITmMeXzfMNjsLxF8","tlshash":"5d22d9cce589ec270ee3b2aa343f30d5a20b802d7815145ff3b0daed259f9515922776","first_seen":"2025-01-18T12:14:07.095297Z","last_seen":"2026-06-07T01:38:16.112302Z","times_seen":532,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/js-cookie/2.2.1/js.cookie.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 1299\r\ncf-ray: 9d68a9f6b99032fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec5-f2b\"\r\nlast-modified: Mon, 04 May 2020 16:11:49 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1661087\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=jYIwpiR%2BkexSxkxR8AbrcnGQKGC%2FdcoqR4lTmDbitjGMhAILrAjrGTZQRVFkaFpMy8KlzIpimaJpkO56DfxGgOFn6kLN1qm9xMEVmf1LVrYYURR8MBGqSgSr1Y5cTBSqInlb4%2BjG\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3883,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"fa93e8894edb6245ab03883633b12b6e","sha1":"e3ba4c7d1a8876090756fd31715b4f6af6fd649e","sha256":"3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15","sha512":"263612833aa8f4ad08798184b25311604f1a3bdb6aecacb71103661159007ba0a9d7803094930b3276f47e980492bdd8c49f208508ab88ebd9c0875166278621","ssdeep":"","tlshash":"0c8124b0bb8d35ab0e0e21145b1f60cd927ce43a085949f6ec9df1321468c2e977ad6e","first_seen":"2023-03-07T12:01:36Z","last_seen":"2026-06-08T12:58:48.428004Z","times_seen":3338,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-084d1f6a.31bb29e7.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-084d1f6a.31bb29e7.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-8b9\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2233,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2233), with no line terminators","md5":"6d1e84fc4b61c6683564a45c32f0097d","sha1":"7e26ddd6edb9b8ae436078ecc7f082340241d77f","sha256":"4b1e9de73b5606cca982dfd7e671a632ddbe0f9283371590d28f327fefd0e5cd","sha512":"8857c181816e1e1d55a1cc193251cfebfc8f93d43958a0fb213014af6c8d7b39150cb81814158bf753b3c5151c13218a972ec578f87a9eee23a960e1cea81e59","ssdeep":"","tlshash":"d941a9836d091145b42b9e1093ed0a60526ac76399231eef3347349b87c3feb22b731b","first_seen":"2025-03-31T13:39:50.439798Z","last_seen":"2026-06-07T01:38:16.193065Z","times_seen":462,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/tabbar/assets.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/tabbar/assets.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 17565\r\nLast-Modified: Mon, 19 Jan 2026 17:07:34 GMT\r\nConnection: keep-alive\r\nETag: \"696e64d6-449d\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17565,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"f58533d3d8032a2ebee5b01e4f91ce56","sha1":"373a51128c8f99ac2371ef4b792b2994128091ea","sha256":"aabe3cb48a68fec28f801583b8f7a0e9ee2e893e07e7c792a979bad9ec9fe980","sha512":"7dc05b5ea1a70492d7c3c952b8321f02a103db4c2e69c8b58c546c65066ea8846cb92c183d6f4e9f6940224ab8d12808797460a6392dd7d188e584dd3c447569","ssdeep":"384:F0wD4mqGePGw/4elj5VB4Od1jXkl41jhBjBQYce1n3jZV:FXPw/r94O/4412ReB3jb","tlshash":"7f72e1c278618dea2e860738583fd202e31fe1ecd452ba56846bc20751ecf9d9df54a8","first_seen":"2025-03-03T23:57:52.23244Z","last_seen":"2026-06-04T10:55:59.725847Z","times_seen":295,"resource_available":false,"data":null}},"time_used":829,"timings":{"blocked":463,"dns":0,"connect":0,"send":0,"wait":366,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-1bd77d07.020abd75.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-1bd77d07.020abd75.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3107\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12551,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12527), with no line terminators","md5":"ff7d917b7f022450a5dc08bee716175f","sha1":"f216f23f800d612b29dedf753886cd51ff88326b","sha256":"c0dfc0a3b31b82bf9c90c986839f7b4b68fe36ed1bfbcf98584516d6051d00b6","sha512":"3b0f4fc073d835504bf373e4d4f007c699aaa590b096ad39ce6c655fcb5646f96f74e18c8452d7e980151ee836e6cdcfe368c863667988fafe6d4bfcbcd7263e","ssdeep":"192:aEWzzwO0x6+shlT48dEBGqTydMtubitHw1gEgM48GEBGlbBNQn2guOQfRtnlLw:aEeCxBUuJw1gEgn/Qn2gu3Zw","tlshash":"f142eac99489fe1a1d529111202f31e5f10a786eb628d9d9f770cfce8ddd9440e29b3e","first_seen":"2025-05-18T06:03:19.687815Z","last_seen":"2026-06-07T01:38:16.173203Z","times_seen":396,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-250cd2dc.b9e7175f.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-250cd2dc.b9e7175f.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3a0c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14860,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14654), with no line terminators","md5":"4724bcd21055c96f1e1a25b9386c256b","sha1":"24fc973af86900a162067f41cd2661776ca02714","sha256":"1ea37a8dc1be62800d18f16269869838e61eeda63fd25cd470253a179febd668","sha512":"1eceb7bad8ca3b5570018efbb075ac3707f8bf8fec8b8f862a07c8c7f16c7e175b1f9e03108b785045c951682a7bc1922d81b79315f5a330a0fef39509826972","ssdeep":"192:SnqbyX6fWRP/zWqs3fbPjIFa3jDZ+ZvlJbJQl5jdoc6cjL:SnqxbpQZ9JbJQB5","tlshash":"71629718b1c3f6ab496aa021452f3524e1327dc96416e546ff30c9c47a29d78372ef7e","first_seen":"2025-01-10T12:51:25.906128Z","last_seen":"2026-06-07T01:38:16.204047Z","times_seen":533,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-6849d582.ee1a6b87.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-6849d582.ee1a6b87.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3ebd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16061,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (15867), with no line terminators","md5":"56ba1b4f9ae9ca696b7f8e67c9793461","sha1":"a5d4cb1c1c3f27e1e3a8e0f3f3160c4ac3340269","sha256":"a4316613d0c30fc60149225cfb230e8f14d1ac304ec8670cc97f82c80dbf97cf","sha512":"5355cc817014aee882fd68c58e88a1b16e994a5c1d71edd614b9514b8881650a7d9e6155fc00ed1eb6213042df0382950d8b5c2e91c085d2760f8ba276e484a8","ssdeep":"192:AjkqzUxdLKal7FwZ2QKaQG6CFqbzBsDy+L216XQUQIUsdIC:A0dIUC0zis6XQ2pIC","tlshash":"52728618b5c7e6ab9cae9022442f3535e1317ed9a026e146ff30ced46968c74271df39","first_seen":"2025-04-11T11:01:20.382802Z","last_seen":"2026-06-07T01:38:16.13854Z","times_seen":404,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-6e4f04a4.a10abc52.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-6e4f04a4.a10abc52.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13a5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5029,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5029), with no line terminators","md5":"1f64a4dd650fd3886e5b07b635ef4396","sha1":"2d6efe25ef9f27bdee3cc815608a85a922646ad2","sha256":"cace7cdb6c61f09be8915ca4c5cb63a2c69b83fa26ab8b5e6226b51ceea5918f","sha512":"3caef58465c39a5396a847ef4712731d0bdc5b52500c522b6410fc1b041762bacde488d86a579cd213dfc312800599199145e2ee2c583d458c2c373b5cfc5ef4","ssdeep":"96:mbAxCrPwsEiRiRJK+H19mHRMR4RMpBGhBfL3U2xK7q5bCS4M1qMreL:mEs9QzYMmMihBj5xl5bCSMlL","tlshash":"c1a1c9c8a5e5acda07a392a1503f31d5b212d11564337482fb71cfef3d6e6d60902b2b","first_seen":"2024-05-06T19:02:51Z","last_seen":"2026-06-07T01:38:16.217427Z","times_seen":720,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-7ebcf264.5d438a80.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-7ebcf264.5d438a80.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2cd4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11476,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11394), with no line terminators","md5":"498a899df615cfafc276472b1be881c1","sha1":"98fbccda6c5d4f420bb0369591076be6ceb7c746","sha256":"9bd10b776c016be8f501f8bb5f36d42b210fc0ffa2c3423cd0056d1c8397967d","sha512":"f06de60b25ab349e02888bfb395142cd4f28f5fae94b3b7810b1de947e083974ee4b220ae2012a62a9cf2bf1fdf772b0792118cf7b6d3f1e01423a11ca21daf7","ssdeep":"96:uT2XkyNK8ToTTTw7tBK2Du7FtO4zP4kDcUDcR0nm0n39X7oyXHG1P45fyAe1cWpH:uTOkrDzXP/6hYGy2iMNDFdp","tlshash":"a6322159a48be6aedd3f8021806c1631e0241fe6c739e083f778ce6842d5db46b2d76c","first_seen":"2025-04-07T11:12:04.200468Z","last_seen":"2026-06-07T01:38:16.158758Z","times_seen":531,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-37bdd3b6.ab3049c9.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-37bdd3b6.ab3049c9.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-c3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"bb2937d5e125d43804baced3df0e2324","sha1":"f05644aab014d7d97bbc85608cf6780c493a05d2","sha256":"e00bf1fa5fb4cfdbc444c4bec56187a9791039e97da5321313d77004d0c64465","sha512":"836ce5593797ed06b6b9e4357d2caae8f7327368f4ad152df77817d74efa3c8d3728445ccee4b72549ec7890d90716a58d56f0e2d77adc14c5d1adc46d9e62fa","ssdeep":"","tlshash":"40d0e9f2551994b98a3bc22500dc7484196bf626d1675189ce829a282dc63013f7425c","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-06-07T01:38:16.105047Z","times_seen":675,"resource_available":false,"data":null}},"time_used":380,"timings":{"blocked":199,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.14/theme-chalk/index.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.15.14/theme-chalk/index.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 28355\r\ncf-ray: 9d68a9f6a94732fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"64e78703-6ec3\"\r\nlast-modified: Thu, 24 Aug 2023 16:36:19 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 61864\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ttvocZvuhgoPeAI6d9zWTG7CyVgzDSoZeEi7KhS7KSC29hoW%2FHOSKmedt8zpMw4yz9goAvwKpFA4MkB8jcyrJO41v9oxnaHHAPMq9sAeivrgncSDV25iH2kFw8Cbqz9RehLxXR11\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":240033,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"07ced7e527d781115b5a9f3f3f559884","sha1":"371b1a3e8d3453a2451e76320d9d7c0e301331b8","sha256":"dc86d4797565d05e88d63598128328e2ed6f02f7f6d950a36a1c4ca9eb9c8057","sha512":"a19dda2047af06da26cb446e5a9184fbb87ef5db209368305f4636d5bf28bd29442d05b556540359dc41198218092ce706bf1a7b765e18b3c481c2edd068e10e","ssdeep":"1536:c28Y7SrW3YeWXA1u9w4HCe/l4TEg5fqMEeje378OaiZkW1YO8eQM+yFffwbIcfGc:lvHjahfAG1U2VGDt","tlshash":"b234a7219b03216b612bde6cb6c0ba895f18c323d4725bbbfe95740dc7d34891267a4f","first_seen":"2023-08-28T11:31:40Z","last_seen":"2026-06-08T12:58:48.429979Z","times_seen":1442,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":7,"dns":1,"connect":1,"send":0,"wait":25,"receive":1,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.4/index.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.15.4/index.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 121691\r\ncf-ray: 9d68a9f6a96b32fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6109231c-1db5b\"\r\nlast-modified: Tue, 03 Aug 2021 11:06:04 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 61864\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=POmwHrkKCcnEJUMYsq3Ss7%2FGLGfxWe9Fj%2BNPlN6SURtfAPAY0cUG7SYSC1D7ZgDyZfWdfpPXHYvQUqb97rN45rbjSdCLT033CbavB9gJs73JiVnHXOOMamhowBuYapW9uhKko24z\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":585656,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65105), with no line terminators","md5":"c51f03d35129d9d1a9da65b24cef7fa7","sha1":"1e1d550d978378980dc3aeb60012da86c2355c4b","sha256":"339747e3a960dd82946bb6b06fcf1dda76b9ee786a337726b535a1d86d6b9c0c","sha512":"8c83157d1a2d4bacafc89ed01d444551151772f1119272c303ace71aa12b6f1fba29da8c9597e2a9baf670c93768286a405a70186b92ba5aae84554b9123c1eb","ssdeep":"6144:K4lrdS1Vqp5xb+XzxEXdUfM2Z0a54VXTnDBHiSuLx8isMZg07LQi:7vS1Mp5xb+XzxEXufM2DEDVHDub7LQi","tlshash":"04c41b8d72c1b5314ba36070503f250bb33b299c680980dcb679d8ea6dbd949526ffbd","first_seen":"2024-03-05T16:56:16Z","last_seen":"2026-06-08T12:58:48.445305Z","times_seen":820,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/static/theme3/tabbar/home-sel.png","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /static/theme3/tabbar/home-sel.png HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/css/chunk-9c1c641c.2704964a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 678\r\nLast-Modified: Mon, 19 Jan 2026 17:07:34 GMT\r\nConnection: keep-alive\r\nETag: \"696e64d6-2a6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"77799daa36d79f46d4b281b47653ed1b","sha1":"55373be89e5b80041a0498a720e73db384b30236","sha256":"72587bba2c08d4d3224cfd5c5be4be51b84741142696938d00361e372d2c8813","sha512":"eae2e0e6d68a4b7e1542cd846aa3fb78cb007b0a62f860425bfb544b1c89c9d34eec213d2a344353a0dc30521f4d529edb983f7b4d2c1acfcd1e54cbf7fec813","ssdeep":"","tlshash":"43018393f30668269ea14ee7c33f9178e088c99715e864696a82843d1370ba8f52d267","first_seen":"2025-03-03T23:57:52.309985Z","last_seen":"2026-06-04T10:55:59.584628Z","times_seen":295,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/cn-11134207-7qukw-lg1xwmgxszd495","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/cn-11134207-7qukw-lg1xwmgxszd495 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 215894\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"6cdd8df48e602f011245be4611958108\"\r\nx-mms-request-id: 85e0afd6213542a19f9e0e0d474fc901-699599ca\r\nx-ser: i2315831_c11272, i2289075_c27117\r\nx-cache: HIT from i2315831_c11272(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":215894,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3","md5":"6cdd8df48e602f011245be4611958108","sha1":"ce54aef831004d782257e7df039d5df39b64146c","sha256":"0a0e7947cda75b50fc7a59257373a8e7c630b575bf2163af6a094f9d7a70fb50","sha512":"d5c4424ad9d646fc908131ab7b0194c9023a459ac000bc7e79f31441fa4430b16bec916f4ce452d99c770eda6cbdea888bd8c845448ef1f34661705e9eb84572","ssdeep":"3072:DMNZXUWLSaoxPS+k94cuy1gSDJbJSnqtZazSAgBc2DpIRb62Aq9nXLfCaexJ0y:YTSF61g8gnYUgBciIp6V07fCaI0y","tlshash":"3f24bd069712dcebe249573751e67c285a0b2439b3ae5ff4c523fe0ee211335ca47a68","first_seen":"2024-08-20T07:49:32.775299Z","last_seen":"2026-03-03T12:33:03.310962Z","times_seen":3,"resource_available":false,"data":null}},"time_used":988,"timings":{"blocked":267,"dns":0,"connect":0,"send":0,"wait":284,"receive":437,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-7721dd77.435b277e.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-7721dd77.435b277e.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3342\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13122,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13122), with no line terminators","md5":"afa8c144cb9a731467483205850e245f","sha1":"ba2b45fdaf5dd66d052b9c61fce85ca0ffffe883","sha256":"b3bd51359c248396e2ae630372f5e6dc315c35e7ca4cb9cb305a52f05827551b","sha512":"8d97ecf43e0b92d40330e3638c9c35e69ab5e26d61da26daca6d0747daf2855a739c6c477a3d2a322d4a1d61510d1b76218ef1450bac6e4e8d9b8b9d0e5ae0af","ssdeep":"192:fAJi5ylzEJShKcliZRb7OZBu5qdzWrxb1UMlfB1cH:ft5yS48ZRb7O+kCxbOMr1cH","tlshash":"24423a70bc641cbe333ac5aa315064985e26f453d1e14ea9f41f77a88fd71ca1a26f32","first_seen":"2024-07-02T22:35:07Z","last_seen":"2026-06-07T01:38:16.125765Z","times_seen":708,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-479f5bfc.f5b56ee1.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-479f5bfc.f5b56ee1.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1102\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4354,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4325), with no line terminators","md5":"59bf213112e2ef3441b335100f9ab202","sha1":"ca9f95b09ed50f4b322a9f10a34676167c72d989","sha256":"29246ca645696659bc40e853672ef76e2b9915fa9ab97c75d501c394d1008761","sha512":"24097a1749b964ec34f71d76da645d9d99914a960f97d43d4be8c98dd94e91c7ef238472fc1f24cf7baa3c0a4199ccbea52b54e47b7090c1379535d1afab9db1","ssdeep":"96:OTiMK8MK17G2myCclPKEgeNNlo4nerCUPXFp3g6K+o:OD0yCIKEvN7o4erCmXFxc","tlshash":"6791844cf5c7f16157a77873801f156af2657ed898065a82ea30e1c17e24c68233aaed","first_seen":"2025-04-11T11:01:20.485043Z","last_seen":"2026-06-07T01:38:16.145297Z","times_seen":406,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-c5c0ecd6.f5c32279.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-c5c0ecd6.f5c32279.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-e03\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3587,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3587), with no line terminators","md5":"41fcdae977e717a12a1004b9651eb9a0","sha1":"af9a14f6643ea30a0d58ac26b2a11c6b6e85f65d","sha256":"23b68516d5c626627904ec97e44374bc1b120f088bc64e085b77805c895ab0a3","sha512":"26a22d896954e3ddf63dc817de327fa7997e532ae4205e97fafdbb44245b4c0a87295c6937230fb4d7559b8a8975e5e097b683455665d222ee168ce41cdf70f6","ssdeep":"","tlshash":"7771a4aeb8ccfedd08126150583f3114f18a2c01e86454d5bb75ffd58e86531099eb6f","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.184282Z","times_seen":801,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.13.2/vant.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vant/2.13.2/vant.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 67900\r\ncf-ray: 9d68a9f6c9cd32fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"652e0e9a-1093c\"\r\nlast-modified: Tue, 17 Oct 2023 04:33:30 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 61864\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=EFXhaOPEaoISr%2FIa%2BVfBPMalCvxJ%2FN2vPMep7XpTvfQIuEHQdPS%2FbN%2FqMmN1G7hQVHYzcRoRuN8skUjN0zqjB6DoNtz91mrDVpFuCXKRB0P4VBHyS7HVl9DzqmV%2BnsT%2F2x%2FaXLOB\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":279653,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (57301)","md5":"644f13180f8d398c886f534b07044cdd","sha1":"2d3349d384b50a385ed0b0d84a256be60a1e2201","sha256":"f5d6379be3cba230a20bfd8bf264805de16223e0aa0277c0fb68c3c0751acff6","sha512":"700886a3c2a288eeadeec4b09884566eecb30f2530259b18a45147f07a02103fb94e144ed643f690de26e8b76119aa639f210c0d687cc957c82318be053ec72a","ssdeep":"3072:XuhzovpPNdJ+fzFgMxnnocXJjyv7mF4Betr1G661LlS+b6aNSnIum/yXN:+hzopC0TmRQBPSWyd","tlshash":"0b54d78ab1c5b425079770b5403f110ab237298cb81a84dcba79e4e66d7ca5ca13ff7d","first_seen":"2024-04-24T18:56:37Z","last_seen":"2026-06-08T12:58:48.419707Z","times_seen":951,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-134ebb5b.033b1400.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-134ebb5b.033b1400.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-42\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"bc8f367bf615641ab42ec602bd037fa2","sha1":"94db204a7e2294fded4a9cbd4ce2b5e84e94266d","sha256":"3fbae052426494e80dfd7b283a3738bcaf8b2894808ba80978d570eb69fcdd2c","sha512":"4efbbc755be35bbfffeefca229c5359b09f347114c062ca665521dc3414a5d8e83af5665915a20cadadb633b820951063eb9511f54d6c0d184e486bb43b60d2c","ssdeep":"","tlshash":"bba002943d4c0338b967e144624249e03179171a95a99763fc46203ad906da05418648","first_seen":"2025-04-06T10:24:08.355161Z","last_seen":"2026-06-07T01:38:16.205693Z","times_seen":413,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/static/theme3/tabbar/chat.png","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /static/theme3/tabbar/chat.png HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/css/chunk-9c1c641c.2704964a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 1345\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-541\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1345,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 67, 8-bit colormap, non-interlaced","md5":"9a9a3c68d20119ec90a21aabb59aa872","sha1":"8d3d8da5e2cfff13f62d0230a8f50fb6eb850bb8","sha256":"c8fcf8de83cd1d7b76eafd9fc6cc4b69cbe6ade29a885d7a709125d9de8cfe39","sha512":"f664b99ccf9a56023f424176cdb57ffd85e44e11de244191095b55adda525b3c3e831063b6ee2eee0cba54d553048d1e7e3706ac7fdffb1c9c89e7acafb0bbb8","ssdeep":"","tlshash":"212130f8f1a80825c36dc2a5c562bb78229c985cd1ec6b893fd0d6af5d9cc5e1dc43a4","first_seen":"2023-05-03T23:27:44Z","last_seen":"2026-06-08T12:58:48.428485Z","times_seen":465,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":295,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-6698de45.417e0788.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-6698de45.417e0788.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-271\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":625,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (625), with no line terminators","md5":"64a929a7d54bbd849dd6eabdbda4d9c8","sha1":"14052f0e049a7fb4123bb08f26f7cd9fafc12495","sha256":"1728e8eac8bcb6f1d4dccde1cabe92163f790ac8cc0029dda71c9186392dc32d","sha512":"02413b50ff0d0fa0cdd6a6a7de0919fa13b1c4ac560a6996d73aa5c5eb899f0ac3b12240070e4e89c8d84d890017d71c6d55ffd9ec504f223d91205d4e0b3b59","ssdeep":"","tlshash":"eef07d67f0840f08d836d2412bc41ee6906a7522721187f8cec35d14af8f297349a5c6","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-06-07T01:38:16.228004Z","times_seen":630,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":379,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7qvdj-lfiequdt2wmf96","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7qvdj-lfiequdt2wmf96 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 217213\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"abeaf1e1d1be8ce8193fb604ea599f59\"\r\nx-mms-request-id: aacab02cba09417aa8ffdcc37489f0c2-69030938\r\nx-ser: i2315541_c11272, i2289153_c27117\r\nx-cache: HIT from i2315541_c11272(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":217213,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"abeaf1e1d1be8ce8193fb604ea599f59","sha1":"ecaab14e1000c522496583ce3cc6bd11fb6ad952","sha256":"82e81ec1aeeef4f6e7783d333bace8bceefc7f2d39fcaf937c1c2cab836fd171","sha512":"6033be67f0f14b396a0b5dfdd73632e5771bbe0b0831597d3c19305daf2a810ba0b2f81f674b06eb40dc23d12fa383d69212e8f127f6fdcdd5ce0ccb8bd2c57f","ssdeep":"3072:7dIWEqEqEUm2Y4ncOUhNdGJ3beOF71GFRAKRZGcaK7Lv+WMjemYP5ufCSiZ:7dIAdjcOUhNdGFCpFiKRjNLvN/niTiZ","tlshash":"712402534d194f8791dc57687f021e48cb29428de5db7aea20aa1fdebf9c3290cd412e","first_seen":"2026-03-03T12:33:03.317776Z","last_seen":"2026-03-03T12:33:03.317776Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1638,"timings":{"blocked":626,"dns":129,"connect":37,"send":0,"wait":180,"receive":206,"ssl":456},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7rbkf-llx7nwncuv8p22","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7rbkf-llx7nwncuv8p22 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 169861\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"c6f7651fa8854abc7b32d22194c47f15\"\r\nx-mms-request-id: 24b29d30845e4d0282742df4167ecf46-69946bbd\r\nx-ser: i1911849_c11460, i2289103_c27117\r\nx-cache: HIT from i1911849_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":169861,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 510x510, components 3","md5":"c6f7651fa8854abc7b32d22194c47f15","sha1":"04f1537fb9b19755ec6f754ca02ba07ce48a3ef5","sha256":"92f5110aadbf10ff174a4e5d08b54b2b618793303eedfea6d1554fb4337862b4","sha512":"5453006240a2f03511c0655eff2aca23d7e9edcbd28749cc8dcf6ab8441643763992739e743c0e3aa4083aeb80b2bed71c0f289a5a9b1ca7d4ac3f443f70637b","ssdeep":"3072:+/FjR7X43loMx3mXTNVgPMOVsg8q0zxQLm/Uh7tDK1YYB0DUOmWAzhWg:WJR7X/e3mXvOVs5q0ey/UhNK1PBDOmWm","tlshash":"16f312b24d13e916bd0d46b0f78282b8526a73e115d0ae8e90cb0744f3ad742bc56ebd","first_seen":"2026-01-02T19:26:06.93988Z","last_seen":"2026-03-03T12:33:03.318796Z","times_seen":2,"resource_available":false,"data":null}},"time_used":612,"timings":{"blocked":279,"dns":0,"connect":0,"send":0,"wait":271,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-9bd26c66.8caa504a.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-9bd26c66.8caa504a.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-217\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":535,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (535), with no line terminators","md5":"2f8377a82a17363daca0aad917da18f5","sha1":"6d2760224fcd80f1da477afad92b663e588e20b1","sha256":"07c7e560a498d97a493f353afe8ba51806f63b99cb64c599548a7c63a4b4e2fa","sha512":"7bbd1fb7a50c4caaeb398070cb105045891211d3e35abb0880f2787916ef195ba842df198d3d0bbfb51c8b68aca547256183606052a90352c3cc01843a236930","ssdeep":"","tlshash":"04f0f6a2ba183036f43bc53578e32884bb00a7a753bbd4a2dd438b11cd920937236b4c","first_seen":"2025-05-18T06:03:19.663469Z","last_seen":"2026-06-07T01:38:16.143446Z","times_seen":443,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-1208543e.f44f12c5.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-1208543e.f44f12c5.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-d08\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3336,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3324), with no line terminators","md5":"be975a74c0a808d6e18bc308100f1a0d","sha1":"b59e8ea3b99405f507e081fdfc2ad6996be8fb15","sha256":"ba5fad0d7a49a3add3dba0c5b1d31279d314011a0938844ff1d3a5f3e143dd33","sha512":"420e469118370bf0ca743e7f89fd2ac52a0f58e7a6acc2060d6bf3446d7c0eb414471ececdbd0d9b03a52589ad7786484303f90d5c5b16bfff9ebd1035633bfb","ssdeep":"","tlshash":"8f61844c7093f4a703e69166783f3715e2b67a95d411e1146ba0c7c0f87496a232bfab","first_seen":"2023-11-18T03:55:04Z","last_seen":"2026-06-07T01:38:16.132445Z","times_seen":749,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/lib/flexible.js?2222","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /lib/flexible.js?2222 HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-fe1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4065,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"1572c9446821f8b1dc1136b64b44e739","sha1":"6a786ef63db48581f50e85601ef4a3effe8bf095","sha256":"264ef2e4767a942ee634794619d94edbd7da642cb79277c16b974cac9795c246","sha512":"4283dbb16b94c7db39673fb92808835e7f2ccb34f64502d0524cd571fb28e91c82abddcbf1224d4b83c1fb30908c96a4d16b604b22ef0f491c2bdf2d00213598","ssdeep":"","tlshash":"5b81322806e322361e2330348fbf210539728067055ace447d5ee79e6fe4a654ef6bf5","first_seen":"2023-03-07T12:58:51Z","last_seen":"2026-06-08T12:58:48.42752Z","times_seen":858,"resource_available":true,"data":null}},"time_used":1267,"timings":{"blocked":531,"dns":4,"connect":181,"send":0,"wait":180,"receive":0,"ssl":365},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/app.53577dab.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/app.53577dab.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13061b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1246747,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55222), with no line terminators","md5":"8e46e66143d765e77b30bedf521ed68e","sha1":"c52fa0f2cffc941dd51d7e578c8e23d6f406315e","sha256":"978fcbd5576ebb6ae075e6f88170c8dbc97633415eac0f07cb4db7ba6a542a22","sha512":"f356df86fc6f87027db8c8f0b1f719d6d4bdf9edcfc1860876cb8e98d57b38b58102022881cfd17599f5d37e5db75f0a626502bb82441086d4b4e731f9bdf25d","ssdeep":"12288:y8T/2f5k6qFtDu2XKkd6lX8I82S11yo52ZQixQn1+aPpAQ9ogO/xX+jaNDrp2g0c:y4Kt0mUMG8","tlshash":"df65292ab2dad3e505e2b4f6201937946936daead7cdd4cf0734d2d836eeaf00017994","first_seen":"2026-03-03T12:33:03.322373Z","last_seen":"2026-03-03T12:33:03.322373Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1965,"timings":{"blocked":515,"dns":5,"connect":177,"send":0,"wait":360,"receive":545,"ssl":358},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7qvf6-lgrpr9a42hui51","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7qvf6-lgrpr9a42hui51 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 168885\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"bf6279a3f607dc19724d4c807539aeed\"\r\nx-mms-request-id: 5015bdf30c61497d87b3c8e5743fe174-696dc782\r\nx-ser: i2315741_c11460, i2289103_c27117\r\nx-cache: HIT from i2315741_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":168885,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"bf6279a3f607dc19724d4c807539aeed","sha1":"cf3312e69fbfb7b8a55582c78b5b2f2f86096a53","sha256":"67e29bfb6060ca5462f3c67d432d650ccb8b44cc1905141f7246f9448ae94b39","sha512":"6d5b6dc50bc9dde441edd0bd8fe2430abcbed930102384b5348476aa6ae9c2f8169180575456a084d8b6bfa290f040f1c58caa1b94b5c360addc5c36d1f824a6","ssdeep":"3072:7VHAsEEsi8YvGaG06B64tjR9+74PTcWC8mOJGU:7VjgYzd7kTr7Jb","tlshash":"7cf3e04b4c498643b8dc52e8f8930e1d1f14bb18e5c1b2fa16618ecb3aed2254d5f97e","first_seen":"2025-10-12T10:23:36.599706Z","last_seen":"2026-03-03T12:33:03.323585Z","times_seen":2,"resource_available":false,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":111,"connect":39,"send":0,"wait":180,"receive":37,"ssl":159},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-fbee9466.89eabb0d.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-fbee9466.89eabb0d.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2ef\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":751,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (751), with no line terminators","md5":"924a3a05affe03bd5d73e3d3c5a58867","sha1":"79a19ff62890e2545a230789cf9bd2ce2db3d904","sha256":"cd346f52cceb6960c66bec2dff6ab02da4060a163e410ed1ff334be24e0e4452","sha512":"638486c971c665c0999cc3c241472074edc22f365621abe5eedd953d7736847dba9d4cd7753517f56ac4640f4218343f531c51c6abdde8978bbd44f8e47e57b7","ssdeep":"","tlshash":"ae019ce8394c11277d77c7ed747418e116311a3280c08fa1597cb070ce4b5a523f5a5a","first_seen":"2025-03-31T13:39:50.476557Z","last_seen":"2026-06-07T01:38:16.172618Z","times_seen":417,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-ffc2961e.07a681bf.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-ffc2961e.07a681bf.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-ea\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":234,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"335494c83d0ab57b3041100fa7d6263d","sha1":"373d0eb5ca7ed8340fdb1300fd652339d2de7c81","sha256":"4223177d0678c350c634f558c6055589630047e94a59dc32aa6c6db44f020dc6","sha512":"6f431b53de52f295662a6ccc14fe7927ba8f8fe66b94e54092a5f6b11a417a1d7cc871fc82562743ba0c42528e2b59e2ccd6fb4dc9c769ad04283ea367f3cb88","ssdeep":"","tlshash":"22d0a7543f4d4275fb77e3d4f51b28826230e3b3cec102d197209455cc870b9200e474","first_seen":"2025-01-10T12:51:25.889473Z","last_seen":"2026-06-07T01:38:16.131945Z","times_seen":551,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-24a6615b.b0b2fad2.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-24a6615b.b0b2fad2.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f8c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3980,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3970), with no line terminators","md5":"e2512e3353053f7d69ea0cb807f54525","sha1":"a5080181d1410ef0d69c73c7f024560623fb1922","sha256":"df8d2443a705283c6ec4b8c489a25e6dd63c2bf85116e6edb1cbd9baae02f8a0","sha512":"32a074cdfbaa1da933beea86bcfdf26266642b6c84b1c2d27c58e8ef57aa73675e10136140d5cc0e0a00a4629a06cd09237252f58594120847656493a453d659","ssdeep":"","tlshash":"8e81572c72c3f4b44da7b161046f3215e53a2b869425ac41fa60c5c06ea5d1e136afbe","first_seen":"2025-06-13T14:30:24.445319Z","last_seen":"2026-06-07T01:38:16.17957Z","times_seen":356,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2d0c0c19.0f09385b.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2d0c0c19.0f09385b.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-131c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4892,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4892), with no line terminators","md5":"125ff31db350cf9597538aa922abc1ab","sha1":"6a5ee9c564ee56ce697f4469e6fcd2e8648b967e","sha256":"b184355349c8e7751662b720d1dcb2cf653711a979e77f39ab0cf929c60b9824","sha512":"005fa3aff982e898d6a268b9f9a7c18f32c357a9a176ad994eded793e4d6d9bbbfefdbb4b34eb863e311271ffe7f96838b90f1fe3be6ef9f36ededcf875a67f9","ssdeep":"96:R23jRDcjo2jwseP922MiR0uK+H19SHCMcr4CMhYFqLNB04uoCDpxK7q5bCSXc1Jk:R23JlHsGhFyY1McFMhyE04xgxH5bCSt","tlshash":"faa1a9c4a6e5acc907935292603e31c1a312d21568237496bb75cbef7b6eb811d06b27","first_seen":"2024-04-24T18:56:40Z","last_seen":"2026-06-07T01:38:16.204753Z","times_seen":727,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2d21d0c2.090e3250.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2d21d0c2.090e3250.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-4eac\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20140,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20140), with no line terminators","md5":"98fc4f7d659f3ff5fe223a0005d30e5f","sha1":"8464c1b8138ce0a4b902c403fbbd61887b215a6f","sha256":"3b4fea3e5f45315e8243cf56781d0df5722e6133942671dc592ff479ba8213e5","sha512":"205b160455a2df2174059f4306d93b67d21c207f50caebf6006df72c501c954aaff7770273e5a68c9190e82251c6f62cdec564eaa28947bcb6143ed41b6029ff","ssdeep":"384:S3v3YBYcL1rAAdTRA7v0zwrmSHHHsglQFx+m1OPNtOVSLMyoLyUhyytGojYPFKp:9zwrmSPG8DOyZUoy2m","tlshash":"4f92e6e9f35542f6525d5cc5286f201ba4b0a4262c1a41acbfb5c0e7e8b8fd1787af70","first_seen":"2023-03-10T03:00:05Z","last_seen":"2026-06-07T01:38:16.22947Z","times_seen":1222,"resource_available":true,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-06ae24a4.fd43ee93.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-06ae24a4.fd43ee93.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-bb0e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (46623)","md5":"177ff7e3310c02d7e6a139a3237e0d38","sha1":"375c1fac3912c4b63c01d7bc241aa43ed0055460","sha256":"db079d71523907889a19e611a38e528a3405d89d22506634a177248f03f93226","sha512":"004642aa9fe53920ff46cbaf93784da99051143c22aa04e4e24ce332e2556b057d331a481f31ff427dc0b5ef0cac013c55e41764af8496f59366278918044741","ssdeep":"768:KEkZgRUp2R7p2ROwo1OAPkuD336ya5hrCen0eTg:KEkZYwo1OAPkuD336ya5hrCen0eTg","tlshash":"9223b89a48a1224591234e56cbcc9fa8473cc76364b25cef33967c4bc745bad23ce617","first_seen":"2024-07-02T22:35:06Z","last_seen":"2026-06-08T12:58:48.439099Z","times_seen":763,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-189a2af1.2e2a949a.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-189a2af1.2e2a949a.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-af2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2802,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2802), with no line terminators","md5":"966516d12c4531cb81cf6ed4b46ab92d","sha1":"b8ed7747738ba4f4d5826a71013a5193efcb474c","sha256":"972fb6c2f201749077d73381916e96c62b0271d542500f660aebbe9d6aa3267a","sha512":"15bd68e669e7d30dde5e6cd28a725ab79fbd48dd1fe8f335981bc28d71b72c7c9261a67179bdf6dac513fec536965303ce5a244cc3f0da34fb55f2ab95ad7dcb","ssdeep":"","tlshash":"aa51133f6714771ba027e85447d80faa0218e227f11326ed1d1b9a25cbd7ba60f6d48a","first_seen":"2025-01-10T12:51:25.857427Z","last_seen":"2026-06-07T01:38:16.104466Z","times_seen":596,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/static/country/id.png","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /static/country/id.png HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 208\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-d0\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":208,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 151 x 100, 4-bit colormap, non-interlaced","md5":"ec86910990aa46ace7ede9b7376c1019","sha1":"6f3fb36ece67a129f0c58a77c6f617cd04f23731","sha256":"cccf07d963c80baaa0dab594a4a8d58725716b95934338bc95ab5f71dbdadc7d","sha512":"39233eba11996662d6c977a51b8b3ac3d5f50bd82a661b3912f03675b501fb01ef3bbe162243ac1e6e5698bbb97b292e5e5563ca4396f29ad9eb64a95558a5ab","ssdeep":"","tlshash":"64d023d375103d3d118d01de4fa30083407041cb1c05d5a6b41750359df5201c199d45","first_seen":"2024-06-16T07:39:15Z","last_seen":"2026-06-08T12:58:48.451475Z","times_seen":567,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/d3935668b7d3435696ffca56e36564b4_.jpeg","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/d3935668b7d3435696ffca56e36564b4_.jpeg HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 143443\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:27:12 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":143443,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"90f1b57fc494b9f239024c3ba154fbf4","sha1":"97638429e365355e6fda0e650eeca40fea1e9bf8","sha256":"cf4015cc406fd0b4392852f83e54b33b631154928246f2a5582e8391987cdc48","sha512":"463a199b032adda5fec9bc37407637a8733b287f46ea6a736e0e3a80ebe1f357781f1cd85da78a58e656a384dafa1709421425ed43506d27e0b287f5bec3e743","ssdeep":"3072:66ILqn7d3KfwBXKkPdaNig4Nn5FXdiKLc285LNflKf:66IL6tKWDEt25djLQNm","tlshash":"60e312eb8d143923ef9cd3115ada0265ca65cf31d68973382c786addbbe2b90134c56c","first_seen":"2025-12-18T19:47:47.682993Z","last_seen":"2026-04-22T09:54:52.09334Z","times_seen":224,"resource_available":false,"data":null}},"time_used":1643,"timings":{"blocked":1098,"dns":0,"connect":0,"send":0,"wait":183,"receive":362,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/5.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/5.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 80247\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-13977\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80247,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1280 x 787, 8-bit colormap, non-interlaced","md5":"af912194c0220ac8509ef46e55f12d0e","sha1":"cd38228a5fb07c66972682299373defedb825281","sha256":"d55a75cd237e29955dcaefcb734cfb17a07a9e1046e8b049458070d726b5a076","sha512":"667efd70bc771754effc1fb9c6db95bca5352e9ab3c81cfbc9d38f101ea335592a5da98f78cc08f787dbd8e49789c7b25dcf1edbb0f529e05c26cb7638aef1ac","ssdeep":"1536:6O6hpb3eZ5fb8UEfnCYVtm0ipqX/mye7BmiYCHcSAlk5ak8SvycLwL3DlTF:spb34D5wDMqX/k8ilHdAlkuSvt0r","tlshash":"5773029327b43804d55abbb97a0b481098173b7307c189dff2671ed6ea6346ff4e0289","first_seen":"2023-06-13T01:19:11Z","last_seen":"2026-06-04T10:55:59.650675Z","times_seen":286,"resource_available":false,"data":null}},"time_used":1418,"timings":{"blocked":513,"dns":0,"connect":0,"send":0,"wait":357,"receive":181,"ssl":367},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/theme3/tabbar/order.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/theme3/tabbar/order.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 379\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-17b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"549ffb680d0527849f31e5995d16799e","sha1":"5b9749927e26c7f219f9170784f37a9dc1861c6d","sha256":"c5ee884416417d216686fbbdc70e12525210e9c016655a7020f729d95e5d025e","sha512":"4326949b6fa6b271f242ade578b6712573f0e00ed5cd04ad9040c8522134bc535f048d40ddc68e9397e357d67126cbc991e6594f73eb52016a321411a0b7aa6d","ssdeep":"","tlshash":"46e0686b62a45dbccaa60e760fb0045280b0c9988516cfc6b16fdcfa0a018c855c5f55","first_seen":"2023-11-04T02:21:06Z","last_seen":"2026-06-08T12:58:48.439509Z","times_seen":472,"resource_available":false,"data":null}},"time_used":804,"timings":{"blocked":624,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-f045b624.0bb3fef0.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-f045b624.0bb3fef0.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-dd3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3539,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3501), with no line terminators","md5":"554a2852a05af8553e8e9f6cbf2b5132","sha1":"1206ffd47ce7ab7de3d8f0229614d79219600aef","sha256":"49c61b9fb83317412a6cb9cda4815f38c69ec4ee61c95ccf42aa9facf4ad9a0d","sha512":"3f040fa363895bac88511a58016662b54d0604381c735f901837718ef05b336dd814e7b9fd9850491841b7e5b89e1a378751a1921894ea21f1fb51625e41d813","ssdeep":"","tlshash":"04712204785beffdcc568051582e2731f1653fa9c436e082fbb0cbc85a909b6576db29","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-06-07T01:38:16.1758Z","times_seen":795,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:26 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3b4ee\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242926,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0005accf931955eec5ed86f897e0d360","sha1":"7ae89839cacb8637600a3b0067fe8611edae2f65","sha256":"277dccf22d817aecf00496f547b3704907d454570f579e5f9d147435de498557","sha512":"121b37b857ea680cc979ad6337a0ecd55bf08cd25db73f7252609c7eee616b62d68da9a906d1d7b692c28901db52af573ca473ea0ee321381a453c1dd46b7c10","ssdeep":"3072:AJW0UArN86OfTq6asxZSfXl3ydsO/NPaa:Dq6Loe","tlshash":"a23477a1a706114b743ac997bdc2e7454a18bee3d0224aedf11758d4f7cdaa42cb3f09","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-08T12:58:48.427006Z","times_seen":854,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":406,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-62a9efce.a1c2f75c.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-62a9efce.a1c2f75c.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-d73\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3443,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3443), with no line terminators","md5":"a3c7f40f0c8b465b29b017b388f3b3df","sha1":"c9bae219f9bfad67f0d5e60a87dad18b81c08bdc","sha256":"b1c75d71125796bf67ed3f98227622683636475f7be80b9f026167f5164b69f3","sha512":"b326254ef841679e279b10abad0726f379147b7387816a1bde714e579081e333ae00de1b2d3eac0470c5f51944ade77aa8fc9fbbf3ce8eb209daaab83b643716","ssdeep":"","tlshash":"9761be323a597209e46bf560f6a01acc53f8b613d20302db45076b218ecb5a238f9b69","first_seen":"2025-01-10T12:51:25.87288Z","last_seen":"2026-06-07T01:38:16.170318Z","times_seen":551,"resource_available":false,"data":null}},"time_used":554,"timings":{"blocked":377,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/e08faeb6de4eaad4d097712f914978e5","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/e08faeb6de4eaad4d097712f914978e5 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 130598\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"e08faeb6de4eaad4d097712f914978e5\"\r\nx-mms-request-id: 0ef3eccc953f4e0db20051adc0abfe50-69639c19\r\nx-ser: i2315741_c11460, i2289071_c27117\r\nx-cache: HIT from i2289071_c27117(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":130598,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"e08faeb6de4eaad4d097712f914978e5","sha1":"2a09792d8b75dffbdddd48a1ccdf7aa2297a8db6","sha256":"45e89fadd75c29fe4013e51620fa9b77801ae57d5d54cc664f49abedee5a4fa7","sha512":"8baefc9873b64f662125abe854c44bd0b6e3187f298f6c63c2fb8a451ef3a45fc35c87fac60dd1bd222df39ef5d8f0318b072153ca6ee80cfc0ef67c98733dc5","ssdeep":"3072:eP4H32dSL4jm0ide8KCrs7DBIJ18IVgzPJS5SW:QwckUfGe8KsywVgzlW","tlshash":"c0d3029b9c77446a981c23f8be678dcf4a006f6cafc9554885910dcfbbcc7590d2a43a","first_seen":"2026-03-03T12:33:03.332754Z","last_seen":"2026-03-03T13:11:22.321604Z","times_seen":2,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":264,"dns":0,"connect":0,"send":0,"wait":81,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-73564486.52cd7bff.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-73564486.52cd7bff.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1d6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":470,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (470), with no line terminators","md5":"1303931865d0bba4bf8e0d2cb40b0f48","sha1":"6207226b686d82a8f132bf72f28d96e118ab1694","sha256":"33dfe1c2364df348b7f945aa7163014a5d6ceffe631f62dbd0c1df25a20e003e","sha512":"dfa20c0405025438190a91744f852ad4a9cdb311dff4b556a9cdbb352cd43e90e9f1d8423ed1c46bdccf73a602946833c36de1ff951528b8cf7cf3000410ea18","ssdeep":"","tlshash":"bcf020f63e9f407c06f6e685904019654297b727824216897eaae8301c8b0873b309cc","first_seen":"2025-05-18T06:03:19.628705Z","last_seen":"2026-06-07T01:38:16.1871Z","times_seen":440,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-0d0be872.660f69ca.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-0d0be872.660f69ca.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-7be0\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31712,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31148), with no line terminators","md5":"aab9a2c549da8252ddc01cef8a29b7b0","sha1":"d3d73bc1067fc956b8587bfb6fee4d3c71e64f10","sha256":"c73a5387a5fb94ee5b760b678c0dc33270cf380fa7dd817fdc2de66f88f0465c","sha512":"f2efd0054f52c6115c319efcd906447b3c6873a8c045f6f99fa8281da0b433281828090676d8308656dde7812401c0e84c3f9bc0c0cbc8a357cc4be26c07bd7f","ssdeep":"384:78yd+4HqRh2vAF0SvRsX6Y9KipE/YXwhE:7Hd+HtFHq6YcGqhE","tlshash":"77e2c744f0d7f67f4c9aa011006e2a25a2397fdda418e085fb7cc8d45898865bb7de7c","first_seen":"2025-05-18T06:03:19.634909Z","last_seen":"2026-06-07T01:38:16.12422Z","times_seen":439,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-5a173067.82b58a1a.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-5a173067.82b58a1a.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-582e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22574,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22278), with no line terminators","md5":"d2dcf0a06468bc415e244036037a53c3","sha1":"aa93f023f7985ecf7ac0d89cfb720f301ed6aa20","sha256":"c925c22a9efe71fd398efc2efd8588450de8e08f486737a401b4311867f3714b","sha512":"c39be18f592872b76836f696860122c476089924e75e093d75b2cde7205ba2bdd0fdcfde1cadcdc5d2624d06be1ded57453dca7a3204a1f9cfbc4b553a62534d","ssdeep":"384:4CohviaOBzti9zB7tIBekIJDjjSmp2wtp+ddl7856U2f/nJoxSVdQBlh5/m5zYKh:4XJ0mpFNqTqg770ns/JKqOzTONBUJVhS","tlshash":"eda294cdb5c672071ea630b3317f35c82336b44c39089555b3ada49c76ac6a89e32f79","first_seen":"2025-05-18T06:03:19.652555Z","last_seen":"2026-06-07T01:38:16.133461Z","times_seen":397,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-73564486.8eeadb7b.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-73564486.8eeadb7b.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3b07\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15111,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14825), with no line terminators","md5":"c12cd816f5c9d1c7ae61adb666cb1a4b","sha1":"c96e809cd356a8cf4d2732e4314e6bc78fbb129b","sha256":"80e792a7ae7361ea0cf726b584d799fae58d818fb2cd60e5acb1d77f9e2047f8","sha512":"dc9fc91e0a2d4936abcfc305b13ddc13318fcdbfc5fbfc268faed828e409e9b7b909869fde96d7d8000961fbfc6334509ea4dda9e94fd26baa347abdf580ea9c","ssdeep":"192:UZYYky2uE1tJS87BmQtievX/CivbILZ+k4:OrE1tJS8F/3KEHk4","tlshash":"6a626654b487e6afec6e9522411e3a35e1312fe8e022e043bb34cdd45994d7c272db6e","first_seen":"2025-05-18T06:03:19.707424Z","last_seen":"2026-06-07T01:38:16.189945Z","times_seen":435,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-b697e706.4ec77778.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-b697e706.4ec77778.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-6fad\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28589,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28283), with no line terminators","md5":"9dddd6b6f3fcdb47a773f0a1305b1601","sha1":"708fb5d8516c6bd543a4d7ca247d1f58154387e7","sha256":"312b79e4090cfc77859e6744f7753603db72e28ab44a38c60424d2afe26348a3","sha512":"90769a9c6f3567af380d85c3605901e5ad6b2f2360d9c80231667fd8efe35ed6e22cff1e467a017080297a1e96ce6d48803a6f34d2c17d6fe32fb148f91e0978","ssdeep":"384:7aR6aUGUDUPUbPE8Zml4FIZP5hknyVZaPh:7aQdgshml+Zyk","tlshash":"c9d2b719b9c7f56bdc6aa021402f2935e1352ed5a025f081f734cea065b9c743b2dfad","first_seen":"2026-01-20T14:17:30.740196Z","last_seen":"2026-06-04T10:55:59.686725Z","times_seen":175,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-2232cdce.9ea87d6e.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-2232cdce.9ea87d6e.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2a3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":675,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (675), with no line terminators","md5":"1c45f5d00044828f6731d3b19fbb5d20","sha1":"a54da32a2c9a2cf722946ba08e0dfc786151f32a","sha256":"8dab559fa7fd40bddc56d28a07aab471b6269e17c14689034f08da90989d763e","sha512":"6125f075397f81677d3892e739def54516000c968acf3df423728a673897421695bf0e00f91c95b81e914b0c2dfaca1cc0fbee7df77e41b4deb39b869ef1a5f5","ssdeep":"","tlshash":"ff017b2bf08c0655c432c0416ad41eeb802f752262118ef68d87bd65be8b347e448646","first_seen":"2025-01-10T12:51:25.86171Z","last_seen":"2026-06-07T01:38:16.223428Z","times_seen":548,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/br-11134201-23030-6b1b5yrwzxov2f","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/br-11134201-23030-6b1b5yrwzxov2f HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 207567\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"7ae272a7afd93e13cdc142bf9178584b\"\r\nx-mms-request-id: dc4364f685a04bdcbc8745b4d7078ec6-699dcfa4\r\nx-ser: i2315799_c11272, i2289077_c27117\r\nx-cache: HIT from i2315799_c11272(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":207567,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"7ae272a7afd93e13cdc142bf9178584b","sha1":"8c784ed26c885c50964c1e8e9e97e1f692917788","sha256":"3aada43484b1b2d7fac008c43935796962771046f46f299e024dc42e44fac840","sha512":"89a97e448de473bb773a504fe7af60d1783ce8211756059828181ebc2f2d8e7dd5dc674ff101c41a8a6a40d0696df61337ca116f8bfc1f3e20dbf637d0717069","ssdeep":"6144:u+p+lLyo6XxLtATZxnhqRa8i3vyfi6+qfrVmcap7GY1D:u+6LyfhOTDngH2vyzfrVNM7G6D","tlshash":"7c1423cbe5603bc15609e8f3b4b940c95e5d353b40cddfae40be0e1cbf09a668919997","first_seen":"2026-03-03T12:33:03.337209Z","last_seen":"2026-03-03T12:33:03.337209Z","times_seen":1,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":296,"dns":0,"connect":0,"send":0,"wait":217,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/cbb2d8883a5c0a56f690b4a6d27e35ce","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/cbb2d8883a5c0a56f690b4a6d27e35ce HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 347898\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"cbb2d8883a5c0a56f690b4a6d27e35ce\"\r\nx-mms-request-id: 44dcc58ec17247d8baacaf33bbf2a0b5-6972b900\r\nx-ser: i2315767_c11460, i2289077_c27117\r\nx-cache: HIT from i2315767_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":347898,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1024x1024, components 3","md5":"cbb2d8883a5c0a56f690b4a6d27e35ce","sha1":"daa2e53865d7f98aa597f09106de4620eb432692","sha256":"f975f2d9599943abc1cc87da949866c0a49e186e2dee207915448bd6317eaf7a","sha512":"3be1587cab160452a16a9eeb9a4cf69fd297a919ce85d78162c61cea77f89f8bdf5f4e215e042c57dcc471cff0120365d87617b6c48875e0e80a219d229454b9","ssdeep":"6144:V2LTcarwSSD16bQ7XL9NFdknA2Os+39f/J1hQuUuFqdmFM0yDVj69foJIXsLv:1aUJXNdIA2OsEriP+qdjDJ69gaXkv","tlshash":"6f7423a9012f4b3766182733aa45ce7b9138f13a96a51d19b60fd8e442cff1dfa33149","first_seen":"2026-01-03T16:07:31.18844Z","last_seen":"2026-03-03T12:33:03.338208Z","times_seen":3,"resource_available":false,"data":null}},"time_used":761,"timings":{"blocked":287,"dns":0,"connect":0,"send":0,"wait":270,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7qvf9-lhj6nik04nqh67","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7qvf9-lhj6nik04nqh67 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 198140\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"68133dad519d16c91d53b3393f545564\"\r\nx-mms-request-id: 1cb1f731889840ad865d124c85427794-698c816f\r\nx-ser: i2315827_c11460, i2289077_c27117\r\nx-cache: HIT from i2315827_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":198140,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"68133dad519d16c91d53b3393f545564","sha1":"5385114bc576f06c2d598a54650d8889b554c5c0","sha256":"03fa8a41740b460115c941c3eda461a2505bdd3ad6d1494f308a3760027b3139","sha512":"7e2642bf6dbc75a89253f088ed401b32b1710b94240f88451096ec39ebf9ae4bb7bec37e95cf201ebcd712e2931aa17b5ce9136137f07ab7f5348d5e355c33d8","ssdeep":"3072:8IrWjok01QkDIvnWcF9yIHiiCKeOpefSZv3401bpWcksYbN0SnWb6:jrWjokkQQIvn5FJ9reOASTppkaN6","tlshash":"46140249bc7cb54cef5f5133d54bcbb9f91046bab27ac4086e8d1acbac95614ac02b42","first_seen":"2026-03-03T12:33:03.339647Z","last_seen":"2026-03-03T12:33:03.339647Z","times_seen":1,"resource_available":false,"data":null}},"time_used":981,"timings":{"blocked":266,"dns":0,"connect":0,"send":0,"wait":295,"receive":420,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-08d95777.8e76322e.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-08d95777.8e76322e.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f42\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3906,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3850), with no line terminators","md5":"3894e895cf59daf5d1aac34d8d0c703b","sha1":"ab33614f3a9ab14d2adb2228a7fe289af9132b76","sha256":"5583f58f0735d4c6ed2ec37748287c7e80b3e9420e8f6594e6abed75f300303d","sha512":"0c57495ebeb1b6ebc5732e9fa7c0b9d9ffbc1588c226e38f262a4fc1df60cac352d971b8f66c7bb83044749c718e960a41b52842dec8f613c648fa997b56f696","ssdeep":"","tlshash":"0c81c8ad6187f29b8ea66152802f22e4e2ba7f84701c74d5f774e5c9717c490132a7b8","first_seen":"2023-07-11T16:55:59Z","last_seen":"2026-06-07T01:38:16.187721Z","times_seen":806,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2d0c4262.1a4baac5.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2d0c4262.1a4baac5.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-254f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9551,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9431), with no line terminators","md5":"df9027d761d1bd09f4e1bb35409f2fb6","sha1":"160c4d8af922fa18d0f61f91ae5ef04988b0db13","sha256":"95403a52d5f9c2e646619e4d047241f29cb333ce23f008efbb1046a1fd21c404","sha512":"77b1a42722546584d7db9ae891e927083676b13a7ad492cea017ebbc3207e851b6604ca4f1d3b9e2b742826694e234dcd30fac3062710ef07c780e55adcff1dc","ssdeep":"96:qRHRYcfNk6il9Gj5vTryBHzDYc7NkLil9PYyWjqG:qRHhNkk5LwzPNkT","tlshash":"c4120e24f48bd2a9ec7e8002516d3531e1257be6d526e043f37c8a8857eaef4271d36d","first_seen":"2025-05-18T06:03:19.688678Z","last_seen":"2026-06-07T01:38:16.188417Z","times_seen":396,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-9c1c641c.471bd454.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-9c1c641c.471bd454.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-39d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":925,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (925), with no line terminators","md5":"1630e44870c051f166fa952f722d4725","sha1":"bc968080544a2e59e8e026de0abe54359d28e39d","sha256":"6c95e0a7e350c2c80e72c4240857bec35219ccbc7ad3fc34d61290e62a7c20c0","sha512":"a45ad5fc2885dd1e50f162373b8dd381440eded0a0ec9907082e5c05f0ec84ebe51874bd3d3835a1b53995f552adcb05f9007d845adb0c1e3cc046d2237966b1","ssdeep":"","tlshash":"7811cb4d39a5b1133b2b64a4106f72889de7218639bf6c91d164c4909f7258f116bace","first_seen":"2024-07-16T23:08:15Z","last_seen":"2026-06-08T12:58:48.446981Z","times_seen":632,"resource_available":true,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-51454bdc.4a19b0cd.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-51454bdc.4a19b0cd.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1a8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":424,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (424), with no line terminators","md5":"63768b78762519cf4603acfc48995bcc","sha1":"9ae9769aff89008916d2414ff344a472fc9ff1d4","sha256":"8e9d60e3c5870a07de8d82ab712c318db6bf50dc2a1a894f8480fd8b3c425986","sha512":"23b25928c3fa699712bacc374c0376a3330f8737ae2d6a7620183280df2c836f45ed1e3ab8bd27cf6a8c04609ae7c5a1dc69920e5ec96c992159c77ed43ec0c8","ssdeep":"","tlshash":"cde0e561364d6d22b1ead1925354238f1e582be7419022b7cf1ee4b6db5f460ab86421","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.102241Z","times_seen":834,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":324,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/theme3/tabbar/home-sel.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/theme3/tabbar/home-sel.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 678\r\nLast-Modified: Mon, 19 Jan 2026 17:07:34 GMT\r\nConnection: keep-alive\r\nETag: \"696e64d6-2a6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"77799daa36d79f46d4b281b47653ed1b","sha1":"55373be89e5b80041a0498a720e73db384b30236","sha256":"72587bba2c08d4d3224cfd5c5be4be51b84741142696938d00361e372d2c8813","sha512":"eae2e0e6d68a4b7e1542cd846aa3fb78cb007b0a62f860425bfb544b1c89c9d34eec213d2a344353a0dc30521f4d529edb983f7b4d2c1acfcd1e54cbf7fec813","ssdeep":"","tlshash":"43018393f30668269ea14ee7c33f9178e088c99715e864696a82843d1370ba8f52d267","first_seen":"2025-03-03T23:57:52.309985Z","last_seen":"2026-06-04T10:55:59.584628Z","times_seen":295,"resource_available":false,"data":null}},"time_used":641,"timings":{"blocked":462,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-fbee9466.71618bf9.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-fbee9466.71618bf9.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-54ee\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21742,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21600), with no line terminators","md5":"83b9c68c01c2a63e26911e8625844b16","sha1":"318cfc0098c1cd278772f658e07b2cf6a7ec73cf","sha256":"9b4f5bc2096377f6086a9e07281ab6f92ee41b32e699a2da01d8bc2f8c548713","sha512":"68c0e686d806d2d71089cefcd16ce9364104db70393c9da4ad0213af452fe739270ff7c2c4754ba199fe50e3b70ea45aa13e1e65f5af0a19a2b144268fb57457","ssdeep":"384:6cRo+QngYWuRIIuMe3kA8MLjjBLLFZBWglxiTmMebqiSMMDM1j0LIFv:/31vZkK","tlshash":"27a2d8cce98aec270fd3b2be342b20d5a21b906e7805145ff3b0d9dd255fa516821776","first_seen":"2025-04-11T11:01:20.507349Z","last_seen":"2026-06-07T01:38:16.156702Z","times_seen":404,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vuex/3.1.1/vuex.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vuex/3.1.1/vuex.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2776\r\ncf-ray: 9d68a9f6a95632fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402f-2693\"\r\nlast-modified: Mon, 04 May 2020 16:17:51 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 330169\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ZFvufuRKJU66p9%2ByUMWHDmoxSAwNKjc8ylI4JWfx6YZQX5DvdIpOPw%2BeufUa1ZvDgGviR8dSnt68l01KjT3yAzrm%2Bk5VWrGPW%2Bf7Ad%2BQvBpR%2BqsMHDpFYrmxsGGKeAsL%2FTIXG%2Flz\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9875,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9815)","md5":"c66594705de51675f08e3b83b9b9b38c","sha1":"40fa40f722043957a56324174ec6f80389391971","sha256":"e973901e74ff65888bbe2e58b95cfb957d5db316bb185a106f543d99176d1d65","sha512":"3cb0d6b77ac49d3c6c5c5740efa2fd9e3e0c79158c88a9d4f0b709f4713a38a7b72109a2b4c636377c783effc3c6457c718d8cdc2e9c7577db9691562e95375f","ssdeep":"192:90DuIfY7JtjC5ydUypH82+H8urFLR7BD4GOUo1MQl+B2GHPpB3QE7WA+MWnBP:9guIw7JtWqmhfldD4Eo64UgH3nx","tlshash":"4f1261ccf661b0764a377460623f120fe276a46d200a4468f598e4ef6cbe14d94abf3c","first_seen":"2023-03-07T12:05:56Z","last_seen":"2026-06-08T12:58:48.443895Z","times_seen":1413,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":1,"connect":7,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/3.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/3.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 8867\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-22a3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8867,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"e4a31cebcd48ee42064cf018c7f7ca39","sha1":"cfdfe2bc0addceae1a278b3200f26e892442a012","sha256":"4817a82e06c2b1293ba0c004e25171fad0907185d9f908071da98073c97af82e","sha512":"5f275514fa941b217090af718ddcd3f5e403d79a9202f3743bf25eb1420f6eb906b99f75f0802c9477d012c255b7896c754912b9d97179d96942413ddd5aa536","ssdeep":"192:BoBlcRpVLro+q/cXMr2nQFlFyPztChcQfxo5Z1S:NRpBro+q0MlaZGs1S","tlshash":"86029e15f0156c57a63bb6a6836958c0bc09d18e30860c64d7cebe997365ca5cc40ffc","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-06-06T04:24:34.473716Z","times_seen":324,"resource_available":false,"data":null}},"time_used":1057,"timings":{"blocked":506,"dns":0,"connect":0,"send":0,"wait":179,"receive":8,"ssl":364},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/cn-11134207-7qukw-ljjcy7rtx2fx5d","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/cn-11134207-7qukw-ljjcy7rtx2fx5d HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 561993\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"81ad7f5f1f81aa4f319dccbbb5ed9a0e\"\r\nx-mms-request-id: e3cc048daf0a479f8a6d0faede3e7a00-6996b3c6\r\nx-ser: i2315855_c11460, i2289153_c27117\r\nx-cache: HIT from i2315855_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":561993,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 908x908, components 3","md5":"81ad7f5f1f81aa4f319dccbbb5ed9a0e","sha1":"6b5c11d23ad66fe427a93edc0872f47d0eae7a7e","sha256":"cfbd75f76c1e9b3a5745fd6527b15564347196d1d8d365d84f3a74fda5a8cee5","sha512":"5ad6995c07fcb76e1feda8b15563510245d975173267060030214a2737cbfe085136249693e43fa1d47e0630cf75400c14a5fb5abbc5bc88e946c800ab053e8d","ssdeep":"12288:ZSBgpBNE816HjzFKyur7NyR1imyXwC5mCsQIHBfuMOSKI459Btjw:AEd6PFKyWA/imv4mCsQFcuBtjw","tlshash":"60c41324ea18d8c1c74f59cb2fc6720a78518702e759dbab54cca8dde4a703fb60616f","first_seen":"2026-03-03T12:33:03.344096Z","last_seen":"2026-03-03T12:33:03.344096Z","times_seen":1,"resource_available":false,"data":null}},"time_used":829,"timings":{"blocked":309,"dns":0,"connect":0,"send":0,"wait":277,"receive":92,"ssl":151},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-134ebb5b.0fa07067.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-134ebb5b.0fa07067.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3205\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12805,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12745), with no line terminators","md5":"9181b68796845b6668c8056c9af3f470","sha1":"2628b73886423469a7d5598edf0b6223304bb8a7","sha256":"6d803d6675f97dcdd566cd96bb7c0a78ead32b4ee24505f864a1ae64ff860b62","sha512":"4aad00998d45222aec9aa1982c7ee705a91412b8bc1eb9de6df867ddc9656a0076cfb86082111164f71c9a3b775c320654f1dd572f1de25970dbd3806fdb98cb","ssdeep":"192:E8vbJ3VYjYJ3sq64b2ZuGH9IPS6X4lttKHHgt7NmehRh:E8j1VY8eqySPBQnRh","tlshash":"c642b68875c7f56e49e27122103f3791e17a3ec5681ae81bbf78c5d15719821222fbf8","first_seen":"2025-04-11T11:01:20.505025Z","last_seen":"2026-06-07T01:38:16.166099Z","times_seen":407,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-51454bdc.0f5c3831.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-51454bdc.0f5c3831.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-16a4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5796,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5642), with no line terminators","md5":"3ec0eeb7153814edef2ca2c843a6c148","sha1":"311219b2402dbe49c012be2f3032f21cb8301d0d","sha256":"517eb1f96f887ef09fd920c87c025ab8209e739971b2d8d7e9ca82be49c74ea3","sha512":"6feca234540f2cf2b137ad64d0bc62657d7f1305047c13416be74997813262308f2d4e7abdc26425548653a4884fb196aac3f990e598e2d24a2d46aba12fdb98","ssdeep":"96:xZWC6Kz5WKadEQdTfQyvTCgze04bjutHl/H+hWyhjYKD4btLDSS4:xZOtwXFYAOtm","tlshash":"5fc1745cb0c7f518662a21b1601f3008617276c4691dc281bb7cdad65bf4938ab2bfed","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.135678Z","times_seen":808,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-543bfd0b.5f1edeec.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-543bfd0b.5f1edeec.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13c0\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5056,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5042), with no line terminators","md5":"acba08223d64cb5bdf9a3c3c259769ec","sha1":"f4803920d88373beee4a148c8e8f08989a06154b","sha256":"0110e7a3b8f793d5663658b622b15ab0098d3d651ad72ce03afc3d9bb3e97df2","sha512":"575bf27a75e9b05a02e75debaab52312548ddcdb044a0b146c48036ff2e937533ae26d42b921c830e51b80af8f7c5df72c161786c2f4bef1b070b3fb5bfa2b3b","ssdeep":"96:APDprdN0BH8e6B/oNzGxNvFMM+ay61C96Du5HteFo3VyaDUMTb:AbpJma9/oVwsMVy61CMSFRKMTb","tlshash":"afa10739a3d892dcbc1fc64fa61a2994322b058d72025545a2a9cdb0b2539d89f1bfcd","first_seen":"2025-01-10T12:51:25.917184Z","last_seen":"2026-06-07T01:38:16.181Z","times_seen":536,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-f13b49b4.f8f2b106.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-f13b49b4.f8f2b106.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-7a6a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31338,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30960), with no line terminators","md5":"0406cdb08fa67b132dff6fba3454fa78","sha1":"afdd47c58ea40fb49b9ea22700008f735dcf6fd5","sha256":"539e8cde20b9d40bf961c817e951417eb279b480ff6ebd124d4995ed2c251aec","sha512":"a6a5c4b477a7f35ab0da35d756a4165d21ecbdeb4a4a6904dee3a849ae3b55bf160d8918993be66ce64e8d44c9853643fa011439b7b97706983cf2999fa6a4a3","ssdeep":"384:7yIG6WLw4+RaU0n8CHXbJtwokdnCpbJAyXs:OIzWQaUtCHVyCQ","tlshash":"e1e29719b1c7e26b9d7a9021402e3524e1327ed96026e186fb34ccc47a69d78372ef7d","first_seen":"2025-05-18T06:03:19.622402Z","last_seen":"2026-06-07T01:38:16.10324Z","times_seen":394,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-3ba48570.5b9bf82d.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-3ba48570.5b9bf82d.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":243,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"b8901b3823757d5f837487ced574adda","sha1":"e78d0c3abadc1108b637c4f3fa151ababbf9a70f","sha256":"0501c9258dba83079a93439098564ba2d4f40ea059bf3409387e9c43f8114478","sha512":"07bf86aa00e47d817520b1c2d17e0946a5aedc6afa75a807bfa927bbf2735fea7953ac1c4450b87e9e5d7e880c0e993e54bae1f2b37d3164d3fca1f87a179e1d","ssdeep":"","tlshash":"4bd0975334c08b8332318ac6b102b23e8cedf83fc3d81e1a0980d2f6581318f143a25d","first_seen":"2023-10-18T00:16:16Z","last_seen":"2026-06-07T01:38:16.151022Z","times_seen":778,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":191,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-479f5bfc.2dca234c.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-479f5bfc.2dca234c.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-8b9\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2233,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2233), with no line terminators","md5":"ac99ddf2ce101c2c7a635e984f458ca2","sha1":"8c8b48207bec3bdfc96e782a13fef81bf270022d","sha256":"ef2504ed4aa5d021524832a4351b4d5cd9bdfacb6d5532e985177f890ce4107c","sha512":"ebf3f7233cf178b3d323c088c9502affbe32fa97e191f301dab7b83cb76c21229d2b351f92442321440d73d87f6e0e7001018bfd8c1352dc66a665771dfee449","ssdeep":"","tlshash":"f1417493b8851145f4279e3093ce4e685239c777992206df334634da8bc3aeb37a671b","first_seen":"2024-11-21T12:34:27.304932Z","last_seen":"2026-06-07T01:38:16.163831Z","times_seen":553,"resource_available":false,"data":null}},"time_used":543,"timings":{"blocked":366,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/app.603ca045.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/app.603ca045.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:27 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1e52a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":124202,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"5f88fdacadf021995da36cfe7e3f6a3b","sha1":"04b25a0688c2016fc6c25e5dc6ab41089b825144","sha256":"e67248c3c7e202438d77148e0023be1e6762bc8f9517f80b9d18423c8b818a42","sha512":"d634fc18dcc1b0c0e84194961672f9ecdbef1e64c7182885b2cd3ce27938f74fd0b0e267c0c663ce2418475471cbe911468b428f1feea4b38bff429be232541f","ssdeep":"768:gId3U6o3V+4+6agSMJvSL7IfS0GHGHUjOWZkNxzi6zZyuc48gQ6pVU8eS2A6kiqO:gIK6o3uIfS0AiUjDinziGIW0xmBH7Cz","tlshash":"60c37797bad9250cd9978a91c59a3efcfdbb191183829cd3e4537bba9f453cb221001c","first_seen":"2025-12-23T06:21:39.699332Z","last_seen":"2026-06-04T10:55:59.688026Z","times_seen":181,"resource_available":false,"data":null}},"time_used":1418,"timings":{"blocked":514,"dns":4,"connect":176,"send":0,"wait":362,"receive":1,"ssl":357},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/country/list","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /api/country/list HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":144,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3f298bb0ac3540cbad44910fb093be64","sha1":"6d19b9441aadc961bc7eb9e603f1e89726f7856c","sha256":"9d27cf53ecf5a19b4eb932ac6fdfbc476101f3854236fb3b15f922b293a0fcc5","sha512":"8146f0151618d4eeef50b085efe220aa791fcaedc99f59178273f5ad4e84bd9a4cf339f8708c87da8f24cdd8b42f1a0eada61d035859fd2544d9e91dcc093561","ssdeep":"","tlshash":"80c02b8a720cacfe47508003440dd36928bd00a6fc883c295ece9f65c1466f0021c827","first_seen":"2025-01-10T12:51:25.837389Z","last_seen":"2026-06-04T10:55:59.758675Z","times_seen":301,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-6497b0e7.9051d76b.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-6497b0e7.9051d76b.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f8e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3982,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3982), with no line terminators","md5":"d6e4c0779b605fb4cb780a4497ac49c6","sha1":"2d7cbb4d0cce2fa849083622a974d6ea4929e6a9","sha256":"64da468e8530be7c3730eb426ce82e544e95d0681afef2da7365e9fa934fd089","sha512":"cf78b66ca39a972b79c1456059b401ea2bc395ea3f40c9a8f8dba70bea1b1008f9cb34baf1e27af59954d59e1447fe9164a50db09731fa88c4b14234f39c0827","ssdeep":"","tlshash":"f481e2263856660cf56be630fae09acc47a8f207f14313da44156a26dfdf5c321baad4","first_seen":"2025-03-31T13:39:50.392678Z","last_seen":"2026-06-07T01:38:16.123736Z","times_seen":417,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":377,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2d0b5a45.5a587aae.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2d0b5a45.5a587aae.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-bbe\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3006,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2990), with no line terminators","md5":"94fce710d5a4657ee567a62c74db1020","sha1":"7ba4b6cd93bbe00ec7526c06673b012e14cb2bc3","sha256":"6ecd051eb49d14764dfe92c78184c6d25717d50084cdeea8959811337848641d","sha512":"b8133c7b6492d358ccaa8fd357efc68472c1a4d85b2814fda3f1107ce036cdf4340095814a9b356e9a9ad86882577b73874785e0ff8216602b9bb6397756b093","ssdeep":"","tlshash":"ff51744831a3eae702e9a092b82f3705f3753e499421e05577e1c7d4da685aa331bf39","first_seen":"2025-01-10T12:51:25.903742Z","last_seen":"2026-06-07T01:38:16.120182Z","times_seen":537,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2d0d2ed4.28b5562e.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2d0d2ed4.28b5562e.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2763\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10083,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9995), with no line terminators","md5":"6223e1b7d705aee17b0ce888330430d5","sha1":"4c9b6962e69035b7281151d37191b7dadcd590ce","sha256":"4db244ba332e287231660a70ab1e5217c494735db502edc05e0cf9a5c383ace3","sha512":"f9959648151734d76de4af20de837d546267b6e9913cc91e379ae6b3091f14e186895c3860cfae63799dcdcbec860b3806b93aea112f16af10d4558b27043f9c","ssdeep":"192:y/zkL+lB6yLAo50QN5+npu1QwRL2JxAvuZy/0vnA1z+Wf3+jMMq+rUBd+uPOtbz1:Oc+iOlxRITmMezuM0jsL8hSE","tlshash":"c422b7cdd989dc270fe3b3a9343b30d4a10b902a7c16145bf3b0daed265fa515912776","first_seen":"2025-12-23T06:21:39.849601Z","last_seen":"2026-06-04T10:55:59.658917Z","times_seen":177,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-62a9efce.17ee9d1f.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-62a9efce.17ee9d1f.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2043\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8259,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8133), with no line terminators","md5":"ad32ff19be2eddffd24c1b5177e1a5fd","sha1":"d095f2b2a1c5cfd4234b5306b91930a37a6f6db2","sha256":"8967594add188a7f22cc1247c43d0aa55c52cf8bfcc6daeabade9944a0d08dff","sha512":"455eb2ddffc00032763050b818e4e0940d130a4deae0afd471556e2ea1caf7c535e5f2f1c705ca1ba1393a6483ebf176381ff429aecd0bcaef0cf0972e9fbf06","ssdeep":"96:cLxAC1Gxn2V7LMQKEKbzlhWK+Vm4KeXrOrxs6m6vYb03kp4/c/KsE/Ki/KsaNKss:kXHvAdbzlhfezOrx/ZK6","tlshash":"8a02644ab587e2afcc2e9112802e2531d175bfd9e415e441fb34cc9066a8cb4377dfa9","first_seen":"2025-01-10T12:51:25.920497Z","last_seen":"2026-06-07T01:38:16.224265Z","times_seen":532,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-22120-qy8v8cw7wflv5f","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-22120-qy8v8cw7wflv5f HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 268875\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"e57ddaf04aefa4e91b728f0e6678fd02\"\r\nx-mms-request-id: 2118e1a8848b46869163df01fc90a27c-697d7c3b\r\nx-ser: i2315741_c11460, i2289145_c27117\r\nx-cache: HIT from i2315741_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":268875,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 954x954, components 3","md5":"e57ddaf04aefa4e91b728f0e6678fd02","sha1":"e07c540f823fae7aece14615434b3bae7e50876d","sha256":"5273b396d6d055a8a0f3d803c39201f2aa42fef966a8657f46cf883290ca1c8a","sha512":"a24026af4cdf59e2a26b6066705648f0d1edc4556e829c5572d230a6bc0e4cd425debfc6b088289b2f35e8a82aa641a7a19952210199deadb1e3e313b5a2b3f8","ssdeep":"6144:CUtpgfQ4FofPdGhHr8iXRg25b0G0fKLo4FSEPohsjXgs:CU8fQ42dMhH5o4FSQjgs","tlshash":"054402139d585923e45f9392bf821ded6b04a71deeaa77ff14015eda270c2a20c5a03f","first_seen":"2024-08-19T16:14:08.82619Z","last_seen":"2026-03-03T12:33:03.354035Z","times_seen":3,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":277,"dns":0,"connect":0,"send":0,"wait":294,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2d207f61.3e227a5e.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2d207f61.3e227a5e.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-b4b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2891,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2875), with no line terminators","md5":"ce951bda38552a6d5eb495a81b60a04f","sha1":"64216cbe03d5dd49be3d3f79ea27d9da9d2f586a","sha256":"1cd3b784101271e03ea653d67d3cc374af0d49c93d8eb1480c5f5f21cccc53dd","sha512":"3d3358f2c61ccf182701c090a2033a0d942c020595e9659c12466bca780e56789db36ccef66da4fbfccfa1a1661067b3a69a14b5b89db47d223656b5dc02b0aa","ssdeep":"","tlshash":"c451979ca1b6f99702d28246642f07cfe33437184c32e412bfb6cbc4e9ad496225675d","first_seen":"2025-01-10T12:51:25.90949Z","last_seen":"2026-06-07T01:38:16.209853Z","times_seen":579,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/cfg/202601/20/8efaefdccf5c4b59836cdb79d709573a_.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/cfg/202601/20/8efaefdccf5c4b59836cdb79d709573a_.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 86811\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Tue, 20 Jan 2026 03:25:22 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"8e88821bb1dac647065b32143d790ef0","sha1":"01ea1c3b276898ee3348eaf65979d12cb989052b","sha256":"c13cb4b58d8680f6308f8fe40cf28e2ac9bd1243a01b0aeb67a208a44027b9e0","sha512":"420eba64061ffda0c2401ce9205a6f82b564dc1c5cfbfbc4e07576066fbf807f41fff486ab4eb0e392cb0f847b79cb504dd16f5d55ad1296d2d383656377872f","ssdeep":"1536:VMCAVk8EwI65Cpg0WW7IZeE38Je55Eea7DWzhGF6Nk+D4zXkS:VMdkgfQWW7Qn38OFaMzzD4zXkS","tlshash":"4d8302c9c88655015e1633cce252f5e0cb0eea10ea35070ec59ef89a4feb136dbd6583","first_seen":"2025-12-18T19:47:47.598607Z","last_seen":"2026-06-04T10:55:59.54671Z","times_seen":267,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":360,"receive":182,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7rbk4-llyv5fvp8rijcd","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7rbk4-llyv5fvp8rijcd HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 135409\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"c38e36a3e705e2664355ca89923366e6\"\r\nx-mms-request-id: dfd70e9138a14c66a14ae871360d5af0-698d3701\r\nx-ser: i1911851_c11460, i2289077_c27117\r\nx-cache: HIT from i1911851_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":135409,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1001x1001, components 3","md5":"c38e36a3e705e2664355ca89923366e6","sha1":"1c15edb6a6c2056f59b5ba9e5896637423d80b45","sha256":"0c3852b82ab430ea0f316eb6431640a7a2d2110c24a40be6df8ccfb1a5e799ae","sha512":"0d14df3342b05e307ce1e7c2d4bdbe3053525ba352278fea056ebc0835fe9fd377eaea819f96f694720c56a15b00aef11b34aa17fb4698433d45aceaeabf2f2a","ssdeep":"1536:zGV5R3Wp5kESE05NYqdl9kWSvwvlkmNjwNeFdqrDPENJH3G7fjMeRmKwOD+nROgv:4fmp5kjovvUk4msdnJHcjxV+YgclKBN","tlshash":"8bd3ad038c188b5695ac96e8be531e9d1e167f2de88265ff00230eef7fe01625d4c52e","first_seen":"2026-03-03T12:33:03.356104Z","last_seen":"2026-05-26T20:31:35.627187Z","times_seen":2,"resource_available":false,"data":null}},"time_used":895,"timings":{"blocked":281,"dns":0,"connect":0,"send":0,"wait":271,"receive":343,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7rbla-lmnay2hd7gpl9c","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7rbla-lmnay2hd7gpl9c HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 114176\r\nserver: nginx\r\ncache-control: max-age=15552000\r\netag: \"15d297276bf3906c739c506dc9855502\"\r\nx-mms-request-id: 950342e63ea2430989ce8c9a07241d55-68c55522\r\nhandle-by: down-src-global.img.susercontent.com\r\nx-spcdn-request-id: 2679361c400bb98636b3231ed502f456\r\nx-ser: i1911851_c11460, i2289103_c27117\r\nx-cache: HIT from i1911851_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":114176,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 900x900, components 3","md5":"15d297276bf3906c739c506dc9855502","sha1":"70a10c89406e0f3406e6db31fc3b87c504cd708d","sha256":"57a6960a181a273eda11268c805919eb06c887fc1200de768e07c06053e2defa","sha512":"44bbe1a0c6199de8551f4f8e01e40897671d001519def7ae52453665552c05e84a3aeaa378cb8331cafc613e8fe25694ead7d0c4ac0ae74f51208ff51eec69a1","ssdeep":"3072:J+2Eq9N7EddEoletwReOdWPwLgLYBoFKe0VK4uX:HEq9N7CPReO4P0uYBor0VK4s","tlshash":"d1b3bf43cc159e57a26cc3bd7f434f7d6b4d2a5da69236fa10220d8b7baa2241c5f02d","first_seen":"2025-12-31T19:09:22.839699Z","last_seen":"2026-03-03T12:33:03.356903Z","times_seen":2,"resource_available":false,"data":null}},"time_used":628,"timings":{"blocked":271,"dns":0,"connect":0,"send":0,"wait":296,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-ebba634e.e41daa24.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-ebba634e.e41daa24.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-206\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":518,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (518), with no line terminators","md5":"1cff30261d21415f988a27c746136d7d","sha1":"250599fd8cfcce855ba83d23054e5289a43901df","sha256":"7ab6e1e006ffa59c7345873208908764abc61e8213beaec8ce3d6a0c142ccfbc","sha512":"30cc2c24424146d420da0cbbbce544109f0b5957085593f541708bc1ee92726874fbd19b3349d62eb1d551ccf161c9ce52027e095ed6a7000a5341b42c2d538e","ssdeep":"","tlshash":"bef05927a2912704c137dd2027642b97c181e13a991e61ed9ce34716cbd3d421beb2de","first_seen":"2024-03-05T16:56:17Z","last_seen":"2026-06-07T01:38:16.130392Z","times_seen":756,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-75292e3e.af83f581.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-75292e3e.af83f581.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1ac5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6853,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6711), with no line terminators","md5":"068d827e81f3643021999d1540fdd5ed","sha1":"222d029f95be902ecc892bbf6394509c8ff96d2c","sha256":"6c7c7cb24a4292a85aba6155e032cb866bf2801f93bc245ee8cbe94eb07bef35","sha512":"89c0d60557993dd29cbe26a19849511f44e1a6b73a7413d80da85391468b55554054ad6942052c32f006599c71fb1214061f1abaf65085629a460851eda207d0","ssdeep":"192:Ok4xlS+7/T/d/f/0/TFNk4DsMk6RFdl7w/r872IPQ:Ok4Xac8fG8ix","tlshash":"ace1db2cf587f49648e79061802f3225a3352e85d426e051ff35cde4165992ea32efbd","first_seen":"2024-11-21T12:34:27.44109Z","last_seen":"2026-06-07T01:38:16.207319Z","times_seen":580,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/common/dictEnumMapAll","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"POST /api/common/dictEnumMapAll HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: https://predictivebeautyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://predictivebeautyy.com\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7882,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f8264c8e9ec32b173bc043f598ed5572","sha1":"c3fa80300811ce3a4b177322e620a4104373dc8e","sha256":"145a0927acabd4a15631e4e961c79dcbf15dcd20b8b622b99c0f592afb056ff1","sha512":"9e5e52f4b8070dab0ef91a575279ec3818b05ece921238cbd2f963165813d8be5ab06c0d25f942dddbaa560a11b0b2e64c90808c87d7be4a1a26a0d811be13ea","ssdeep":"192:e2Y1Ys18r262EQEZSuzsR1INERzDHx2Af2:eC262EQEZSqm1xDHoAf2","tlshash":"97f1d680b38c9db08c52d51155933c2979712adef21c8260a6f5fe4db08cb53b71bae6","first_seen":"2026-01-30T12:38:02.205184Z","last_seen":"2026-06-04T10:55:59.722719Z","times_seen":170,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-07f01604.ae4a2d4b.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-07f01604.ae4a2d4b.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-32\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"3bd570c6967ae39b5fcfa9cebedae3e9","sha1":"b7ac2cb7559f4ea4435cb998a3d269631b3438c3","sha256":"ac0ca1996105308274f8785c20413f7713649699265206279f286f7cf77e0784","sha512":"65b1d8a6f928103c1fbd797224a8483dc595b281ac9965f5f325854768403e9aa4b5aa8f32cf5e6439fe683ea6fcab1e8d9e9053ab75894f4e33781265daf45a","ssdeep":"","tlshash":"66900225652eb006917667163895051e4589911575528582920984975ca1183a150648","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.124725Z","times_seen":836,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-df347502.6ac9adb2.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-df347502.6ac9adb2.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-410b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16651,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (16651), with no line terminators","md5":"d2696c0e2cf69c62af86f021189dc03a","sha1":"316f82f781689dac89c63c1e5980a485cf322f3f","sha256":"85e6c8935cfef86a0704481bd31643e1cb5bfaeb32dd0ae59c3e709fde6abf0a","sha512":"63c5c9a39c65f9cc31b6f105121d5335e5ac09c90544bdf716da4d5413f00be43026a66600e7e79191526e537f8475c51733a946e2ff87051c4f09a8bd1766a6","ssdeep":"192:DDXXnHjXTdlUvHdYrpMG2zIlYlpTkvQ8jF20ROlQlyuB7aekTYz8Elltl9lKtKb:DDX3HjDwfy0kvQ8jmQB3k8znlytKb","tlshash":"7072773b246c1328f0bbdf206a7c679c92a6e133e34116bd55426e30cfdb9da11b658d","first_seen":"2026-01-20T14:17:30.658134Z","last_seen":"2026-06-04T10:55:59.559324Z","times_seen":178,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":42,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-385c545a.3ac6232c.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-385c545a.3ac6232c.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-f2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"d215a57d93ebcae1ff01af2069948880","sha1":"79cacd45cbf0667d37ecdff1beb261415b2f37be","sha256":"78ac4ee0e05eae300b279d241d924a449cd33093ef41d3f2a2db8eca643e9485","sha512":"b8662d5cbdc28a7aac16c798416ad545f31270f86a673f4f90d7fe6b5e195b91486df11e792ce4cfbe40d8ceb06d3accf2c787d474534401c0ea02c2b96993af","ssdeep":"","tlshash":"acd09766b48c1100227ae6ab713183f484386383ee240713e237b4b0bf631e27148a07","first_seen":"2024-07-16T23:08:14Z","last_seen":"2026-06-07T01:38:16.105588Z","times_seen":632,"resource_available":false,"data":null}},"time_used":373,"timings":{"blocked":194,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-543bfd0b.0b806ae0.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-543bfd0b.0b806ae0.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-6e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"816d80b42a21f216380a30e6500d6f7a","sha1":"3756ef95852f0629166368525773a88d8e0bdd89","sha256":"4b85d91cb2ba95400d06be06c2c8ebccb68766c332ac2a914cc9678316febe8f","sha512":"d74f393865683c8d273204abd7265ddf1318b48225d5c3978c7edefb9a47fe00656111e68f20c561c2c77e10b9568ffe7fc04292d5cdbcea0e964dcdadcd1980","ssdeep":"","tlshash":"4ab01200b81c050f02ebf348a274d88734383993cfa8133d3db0c9b08da31503402c81","first_seen":"2025-01-10T12:51:25.868363Z","last_seen":"2026-06-07T01:38:16.160351Z","times_seen":554,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/f39a2d2ce13f443e94eb9616e3795078_.jpeg","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/f39a2d2ce13f443e94eb9616e3795078_.jpeg HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 109200\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:26:45 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109200,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"83dcbf6326a347fe55c0c645f55914ff","sha1":"b1b338ad7114f3d74f317706b4428bd6f3fa081a","sha256":"eb5ad397521bff280894a761287ecfb2e2f36c1952b4b98d2f2cd32ca21802a7","sha512":"168834cd8d427be21b9e5b3857e90e5a060d025485082f6288ccdc03ddec604a41a941487762d380049dfdc5340bad35f78743e12cc68eae2f364b641694794a","ssdeep":"3072:OeTqV12SDVXvvvGWQ+X3sFNmLi+y0wgIWz8iHOwwwwwwtPd:O729FwumTzLwwwwwj","tlshash":"e3b302270528ef03916cd3733f39196a2bae1e5ce29831f576610e5affa27462cc9454","first_seen":"2025-12-18T19:47:47.612229Z","last_seen":"2026-04-22T09:54:52.068906Z","times_seen":224,"resource_available":false,"data":null}},"time_used":1459,"timings":{"blocked":1091,"dns":0,"connect":0,"send":0,"wait":183,"receive":185,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/05a35873bab841035a05d1e6e0ad09dd","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/05a35873bab841035a05d1e6e0ad09dd HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 91231\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"05a35873bab841035a05d1e6e0ad09dd\"\r\nx-mms-request-id: 73dd159b63924019af8e8f42dc63d6e2-6989567c\r\nx-ser: i2315741_c11460, i2289145_c27117\r\nx-cache: HIT from i2315741_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":91231,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3","md5":"05a35873bab841035a05d1e6e0ad09dd","sha1":"c2c5d594e7293123c731e367bd8d1ef5a64bab64","sha256":"d30194624a9a1ce2070ceb453974cdc0b9f96eba2c32e6c2d21d949e53795458","sha512":"9c336efe08ba8d436658700d3829fb291e4b888b6e7ccc8a4e0be096b1ab7dad2d437cd5dc34002684767242d948a6a2a2f097ce706ab05d72bc5d2e9a4df208","ssdeep":"1536:sK+SMVs4PcIt4FrfKSy0SSwOMqjvN0Mq2vKdpwlxQ7jn7E08a0VDe:8+CcItkJy0pvN0M9vQn509e","tlshash":"c293d0138d2d9bc3692883e8be435e8c67975b0cbd423afa44a11ccf6f552168d8912f","first_seen":"2026-03-03T12:33:03.36323Z","last_seen":"2026-03-15T12:21:09.6229Z","times_seen":3,"resource_available":false,"data":null}},"time_used":704,"timings":{"blocked":0,"dns":123,"connect":40,"send":0,"wait":214,"receive":18,"ssl":300},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-75292e3e.702a8b86.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-75292e3e.702a8b86.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-78d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1933,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1933), with no line terminators","md5":"1cad8313ce8f33330685a969429cdca2","sha1":"1ea22dc3dc29789c9f94dcebc85425b5d90a4d03","sha256":"296bf0db8829d0c816826333b799ac3675121ecc33f3fbcd3c96023e159fe153","sha512":"348a870e1b1e2162136410f5fea24118870d3352e97b774c7cba2ba1a431db4bfc81bfeebbb33913bc4e2968d38c0a73d58a909175e90a4b1c508d6c62546875","ssdeep":"","tlshash":"bc418e32a92d310cf03fe259aa953ad80438f205f5231c6c6117ae6d0fcb2f7a2dc985","first_seen":"2024-09-10T16:42:49Z","last_seen":"2026-06-07T01:38:16.137031Z","times_seen":657,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":87,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/poster/notice","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /api/poster/notice HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-08T16:21:52.003534Z","times_seen":5286,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/06a17a9a77426b99896ae0741eb218e6","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/06a17a9a77426b99896ae0741eb218e6 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 45823\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"06a17a9a77426b99896ae0741eb218e6\"\r\nx-mms-request-id: ef670da414b645518dbed7b3b2031cba-6994303e\r\nx-ser: i2315741_c11460, i2289103_c27117\r\nx-cache: HIT from i2315741_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45823,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"06a17a9a77426b99896ae0741eb218e6","sha1":"d267943f2b00de1a79fb0a7d671dfbfc0e188d72","sha256":"a312823c9ae951e369bb911e15416559ca113a2eaf02fd7b8a9dea4b95e3fabd","sha512":"a07617ceb747d13537e95731e0cd0d9ce4cad27c81fb7693afbcf74c9a2fb047ac136adcc7126bdce5b25e3ac1ca80228e86d41c7e6cbfc3f32139dfc150c0f9","ssdeep":"768:bxKuleM7ErLA9kYtggOjCjm+5niGbt3NiMCl414Xdw3FTFqK9:bxHe2GSXtgcxdbO04Xd0TFz","tlshash":"56235b13d8114e87f01dc7e9ff035e68ab5a2b48f8977afe14214dca7ba41168d0e17a","first_seen":"2026-03-03T12:33:03.364956Z","last_seen":"2026-03-03T12:33:03.364956Z","times_seen":1,"resource_available":false,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":118,"connect":39,"send":0,"wait":288,"receive":24,"ssl":164},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7r98o-ll0gojkmzd482f","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7r98o-ll0gojkmzd482f HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 225781\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"c1442e012cbf8a4a4ae4a53f9493a17a\"\r\nx-mms-request-id: e64d8772389a433b9f6a74fd9fc3b8df-6991f267\r\nx-ser: i1935883_c11272, i2289103_c27117\r\nx-cache: HIT from i1935883_c11272(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":225781,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3","md5":"c1442e012cbf8a4a4ae4a53f9493a17a","sha1":"0a7bb3cb5b500fd6a991fb50893ac22047bd4ce8","sha256":"91d34e32b5b809491fe7046f6f69be604ce003c49c1417e683eec633571af8a4","sha512":"edb7e69222b2d570b5ada6dec43296c4657f15c4d6834150a9120898e6a5b948302d63f8e4ed354e29c1c24852cb43427eef5c74dfb49edebebefc0a00293d1b","ssdeep":"6144:Nh5j5DSL30FaLCepDBE55/UlPwyeWZA/niXUDD0:X51doDKzUyye3VDD0","tlshash":"6024f09133f709b1b9e038aa31e1bb0f927db454abca97c55f4ad00496b5c3d895ce0e","first_seen":"2026-02-04T17:55:16.209737Z","last_seen":"2026-03-03T12:33:03.365794Z","times_seen":2,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":283,"dns":0,"connect":0,"send":0,"wait":221,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-9c1c641c.2704964a.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-9c1c641c.2704964a.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-11d5a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73050,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8f1d408eb7386ff242f7739dca93b922","sha1":"7be2aa429a946c61c3e32e13cab28b11d1db20c1","sha256":"942b5c7eb61dd99692e6a96d8ab13671238d138d6bcb5f8bfbc56a82ce3e7a21","sha512":"0ba265e59d70162b5f2d175718a51f93f1bb7f121fabbb0c90287e74a9956f0246623225259265543a102fd806a78a18c2e75a4d2f325e2a87a926db2d98065c","ssdeep":"1536:O81LeLxbOfU6prVTG1Bo35sCe0MXePDsHme:O81LdU6prVTG1Bo35sCe0MXePDsHme","tlshash":"36638472f991261d71178664a19576e85b3bf012c2421ff9f02a7b358fe72c6372238b","first_seen":"2025-06-13T14:30:24.486152Z","last_seen":"2026-06-08T12:58:48.424247Z","times_seen":359,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-dd580cf8.3b8d239b.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-dd580cf8.3b8d239b.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-181\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":385,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (385), with no line terminators","md5":"da304e91f724c981b86055b5b892242b","sha1":"09113eb4172667d4e4b89785a76899e15a16706d","sha256":"2f621728e4a02dcb2938d8d5e36bd42b2d74ff924d44bafeb4dacce343ecbc6a","sha512":"04c4ffa9390f2d410b78681160fb8a623308f0a8b2afd6688bcdaa499ee9aec0aaf19d4b952b951acb2372276faf9675dda8dd12bf7fa866d5984aa836dbb632","ssdeep":"","tlshash":"6ee092c4f4986255b137d28f56e5e7d93c45b667e4060b24fe5ae8398c036b6302274a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.158112Z","times_seen":835,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-fb459430.bd9969bf.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-fb459430.bd9969bf.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1d6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":470,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (470), with no line terminators","md5":"70d16a216ef809a3099eb454f0301556","sha1":"bc079753a85ae41c1dea8010f4aa40ddd030f15b","sha256":"a7e8304da6921b1aadae0552aff571ad2dd3744e0941d37b2595bf3138279c6c","sha512":"132a6bfe81c5eb91c56c65ef153bf6435cef8edc6e95cbf3aa535f6b44569c8ee9e171755b6278be890dd20e81054c2525229a5c01f022c8c72d6218e7c77c54","ssdeep":"","tlshash":"d4f02093399e807e0477e6c5d0521d6543d4b73582425b836eaaba3098832873830b84","first_seen":"2025-01-10T12:51:25.887797Z","last_seen":"2026-06-07T01:38:16.228607Z","times_seen":548,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-07f01604.5fc836d1.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-07f01604.5fc836d1.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-fae\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4014,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4014), with no line terminators","md5":"2195639468928533275ba7f071087cc3","sha1":"0e525068ca00f15f91772aaf6759025082fa02c7","sha256":"920bef6bb84844bd331f8f43f7c0e46aef7d6492426090103683ee1f28daba2c","sha512":"6fe190c8d5984970691bae634ca578e38c246b24fca02aa50088b32fb27fe712e2904fd8ac2bbeaeb3839354bd57da2c220de8002d8c0b263e71a1793c928a5b","ssdeep":"","tlshash":"0481a62ab1db34a6106fa080243f3202b33425455956d0c6fbb0c7d49b656ec7d7bbbe","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.1003Z","times_seen":813,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-586d3a0a.ef1ebbe8.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-586d3a0a.ef1ebbe8.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-9a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"7925d7f93e05982a8617a67374c76414","sha1":"4de55424b1d06c5cee677118d9d489a5ef675ba7","sha256":"0de3c86520035a4f407d85b454986216c063b7d30db75ff9f35cefaf926b3f50","sha512":"add388a6077fcea2ef59820a8ddab0485f0a737ded616e096c15e78cbcf4e98740b51eb037b8435d24995023868d8592c924943f58e9d0a918b4e13224dcc49d","ssdeep":"","tlshash":"81c04c7466ac6128f17bf6e1de5b51c86b15bb67b120811b5b510230ddc3e7160d1438","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.200869Z","times_seen":842,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/static/theme3/tabbar/grab.png","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /static/theme3/tabbar/grab.png HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/css/chunk-9c1c641c.2704964a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 1197\r\nLast-Modified: Mon, 19 Jan 2026 17:07:34 GMT\r\nConnection: keep-alive\r\nETag: \"696e64d6-4ad\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1197,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"246e24ac329fef35a8fdbde1df7ee698","sha1":"ca6f3a8bc0950f9e97595b7630023f5aa3628125","sha256":"2e091bdafbd770da842eed04a365d8c70ef44deef1abb5ec7ec759c811bfd297","sha512":"faddd28e0a9a6165f917e405d1b85dfe9f2f7ee48c78d60624e67d3c3d5d7099085aff7a69e64ce2a5db29850ae452d06f9fa8fe1329f1d53c2ad50bed77efd3","ssdeep":"","tlshash":"5c210aa25a0d4f23957209b49cf56a50b4b8c9946fd99ec00c873327df8b924297c493","first_seen":"2025-03-03T23:57:52.331763Z","last_seen":"2026-06-04T10:55:59.607701Z","times_seen":295,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":239,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-385c545a.a27d7dc5.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-385c545a.a27d7dc5.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-28fb\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10491,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10417), with no line terminators","md5":"ddb02e45d37e1639cd3384f733bdb3fe","sha1":"9d991775f4ae663e220277c089e9073a500e6c9f","sha256":"3282f4d68e030666db13fe7fd07d974a17c345ffadb4198fd8550b426dc29ba8","sha512":"8bdbcff92fb4750044670b130049c5b9a3520c036def3409045f1cfff424d9e3a5a7d5e806ebb895f2f3ec4be25869bc3515c4b6d35dcb4d7f28bbdc30b5cda0","ssdeep":"96:5fzkx9RKgp26fTX6eHrS1HeoHeQQX6QXuMU9TisyTsaJ2g4Hl/TVhD4O+gktmIFk:5bkQ2zLWRRHZzjyvm7ktVFdS","tlshash":"71222e64a487da99ec3f4422906d2371f1643fe6c738e082f7b4ce5902d5da42b2d7ac","first_seen":"2025-04-07T11:12:04.213589Z","last_seen":"2026-06-07T01:38:16.107298Z","times_seen":532,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-6497b0e7.c3581cea.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-6497b0e7.c3581cea.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-8598\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34200,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33900), with no line terminators","md5":"c2cb98b6b5e532236f6cbc46116bcf6a","sha1":"ebc03c679661e156a049cc2ce40787d5653c5b77","sha256":"3dcf536d9a58bc35045ad633ad7bf93c1b5ce6aa4d54128024c5d50f1814da3a","sha512":"2f33e7a38fb54463d4c20cd375df447c692dbe3e908ff6e7e276daf379007eb21130fca9556edeef509b8a96790932c4a2e0bc21024851ec19dbaa671bd8d9a9","ssdeep":"384:VdIhe82+qWsR4Z7foZXi+Z7+qMoWRpKkBkZXDvZqQgqJZhRXPNqzZNoU/7dh:fIhT2sOvUQ4Y6","tlshash":"91e29515b887e1afdc69a061802f1971d1367ed4a016f081f774cde0a6b9cb43b2dbac","first_seen":"2025-04-11T11:01:20.429678Z","last_seen":"2026-06-07T01:38:16.120745Z","times_seen":404,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/axios/0.19.0-beta.1/axios.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 4213\r\ncf-ray: 9d68a9f6eaab32fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03d6a-3546\"\r\nlast-modified: Mon, 04 May 2020 16:06:02 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 61864\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=R7vYdn69Y3a8iQ4ZgPuPZWZcSOPlu0Ys4t%2BR67BD99wMrHhfA8%2FQetE5lKGbuh93U7ytWvOSaqRDz9DuRHnlKCIl2uSh4PFeMBribqpo7P2a0F%2FzdOb4YOVItTfJUub8rdD5ALVu\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13638,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10313)","md5":"334149adf44476f28bfbf16c7b0382c2","sha1":"ad2ea246ebb53ed655ab50d44b33d4d6f942387d","sha256":"6d2c0a450a04b5d1492f77d7e512fe6af26e95c2feac596825f45e71b9ffa4d6","sha512":"0f9d66a68e400a2499cc1dbd79331892e9e62e278d8b4784e354b7a281c91fcc1401eedb0857ff6911d842ea853d39081b459fbdc0e30d927ee93b5ba1ecdbea","ssdeep":"384:hpI8XyWPbWeAExXqgxH7RqzGbcQdVzxbUm6HwT9eei:LbXdyGbcczx/6QT9e1","tlshash":"f25285ce7861b0a757e320f0805f4a0fb2b6552a754d84a0f660e9f66db542e8733f5c","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.423279Z","times_seen":1179,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":5,"connect":4,"send":0,"wait":14,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/common/dict/allMap","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"POST /api/common/dict/allMap HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: https://predictivebeautyy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://predictivebeautyy.com\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14623,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"542effb04e4e8a6f81a040dbf128e3eb","sha1":"74d734bfe27bc262e54756e1ef864a2e32aaffee","sha256":"cde4b468d05df055d5731b13d7bdff5a3e16d7fe64a8c5e5ededccbb6c639a31","sha512":"6ff33ca9a9fd2c44651d98016f16eb9526712dba1728d81ea1a55a9b13d27d100a9474f78d63197c5ba84f3d84e5688a7147c0cfbd18d982a573d05f88ebd6ea","ssdeep":"384:Kw6FI/gct3RRoywMycQROtMEj9gnhxqlQQJq2VqYo/3ajCoSVyDf9zO07Ae:KU7zAKVqx/M7b","tlshash":"9962508cf70379b9dd0fac1491a8689e707d3e771e89c2199a41f54532b1081ea2bf7b","first_seen":"2026-02-11T16:15:12.729686Z","last_seen":"2026-04-02T04:52:24.486596Z","times_seen":92,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":183,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/a4d6e8cb2bfc4814a9ead1b1e4cecd74_.jpeg","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/a4d6e8cb2bfc4814a9ead1b1e4cecd74_.jpeg HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 55665\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:27:37 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55665,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"2bd31655f9e65cb1d43a0c903ee6a243","sha1":"ecb30db3a1bd4c332f7f2a086f0a75bac42875e2","sha256":"6eda2102821ae838afdc1af8f9146f61d4be1aba1bffedbd12e655163668538e","sha512":"50a9e96a93d263352c153db683d10400a2a3355cba82941a40cb6d2a037744fbe8b3f3c5df644a838546d15cd5d9b8e9ba75c8076236fb2bac95d1562dd18d7c","ssdeep":"1536:TuagQB0+MGH0JO6nJxdvf4Wm2xwKbZ2qJQ+YTjE:qlQ5sO6nvltjZ2qJQ+","tlshash":"9343e00bfa48eb56c74156fbd6534dc0430b2636786b36e7b92268cbbd305722cc958d","first_seen":"2025-12-18T19:47:47.644179Z","last_seen":"2026-04-22T09:54:52.082227Z","times_seen":224,"resource_available":false,"data":null}},"time_used":1447,"timings":{"blocked":1083,"dns":0,"connect":0,"send":0,"wait":183,"receive":181,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-b697e706.bc135af5.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-b697e706.bc135af5.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1562\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5474,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5474), with no line terminators","md5":"ad97783a5144620d45e0f4ae10afd21a","sha1":"9c9f5cd2a7ab9eb5f0226a37c35d3f640ca0599d","sha256":"72227fddb85e6f011800bc8a13e7611d5e6be279410387ba26d257e48d7736d2","sha512":"dc879865a7e28eae6e12caa5d4ae952d569a6601b68a266cb7fc809dc017dd29935e8cde9b8473f976f6f876a233e899090c5d3f820c0ae759c378ca673d9780","ssdeep":"96:CKLWYrYc/1Mk8Jl3kl3+l3vWKfWhjcWFzwl3E3p3B6dl37i/hkG7fA8:CKLDek8JlUlOl/WKfC1FzwlU5Ul85","tlshash":"31b11033765c1218b03be8d1696525f68154fe17e21287facd563e30dec79832de364a","first_seen":"2026-01-20T14:17:30.612706Z","last_seen":"2026-06-04T10:55:59.775864Z","times_seen":178,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2d0b3a3c.eb067d6d.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2d0b3a3c.eb067d6d.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-15dd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5597,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5489), with no line terminators","md5":"d03116268a45e5c26a72a4acc7176542","sha1":"6522fe34ee999e7a6244f3bdd912f1899e03e9fd","sha256":"a8afc8c95af01fd65075345fc20253d3c255194fec1e1cc42c93c7cf4826b726","sha512":"b7c9d0d3e5741c83b439fdfbeb9a7a73edfa4ec9ffe02fdd0c9f63056d32ca7f8eb7047ba16ff7beb7d9dbbca9e0547799c61597a087b05fd0b24633fe85a47a","ssdeep":"96:Vn0LXNkF3a/s057RLnm8jkjotbWDBkviyLWb:VANkE7Vm8jkjotbWDBkvMb","tlshash":"6bb12130e543d56adc3b9a1051296636f070bbd6c569f042b3b4879483f9ee43b1e36e","first_seen":"2025-05-18T06:03:19.657886Z","last_seen":"2026-06-07T01:38:16.152171Z","times_seen":396,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2f854f93.8c1083ba.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2f854f93.8c1083ba.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-8e6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2278,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2278), with no line terminators","md5":"c0ad238b572499e5ba56003129da1022","sha1":"984c2488512612e849ee4cd03cbee962945cf647","sha256":"3d261d791532f1087f89ab56c7dd54ca963523f3f9bf9f4a446a4bccc98a8a82","sha512":"22b956e51b823ed9a9102f87337a12b1150b34f7a7b89826165adf3a127c1162b1b77b69cbc0d68283ede26a7550c29663c760f31f91c05410972d4ef48e515c","ssdeep":"","tlshash":"aa4135087097f8f404a7a1e0002f3757e11939e45531a595ffe0c6e4aab0aeb9369f1f","first_seen":"2024-09-10T16:42:50Z","last_seen":"2026-06-07T01:38:16.12652Z","times_seen":654,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-925a3b70.79602c45.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-925a3b70.79602c45.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13a5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5029,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5029), with no line terminators","md5":"ae10f24df8163b26c0a8acec88ebfc61","sha1":"c0c320097f42858a0bea9dcf3856a9c368e93d9f","sha256":"16683f30f4b68a618f21dc64abd32a57b9cede65c70e5200e4091ed79815f796","sha512":"81647890e433c6bd8cb635528b745028179a737bd29dc4e8c43be9086e463b56bbc03077c76e099ba8f680f5d5a3339a11ec3aee77ab9ff32c0a8a10efbfb2a6","ssdeep":"96:ribAxCrPwsEiRiRJK+H19mHRMR4RMpBGhBfL3U2xK7q5bCS4M1nMb:riEs9QzYMmMihBj5xl5bCSFc","tlshash":"9aa1bac8a5e5acda076392a1503f31d5b212d11964337486fbb1cfef7d2d6d60902b2b","first_seen":"2024-05-11T19:59:42Z","last_seen":"2026-06-07T01:38:16.172014Z","times_seen":720,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-dd580cf8.daf4e217.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-dd580cf8.daf4e217.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-175a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5978,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5874), with no line terminators","md5":"427c56710f73925610ee051dc5dac663","sha1":"f5a8ee7e08d60ba732d993920d9f513eea3cadb4","sha256":"06dbeafa1a3d4781512e7e9694f58e994449b19a6f232ffe412d7b7ced396b61","sha512":"94464dd7ec342cf6b067bd078d9ee1c7d1ea8d902956e99fadf0d29ed2b1d4e09297b949644eb63794488016d4fba9c6997af6c0e0f570236c4476af114020b7","ssdeep":"96:/sEOY7KsUtzogo0o+oud1CUzy0pJirRfKBT2QEVsPiJ7tImP5MyL:/L+zJxzDjnpJirM2TVsqVxL","tlshash":"a5c18748f1f7e66a847b6061802f1615f1327ee99821d002bb38dae07b50c7d77bea5d","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.218629Z","times_seen":801,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.13.2/index.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vant/2.13.2/index.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 40107\r\ncf-ray: 9d68a9f6b9c232fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"652e0e9a-9cab\"\r\nlast-modified: Tue, 17 Oct 2023 04:33:30 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 61864\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=d12Y3Xqcp8cjGk75diAyHxbZsxogfJD1crnBmV6AUP7E7leYMTFqHUx4tEpKNYhpb%2B64Ni1HQO3AlAJce7HaXdFbFA1DPH6DLns5W9Zm3nL6UzgvE%2FaIkjAb6%2Bg99NT2tDfdfFyI\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":146877,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"fba0b10cfa931074254e7531f2cc9373","sha1":"eceff9fb867e11786cbbae234d0c697f0dd445d5","sha256":"7a6dee2202c1dfd3a499f873dee167942e255703859f86107d6bfc2272ea14f0","sha512":"556c2196cc479fd20fb3a1a6ffd6ce4836267b940a2b95bbcb8851d3f3a3e16c7286cbfd9d59ee8eb7ad5e3b58e3ba6d31d4ebe0cd0fd0cc2a30f1deb1ff6ce7","ssdeep":"1536:KC3MhK25tWrWoK3Unrx3WqyrtpqoSWEDZMAfP1rz12VLSV:KcrxmNH9yD3fNfMSV","tlshash":"36e3d52756c0236cb31bcd219bc496c5e224c123f5121bfaf1517a2dcfdbb9612a2b5b","first_seen":"2024-04-24T18:56:38Z","last_seen":"2026-06-08T12:58:48.445819Z","times_seen":953,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-2f854f93.59a5b0d0.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-2f854f93.59a5b0d0.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-94\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":148,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"91335324eaa697b13a8476e9ca26b46f","sha1":"58ab7b787cf8b7905a4860b093ba05d49538a07e","sha256":"11fce1fa144053c50cbffca168b6a326485b431a7d0a0b58f83d916cd6b16a4a","sha512":"ccbbd2a33feee9e770ad17ebbd8b0f936479660a9e806a8da2d81b418c548dfdf5b6a2807844224972b1192d182965fe5d8dd75744de445b220cda6a047e33fe","ssdeep":"","tlshash":"b1c04c71142ca0bfc937c52800eee4cf1435b226d173d0c5488ed6a418ca600387836c","first_seen":"2024-09-10T16:42:49Z","last_seen":"2026-06-07T01:38:16.231375Z","times_seen":674,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":376,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/grabGoods/randomList","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /api/grabGoods/randomList HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: id\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6190,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a9fde65e2b1015cbfc8a8bac3fad0913","sha1":"07fe2eb5d8e9bdd7c0195cd97c2255b8e3519a88","sha256":"74b86fa7c0edcddd4e68ea150a465340073bf2e04ab7b73208b15da0749555f1","sha512":"57094d7a33df8128229c3278ed8b84b0be07f8b7d60545bbe906c55a3aea47202cb8f7d73194c9163e2ebc0d1aa83c7e06e11b3189cb9fda6e5205b40b495a92","ssdeep":"192:e7JJQzPWwCjK80ZlHcriuaTZYEalucUHSU5gKR7TsVfnLieKc1q/pn7Nw/:e9JmbMKJ78Wta1A3HSkgwMVfLjK1RZS","tlshash":"f5d1164f8b94f8ac6dc0c646611bb6ce50d97f2e92a0c38e64c29f5cc5886f726cd4e5","first_seen":"2026-03-03T12:33:03.381539Z","last_seen":"2026-03-03T12:33:03.381539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":149,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/199ca2f28c964bc7b649649c94356373_.jpeg","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/199ca2f28c964bc7b649649c94356373_.jpeg HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 124612\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:27:04 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":124612,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"c5a288201dbfd8e8be4f7963e6657e47","sha1":"298d49b15dceb528df7d3ce3d260e8763a72f097","sha256":"866ab4513b1e4de7d235118a57be6384ed45a2e809e090d3734a3a4d0c9bf98d","sha512":"895d14f8c1e6fc37b2c378b4dcddc2e533325312ebd79e5c76bbfb798f71db0b3f4c11dfd746d5a392cf985564c9e023557d9066e75f295503e3736515b18683","ssdeep":"3072:Ig073vCM94Y+o0gIG7+PBzduCBOGl5c0nUbU:8rGIIG7OBQCBj5c0nUbU","tlshash":"9fc3127ae613e9bc9fd07a39869b9d26d3f445177800c048f90620fbf50e3d960a9c9e","first_seen":"2025-12-18T19:47:47.645778Z","last_seen":"2026-04-22T09:54:52.10102Z","times_seen":224,"resource_available":false,"data":null}},"time_used":1456,"timings":{"blocked":1096,"dns":0,"connect":0,"send":0,"wait":179,"receive":181,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-c5c0ecd6.2ea0ed93.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-c5c0ecd6.2ea0ed93.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-32e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":814,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (814), with no line terminators","md5":"8ad920d3141fcfb6940483b0ee0008ff","sha1":"e45b43be13dc2cd8033b3eb424bfdc4b9456b645","sha256":"6de363de93ecc1ea90d66315d79b726f1d0829281515795ca9ff2f597b1096e2","sha512":"60c413c315fae1738c6db6845bf335ce162fe8522bbc8064489726bf889b3fcf3a3fb34ab9a7884910d02ffbf1c30aec497f28bbed57ecaead7f4229a1719ffa","ssdeep":"","tlshash":"0501ce13b656220880b7d6f2a59939cdc280f977e00769f95d328f21cfcb1c21da82ce","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.135247Z","times_seen":835,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-72dc411c.46ac94f6.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-72dc411c.46ac94f6.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-da5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3493,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3437), with no line terminators","md5":"8b4ea8ad78eaf5cbe82acd657598f6f6","sha1":"11c20300ed90f7b6e8c4e4c68c82e19a104c8385","sha256":"2e5535d67e19be4bd210ba0e3b58e674d7d737d73f000ef7bf3b9d481fee4a5f","sha512":"a50781f24cdb637a2308c8cb40a300b9ea58a6352bc9418f585d3d636d5025cc2e4e55a748f4be6bbe16cc23d119e7be18dab4cadf5a74c70fc240a22b97a0c5","ssdeep":"","tlshash":"1a71668c72c3f4590a77b135402f361ef165adc0981a5d81af64d5d63a6193c732ba8e","first_seen":"2024-09-10T16:42:51Z","last_seen":"2026-06-07T01:38:16.17131Z","times_seen":609,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-ea349f08.8bb54ca4.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-ea349f08.8bb54ca4.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-87a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2170,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2128), with no line terminators","md5":"69719cda5f48df75402dbb854d393961","sha1":"88dafda9b3e29fdd65ad515d43f05237de75150b","sha256":"a11f76bfd4fb7e4110a084ea19ea48bfafe80b262a06420953ebd96c413a5bf9","sha512":"0fafc6084405875c2e200208814e589a35a745c4d4e068d21995dd2718ab151f267f782341e9e995598ceb98d61f5657d17b334226ba0011ed80a36ee3d84f12","ssdeep":"","tlshash":"3941434cb093e0a989afe023651f2739b1f27fc5d001d451aaf5cac02a54d74332eb6a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.116113Z","times_seen":807,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6201\r\ncf-ray: 9d68a9f6a95832fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402b-5915\"\r\nlast-modified: Mon, 04 May 2020 16:17:47 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1765646\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=qyIvqG5%2F0lKbZq7fDq%2Ff0q7JqaVUtCUFJ9vxUlwQIDkTnvhTnDxwjH0gg9ZSwY3dWHPvueoDEtrx5F1wlWnpp9B0jVhIBY0RNs9JTz1Se2VVtVpwueG8J6PYHXwpRhhz8jaTka8J\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22805,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (22712)","md5":"c019be63e713ce6f2aa221c0df8fa0cb","sha1":"e5471888945144f233714d470959059c010eb667","sha256":"87e6aba4bd25be4196ad7f269a62de823242abe105df538f218d4e6e268f74ce","sha512":"6ca3ae5fb17dc20a2c27d4008454feb7cefc626bf104252354c1abd0977f73a315001d94293a7d4379ecfda6ba21d3f49a992f243a6f9249c935195527d407be","ssdeep":"384:BPdUYakDlUGQrDQxMQ4rJaT30WCxQI1cg:DUYzhUGmUMQUX3","tlshash":"cea2b7c6f56270270a9260e5183f1107a33f241d648d855df2d6e8ee2ebdd8e91a3f39","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.462559Z","times_seen":1154,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":1,"connect":7,"send":0,"wait":28,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/static/theme3/tabbar/order.png","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /static/theme3/tabbar/order.png HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/css/chunk-9c1c641c.2704964a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 379\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-17b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"549ffb680d0527849f31e5995d16799e","sha1":"5b9749927e26c7f219f9170784f37a9dc1861c6d","sha256":"c5ee884416417d216686fbbdc70e12525210e9c016655a7020f729d95e5d025e","sha512":"4326949b6fa6b271f242ade578b6712573f0e00ed5cd04ad9040c8522134bc535f048d40ddc68e9397e357d67126cbc991e6594f73eb52016a321411a0b7aa6d","ssdeep":"","tlshash":"46e0686b62a45dbccaa60e760fb0045280b0c9988516cfc6b16fdcfa0a018c855c5f55","first_seen":"2023-11-04T02:21:06Z","last_seen":"2026-06-08T12:58:48.439509Z","times_seen":472,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-7ebcf264.7f55b795.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-7ebcf264.7f55b795.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-e4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":228,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"f50f7b25d10e1011c1213d3dc964e327","sha1":"742a5a63bc41a56add9d12ec38d5970773b0eedf","sha256":"a70bf3ac1aabfc84ecb8d3cbaa65f6cb888b3f8973208634a3dd162570159dff","sha512":"954bd9158708cabe9cd26453c9d001e5f976c0c81516bad128c8d28fed0ef6ef3e61e9695040882c6427bbab49c1e2024b1744ebc594858abb6cd9946464e7fe","ssdeep":"","tlshash":"1bd0a75ebc4c70017a7bd487714042fea41867515ce44696a0a764607d435d2a199116","first_seen":"2025-01-10T12:51:25.878502Z","last_seen":"2026-06-07T01:38:16.142773Z","times_seen":551,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-f13b49b4.e9195efb.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-f13b49b4.e9195efb.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-c7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":199,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"07bf465c4fa5dac271dd296cecd73926","sha1":"acf181aec81897157c6de26de39111a38873137c","sha256":"8f8b6dcd2ab98a4389029cbb8c63aa4d0ff12ac31d50b5d5b14f76a639349f1b","sha512":"b17f60cf8499016f701e2b47ae28b751d8c35bb184f60b1d55621569e710a2270bb16262f225e10b8a0ba1c17a85c33b849fd90e007e9a94360fc9eff061bddc","ssdeep":"","tlshash":"c2d022447149176901bbc281c0d004c2000ab30fba1b92b34d20ac388fd7040a29ad68","first_seen":"2025-05-18T06:03:19.696886Z","last_seen":"2026-06-07T01:38:16.165321Z","times_seen":398,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-7721dd77.0e3d8694.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-7721dd77.0e3d8694.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-68\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"50a232a7a5154e825f186f95acf29aee","sha1":"802fa9205750afec336d36539e1a913906088396","sha256":"ea9c81db3bf4e708fccee76f211080e15889d6a7efb7134d71e6d728fc0ec5b1","sha512":"3f33f5039d50c9086497763f636dbcca0652a04b23a43337400784b9774a56b6f87bc59100b119d45fca2663fdb7ad9240957851aeece61f177420eabed8eed0","ssdeep":"","tlshash":"fab0127d3440b41604bfe4d6115b33f63c5f01042f7218f40b6500743e65acb490568b","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-07T01:38:16.218067Z","times_seen":810,"resource_available":true,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-d646062a.cd1dece5.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-d646062a.cd1dece5.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-139d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5021,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5021), with no line terminators","md5":"f271f4c8af58d5f880409e37228914e6","sha1":"99dbb0a93a7d68e349d6d7a630e504a3e4502dcb","sha256":"a8426489a32da765bf60f13c8fde7f581bc961a2e4792a8773151f2259c6ff60","sha512":"14cc145578eba23d4689790f69fd6ee440653f5c238d35ca9f88ba0ed133180d07721f9a616ef1c4950dfb3f8a1863ff5369e762721a48902111cedaa631d0c2","ssdeep":"96:jgRBcxo2PwsBiMiR0uK+H197HRMcr4RMhYFq6gNB04uom2xK7q5bCS4M14rMX:j0PzsoFyYPMcUMhyu04xPxl5bCSOrm","tlshash":"30a1bac8a6e5acda076352a1503f30d1b312d11978237482bb71cfde3d6ea850902b2b","first_seen":"2024-05-11T19:59:42Z","last_seen":"2026-06-07T01:38:16.20891Z","times_seen":718,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-df347502.fa343716.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-df347502.fa343716.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-25997\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154007,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65006), with no line terminators","md5":"e5044e7f519706388a93765e3ee63fcf","sha1":"2b29363ce1134605f9992cbd9e5cdf9ba554d329","sha256":"66839891fd9fdca1f3fa9abc65a3f39ad53936731a1a7508eb6a00215fa1f2a8","sha512":"ca6907084adb9729115b88a1421ba7f64491842d4e4f6299e9cb1fbbb4455e67d697d10aea99fccf085acc030433fa11855e114984e712af7d4fa23d24775bae","ssdeep":"3072:hNn/ViAs300OOMgXZ1P3TCyAhLIKpB68W4PEoS3rTJXm1V7GP:nn/ViAs300OOMgXZ1PM68WBbTJXmfO","tlshash":"3ee33b1ab587e1aecc2ae051801f1934e1262fe9d125d086f738cdd496d8db83b7e72d","first_seen":"2026-01-20T14:17:30.564514Z","last_seen":"2026-06-04T10:55:59.571098Z","times_seen":177,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-ebba634e.7ad6a660.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-ebba634e.7ad6a660.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-717\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1815,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1815), with no line terminators","md5":"5740f904c8262dc6212f3829d30d1baf","sha1":"ce66dfd5774e04ce19c15b61fd8a062b7be2e27a","sha256":"b5ab173e2a2b74cb72eed68c93b32ac85d30481083f88822e28b7322cea06124","sha512":"d3bcd5ee93e8a56428411a059377aa749f05f4ea121ca49331e4a48b2bc2fba6f7829f219634d4e0364b4d08869348f00e8401bad01fea776fd19a28317226b7","ssdeep":"","tlshash":"9431628bb581d7eccd7aa009112b1662f0355bac243050d056bdcf906534ee96b2fdef","first_seen":"2024-03-05T16:56:18Z","last_seen":"2026-06-07T01:38:16.175158Z","times_seen":725,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"predictivebeautyy.com/api/websocket/server/118/1wfwebh5/websocket","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /api/websocket/server/118/1wfwebh5/websocket HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://predictivebeautyy.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: tGsq9Vb43XQoEtCTTX/fSQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nConnection: upgrade\r\nOrigin: https://predictivebeautyy.com\r\nUpgrade: WebSocket\r\nSec-WebSocket-Accept: x+tGqCWYOEtf8KtIey4ft/ih30c=\r\nAccess-Control-Allow-Origin: https://predictivebeautyy.com\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nSec-WebSocket-Location: ws://predictivebeautyy.com/websocket/server//118/1wfwebh5/websocket\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":867,"timings":{"blocked":137,"dns":0,"connect":179,"send":0,"wait":182,"receive":0,"ssl":369},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-22110-t7hurmm5upjv0a","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-22110-t7hurmm5upjv0a HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 62347\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"dc42edb50fd6208cd6dd47b89980020c\"\r\nx-mms-request-id: 2a574c6850564a978efe9609cc10d1d1-69a52835\r\nx-ser: i1911851_c11460, i2289071_c27117\r\nx-cache: HIT from i1911851_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":62347,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 800x800, components 3","md5":"dc42edb50fd6208cd6dd47b89980020c","sha1":"07dfe616b6820048c3dfc8444d32c74075e706ae","sha256":"a72cd9733429fdd15092828f12cd8244f7e25e43f0a1b40cf2f1aaea550ea98f","sha512":"a581528799ea636482b9c6841c48c11027fc6611c9f6d88563269d407dfb23e63e8abbddbf401007615aff0bc472fb7e9f43aa90de8ff3f52715d58d6c9f1e93","ssdeep":"1536:b8JG9IUIhgyiK/3xpa3SAzSD01zIqfJTf2LiwKoHjJAYY5Ys:QJG9FIdt/33kzS+zD9eLQoHj1Y5Ys","tlshash":"8e53191789184b839429d3e8be531da86f4a1b1de5d23aff45230fc77a657720c8d06e","first_seen":"2026-03-03T12:33:03.388526Z","last_seen":"2026-03-03T12:33:03.388526Z","times_seen":1,"resource_available":false,"data":null}},"time_used":649,"timings":{"blocked":0,"dns":126,"connect":40,"send":0,"wait":268,"receive":26,"ssl":186},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-dcd191bc.a3d95352.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-dcd191bc.a3d95352.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-e5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":229,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"44d18e73f11f336ed1636b2a65187c12","sha1":"0e8cb1477395fd97064278ec893771e52426ef6e","sha256":"b17c5035fddf95cbfc4d571e19fedb0f4be2eb90896943d948225a49134c71e9","sha512":"53d46df8a26d612a795c0b50203e255a8db07621c4d550f45ffdd35492c2876de3236e85f630232c88a78d39260a2bd2fce734cab072cec9365a9fbd9d0b0625","ssdeep":"","tlshash":"5ed0c90e3b4c4432343bf120f68404c12186267287278a1b5ca01121efb2af62638b7c","first_seen":"2025-03-31T13:39:50.443787Z","last_seen":"2026-06-07T01:38:16.162806Z","times_seen":416,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-189a2af1.a6acfeb1.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-189a2af1.a6acfeb1.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-af5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2805,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2805), with no line terminators","md5":"468f6b31fc895c922124770cf6c2e8cb","sha1":"08df2fe814f49ce944d01335fb57de8c217c3fb5","sha256":"880c31a4e7c722887deea7342f8e3f11d548a36d5373cbeab820cbbe242adb26","sha512":"08fe2112db174a0cf661d076f32e6e3e5232f79a09f791e186c538f6a042bd9df13654dfcc52d174fe5a33f020718501ca47167563ca7909193e4898a636ec18","ssdeep":"","tlshash":"c35133066f56faadd866c286101f2750e05c6a7c7431d4c9f370cbe4d5908aa039df1a","first_seen":"2025-01-10T12:51:25.896462Z","last_seen":"2026-06-07T01:38:16.156165Z","times_seen":579,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2d0e923e.2964a879.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2d0e923e.2964a879.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13f2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5106,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5106), with no line terminators","md5":"584af06a2616deb23eaff27c770b2713","sha1":"31211da93d53b1b6f3fb06cfa0deb1a69770d4cf","sha256":"b57124fa023feb12a78b04ff14e182e2d061778e7256906f4dff5c65b6d461c4","sha512":"ba7e2286b70d98cc3cefbc844e28748209baaada80458f6f1d8743a774b2b8ecaf1c2325d8af19ff3832a54f2b0651fcda57c7e18626ad32cea92b7b8ce3dcd6","ssdeep":"96:TKLcRkKk2c72mRgrYR7r7RWYFqQc72mCgrYC7r4CWYFqnfET1Z1zeuNoHWGScG/k:TQVL2i3gE7hWyZiwg17FWyK81Leko/ok","tlshash":"17b1638588a6fecf0126a1a5602f35d47002e14a283250a677bcdfae336fca21f1531b","first_seen":"2024-06-12T10:15:54Z","last_seen":"2026-06-07T01:38:16.180232Z","times_seen":718,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-604fc2c2.7209a830.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-604fc2c2.7209a830.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-9153\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37203,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (36809), with no line terminators","md5":"dac4f479b205a55ca708ac53c565a5b7","sha1":"94cf2bcef9ef38e7098f470cf2e1e5677fdfa78c","sha256":"3df6967a960199028dedba01971050eacb5695a09abc9c288d80577be886add8","sha512":"4dff005b422cd8192c5937711d5e3f5d87c57b8c43fce9c602edc6f5bad30594a622afd25da80ebe0245e057bc5cc7e93b1038cc1b35c3fa706d8f3a55c7ba50","ssdeep":"384:+PCy3b+EtQIbJn8SWX6A8bJl88IMg2RyWlWXbJ7830qtp:iCyqEUlXm88IMkIT","tlshash":"fff2a718b1c7e26b9d7aa022442e3534a0727ec96016e186ff34ccc97a69d74371eb7d","first_seen":"2025-04-11T11:01:20.491298Z","last_seen":"2026-06-07T01:38:16.173747Z","times_seen":404,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-cefa4dd6.2caf92d9.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-cefa4dd6.2caf92d9.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-e4a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3658,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3630), with no line terminators","md5":"c7f69205f475f482c05d51dcb8484961","sha1":"6d530241b630019e437f2b8543a543f73ce148b7","sha256":"cb22d21841975cd5f299a45ec3da20a1a55ad797e17448752b0644ffcaa64f66","sha512":"d74c7ba27a37d586252e6e7bbae4dbaedbf86eef8e95949e2f2df4bda59803182b5d5b5acda0f2c926cbd7b6c446fc3d3c7405c78f63ef5bddda0a9547ff5e73","ssdeep":"","tlshash":"2071846d7587e15a8d63b062402f28b4c0b66d88710a74d6f734ca9565a84a02b3f7fc","first_seen":"2024-09-29T13:50:38Z","last_seen":"2026-06-07T01:38:16.208116Z","times_seen":588,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-23020-s4n6068xuvnv7c","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-23020-s4n6068xuvnv7c HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 460365\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"dd8ba55b6daa92c72f6c72abee207a0d\"\r\nx-mms-request-id: f1bf6bd4c2164e9081b4cfacf019bf23-69800fd4\r\nx-ser: i2315741_c11460, i2289167_c27117\r\nx-cache: HIT from i2315741_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":460365,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1024x1024, components 3","md5":"dd8ba55b6daa92c72f6c72abee207a0d","sha1":"4807235af1fe1b51e7b572c07daaf4a5354b0c6a","sha256":"4b3a4931be4f35eebf95180725aca83e0e637620b659c561010868a5b0dcfc14","sha512":"1e31a57c6ee120690597b1cc22bc37eb49545ba051fd2c90af9eaf93c13f6f13bd6f97a25a77569f3b71a7364cda37395fffc41a37501de31cab9363df6774a9","ssdeep":"12288:iQ0iYqUmV7s48RTJccTu94trK2mI/Uu9qmJ9gl1KA2sj27Z:iQ0iYXyw+GK2JMu9q8Gl15x67Z","tlshash":"dda42337c4424a85f41cd7ad6a872ee51f66d60cd057bff3426b6b8deb74202049b88b","first_seen":"2024-08-19T21:14:34.033369Z","last_seen":"2026-03-03T12:33:03.392107Z","times_seen":2,"resource_available":false,"data":null}},"time_used":613,"timings":{"blocked":298,"dns":0,"connect":0,"send":0,"wait":218,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-cefa4dd6.ceb1f577.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-cefa4dd6.ceb1f577.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-608\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1544), with no line terminators","md5":"4f5c3e0936d5f86c34c8a8a3e48eb731","sha1":"d986b9f658e4860865d5ba3b70d01c23480d9183","sha256":"0a2683401ed89953e511402e3a9590f56a867918b623a36b5b69f2cb5f2493c4","sha512":"89962414c7ad4e8f104711c2b359296fa9fe67bc6cd67b28de09121e0a53dc595a473a00eb31141bca7f739dc7d71b8227fe400d1d2a337b8d3f6d48b301aa8c","ssdeep":"","tlshash":"6631b123545612087367db77262193d351b8e232f83207569ac3b536cfc75d625ef28a","first_seen":"2024-09-29T13:50:37Z","last_seen":"2026-06-07T01:38:16.164785Z","times_seen":610,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/lib/jquery-1.11.2.min.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /lib/jquery-1.11.2.min.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:27 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1787e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96382,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6355f3cc28006e33bad2e765cde30e0d","sha1":"909cd6318d5047f3c8e83528253b256981394414","sha256":"39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7","sha512":"b22d3868a7b311f82bb149f8afccee03c68dcd5e7152a061b8e18d97aef794b106dd1cc081d49f4d638193924ffa5885239cf67152fc339ff0cf3cd1d194d175","ssdeep":"1536:0Hg1kz+hAmcGmVFnlkFybx+amELolY+30k1dml+BQZX6YPnrCtn8JkDnlwMxVW2:0HDdc2F3c2G7mIW2","tlshash":"13930add76c2b06387a720b9506f550bf276599e280c4440f268e8fabc7ca49a137f7d","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T21:13:47.024133Z","times_seen":1828,"resource_available":true,"data":null}},"time_used":562,"timings":{"blocked":372,"dns":0,"connect":0,"send":0,"wait":188,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-06ae24a4.fd43ee93.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-06ae24a4.fd43ee93.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-bb0e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (46623)","md5":"177ff7e3310c02d7e6a139a3237e0d38","sha1":"375c1fac3912c4b63c01d7bc241aa43ed0055460","sha256":"db079d71523907889a19e611a38e528a3405d89d22506634a177248f03f93226","sha512":"004642aa9fe53920ff46cbaf93784da99051143c22aa04e4e24ce332e2556b057d331a481f31ff427dc0b5ef0cac013c55e41764af8496f59366278918044741","ssdeep":"768:KEkZgRUp2R7p2ROwo1OAPkuD336ya5hrCen0eTg:KEkZYwo1OAPkuD336ya5hrCen0eTg","tlshash":"9223b89a48a1224591234e56cbcc9fa8473cc76364b25cef33967c4bc745bad23ce617","first_seen":"2024-07-02T22:35:06Z","last_seen":"2026-06-08T12:58:48.439099Z","times_seen":763,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/4.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/4.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 6495\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-195f\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6495,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"f8f831ea05790e70229847bdded8073e","sha1":"10cb798a5a3b8a15f053cf23617f908982dc8651","sha256":"60f0bef1d94953c9a8d6e3ddb33b2ded547e7d5e69a90abddb580bf00ae3d697","sha512":"9ef376f939402c860a63328c057d0e4c818a9eacd6f6c272aa0800c35aa364136d40369c2eb61a76b558646f738fd0b0a507a89e76428442c9c184cf92f11805","ssdeep":"192:PSX6knOHiJNWjegyM6ka35WqlBNVsr79S9p5tYhqctjle:6XJnOHeNuezMsWqUgf7YhqctZe","tlshash":"35d17d07dc4a6d10fb2ae81679e872474ef703d4199768946daa48c6fdf033ecc298c1","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-06-04T10:55:59.697641Z","times_seen":296,"resource_available":false,"data":null}},"time_used":1060,"timings":{"blocked":512,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":367},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134207-7r9ah-llbnqycik717f9","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134207-7r9ah-llbnqycik717f9 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg;charset=UTF-8\r\ncontent-length: 578675\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"163870bf7fa86b006605d6bd6779bbb5\"\r\nx-mms-request-id: eb7b6f44abd243bb8c54acd4aa99034d-699a5332\r\nx-ser: i2315799_c11272, i2289071_c27117\r\nx-cache: HIT from i2315799_c11272(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":578675,"size_decoded":0,"mime_type":"image/jpeg; charset=UTF-8","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"163870bf7fa86b006605d6bd6779bbb5","sha1":"cf03e6da2dbe82121fd23531d385d3b516749dd7","sha256":"7a7fe6ef4d40cbca0fd7c3f2e42c677f98be3e31984a9d337d2966c50bec177b","sha512":"822b8650f2eeed778500ebe080c2afdf59e8d27dca6a14a846e49fdc80fc88a9de2692aeb5bf3693e5ac58ef1f329800bcc14952d495aa1f0265fd42557adad2","ssdeep":"12288:DtYvL+deFTZauZ2ZM8cEZqdbErDgMoNwYqHltGUPTjaBO3oV:DtYvxZausMrEQdbT9OYKP8RV","tlshash":"9ec4f0173b9ab208b736bb9465d530e12357f6200f157e8c0d6d8e90ab1391dc69ef3a","first_seen":"2026-01-07T00:51:01.411686Z","last_seen":"2026-03-03T12:33:03.394717Z","times_seen":3,"resource_available":false,"data":null}},"time_used":694,"timings":{"blocked":294,"dns":0,"connect":0,"send":0,"wait":236,"receive":164,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-d646062a.fd7ecd59.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-d646062a.fd7ecd59.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-75\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"1db8ba3fc65dbf3f188380bcdf134406","sha1":"2cbb507f86ecf66a1d8754c4ca55989642a4db24","sha256":"34d7a991e8686b0c722898afb4868d324b4cee6053c5e0aeb37f76b0245233c3","sha512":"e3d39b9e1b11331f99e3816b78e57c4f253543915a102b9b4ec8b67bad401b0e663082a755ab447931c15da95cbb967d553dfa1176598d72efdb364ca132f6b7","ssdeep":"","tlshash":"0bb092442a8c0012ec9ee2e0b02165c18617b333ca424712ef28a4b88ec30b82061d19","first_seen":"2023-11-09T03:37:00Z","last_seen":"2026-06-07T01:38:16.119622Z","times_seen":813,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-2d2293a9.85dc11b4.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-2d2293a9.85dc11b4.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2d97\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11671,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11543), with no line terminators","md5":"0619b00a4a0fe87ad30a7e606e246f01","sha1":"d301bb704f30d654f04665b904ce178c8dded78b","sha256":"1501d4cdd5595c94422c29650087412b37c98f4f03d39155a0f2bbf19c23c1c5","sha512":"039eb31d31f5a9635c6aa4b1cd1733f0e1b33dc86d7d288718ce274cbc7f510f25187815d14d7c0b7a4551c4c1d0fc7d1b83aa73dcdc93671765a28bbbf2765d","ssdeep":"96:OY+VCv/hGpNksPmEo+X+b+F+n+ejj5rMytWQBzleKZyfnPaGFZQkNwcVc4+T0vCH:OY+V0GpNkse75RvzmM6Q","tlshash":"1b323225f4cbd29aac3a8402602d3931d1293be6d62ae443f378cd5453eadb43b1d79d","first_seen":"2025-05-18T06:03:19.681563Z","last_seen":"2026-06-07T01:38:16.189192Z","times_seen":395,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-586d3a0a.ff39b5ea.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-586d3a0a.ff39b5ea.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-b66\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2918,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2918), with no line terminators","md5":"8b3565a80309c1c7f27e0907f0c7e6e9","sha1":"f4a368725d0259c94747b402360a2277212d7fd6","sha256":"20bd1ca6e1b5fda1b5b59b1880e07a12f810d57d09a817367f9423e6b0483c8c","sha512":"d99830f0d631053097a4ac9d52a07a070603135e5216c273848d9ae91841a6a4f63d2344f18ec7ebd96f85d41e03e630a2810e416b2b00d954fb863c37455914","ssdeep":"","tlshash":"9651980d7483f97505e6b1d0542f3653e22829d49125e041ffb0c6d4aab4adf5936e2f","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.10787Z","times_seen":807,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-74d1c393.217d77e2.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-74d1c393.217d77e2.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-6a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"bff42bacd79f07fce7ce3f63cd11e1df","sha1":"709f2f4f8984cd122f4b23db3422913ab869b1db","sha256":"947aa535d6bac3e5cc1a59fb1aeeef43edb1735ff58581096ff111744e2c5811","sha512":"cb348fcd81a8576ca4b833d7437eabb4c8d38dbe2313203e2e19b727c33b87af5a12140e9848528188d08c29ddec0ac441b913d6a3e26086dfb77d54b8032e2f","ssdeep":"","tlshash":"bbb092ad2018b41614bf9684121733e50d4a12092fb229a89b6800a06a2598b452168a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.183592Z","times_seen":803,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-08d95777.f5012141.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-08d95777.f5012141.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-608\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1544,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1544), with no line terminators","md5":"3eb6ba970730292a23d44a5c7e0cbae4","sha1":"d96cda9dbebfa42b9429e1ca3d952161ccb24a75","sha256":"bde2e3fb26caaef078a6885fa66517d7dbda64ca44337fd2c98a209fd4495756","sha512":"e3217ed84fa5185169cf12a242021dee4b8308bb542cf26a814174c9ea941626f4378aa0c446229a6f533af89f0cc8201ceb9c1de7f5499c09e8b1c95ba67a29","ssdeep":"","tlshash":"6631e3335125a2087127dc952230a2e3d1ade216f43b1357580f353fcfc799205f328a","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.220573Z","times_seen":837,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-9c1c641c.2704964a.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-9c1c641c.2704964a.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-11d5a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73050,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8f1d408eb7386ff242f7739dca93b922","sha1":"7be2aa429a946c61c3e32e13cab28b11d1db20c1","sha256":"942b5c7eb61dd99692e6a96d8ab13671238d138d6bcb5f8bfbc56a82ce3e7a21","sha512":"0ba265e59d70162b5f2d175718a51f93f1bb7f121fabbb0c90287e74a9956f0246623225259265543a102fd806a78a18c2e75a4d2f325e2a87a926db2d98065c","ssdeep":"1536:O81LeLxbOfU6prVTG1Bo35sCe0MXePDsHme:O81LdU6prVTG1Bo35sCe0MXePDsHme","tlshash":"36638472f991261d71178664a19576e85b3bf012c2421ff9f02a7b358fe72c6372238b","first_seen":"2025-06-13T14:30:24.486152Z","last_seen":"2026-06-08T12:58:48.424247Z","times_seen":359,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":360,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/static/customer/kf.png","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /static/customer/kf.png HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 10556\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-293c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10556,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f7d80a98f6b59aaf05ab54c405bffe89","sha1":"db5cfc26f716a362d10f81633934d9f01c523ae7","sha256":"ab41101111ba6bf6ecb5ef0aa35ae339cb7b2f09517eff9914dd69c65271ee03","sha512":"03bc2ef07c105a6562ba3bce8a0040db8a5f5efba951a12d19bc2d42b3abdb16b1f20ceec2c789ba5614d3ad07e926ebf293edc66ffbaf92b867410085a3bb47","ssdeep":"192:qX/4hute4ReiK/MhLbtUNdZS5eYQOZj9TND1UQBIJg7G5bmVaGal3a:w7e4vKENEZS51N9T3UQsgS54cK","tlshash":"ee22bf736860bb28794b3ca93fc9d55109c5bd24cac3c214956a92617cbaa9037df0d5","first_seen":"2023-05-03T16:46:37Z","last_seen":"2026-06-08T12:58:48.439957Z","times_seen":775,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-06ae24a4.686330fb.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-06ae24a4.686330fb.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-81\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"676e3a2df47d8e40c29c2d1a67127eec","sha1":"e54e8144ef939162c151a843933a98ff020a2641","sha256":"6499fae751b066d09b0d93a067502c15d6fecd5b460c7f5a981dc1fb3b286fb4","sha512":"4314d28a687dba60202a2a5974ea1b39b02a45a2fea359503396553b4bf9c1eebcc4168357fe2e43875ddd2e61c2af72b926ee6a61bc978fae9474a77de421bb","ssdeep":"","tlshash":"c0b02bbe2804790808bfa0e4300b33d8048301003f711ce507b020902b74e8e4303a4b","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.434355Z","times_seen":841,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-3ba48570.e079056e.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-3ba48570.e079056e.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-13e7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5095,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4977), with no line terminators","md5":"aae37e163f751665260e8a9f0113796c","sha1":"2624ce3c3c29d4d74acfe9b87e0afc83376dbfd5","sha256":"208f6ba3163d5be49e343ffb77a56a901833583bd02780bed4e2a979ab4bd2f3","sha512":"e14612944a04452e4430f9f5578f692a8eacd8b4e74c24e32323e6bae88e0b924f8b5a7d6aba012c3600761176ba98c731c1f904a62f0b9de4634d496b8658aa","ssdeep":"96:PDVyrHPme0qnGryBBPLzstDpa+BptKXnvrb72P4H:PDCekmyBB/kptIzboO","tlshash":"6cb1626ca05beb9fd85e4151402f6231f0313edda436f1c1f760cf9896989225b1eea9","first_seen":"2023-10-18T00:16:17Z","last_seen":"2026-06-07T01:38:16.132986Z","times_seen":750,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-dcd191bc.3e8ebc52.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:33.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-dcd191bc.3e8ebc52.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1c9f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7327), with no line terminators","md5":"83e9734e6a1e977599bfb45e593d220d","sha1":"3b81330b2acd67fc275102846cdc134d1f42dd9c","sha256":"b60ffbfdd9729a79e92f69e84bc7ce1907f0d28be1775360a99c33fa37133245","sha512":"2a6a87ac3c7cddd6ced26a0f03a26f5d65d131aa6562a51f9b78769364d7fb7c61078a1476fcdba58c75d97ef3c20f417e286e922d3c533a6aaeb564ac72bd77","ssdeep":"192:r/Mml4rvGEeGdId3tKk/BttO1eW4t6ziw:r/VJZI1ea","tlshash":"42e1e8dca48afe5a1c629161203f31d5f11a642e7634e88af730cfce8dda4440a65b3f","first_seen":"2025-04-11T11:01:20.419751Z","last_seen":"2026-06-07T01:38:16.225041Z","times_seen":404,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/loading.png?2222","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:27.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /loading.png?2222 HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/css/app.603ca045.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:27 GMT\r\nContent-Type: text/html\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-3491\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}],"data":{"size":13457,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (8611)","md5":"4347341d9e269d50734f44cb71eb3cc0","sha1":"146e04a38cda3954b74631656344ec1f483799f3","sha256":"149081b8ea51a11d789eb9d20abd208acc70e8d2db7edde4885581bcf5b45065","sha512":"39b41d266b2b8b6fac0d3c5113e8ec549c44400b2b578af69458c686cbb17512cc1408e53b91246871c21309d1f6dbf9022a219d1c771b4f1b9d85c549aa625e","ssdeep":"192:vsNZeKIC+LFGSFGmQnqQnIBmADd/oC+hnYyQgiAQntyztM4/Z0tf+ahaOa0acain:vOZU2m+lIyQntyztM4/Z0t9","tlshash":"7c523b79d60161afa9d1dd9b9e29f72ac4eb8c7b2070e440b66d8c4f8f74fd40626483","first_seen":"2026-01-20T14:17:30.595031Z","last_seen":"2026-06-04T10:55:59.709887Z","times_seen":181,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-14939100.86727a02.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-14939100.86727a02.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-b5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":181,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"d767b20d058befb6c98cae9d3540410e","sha1":"684d5509c3be8409e6a48c75f83c4cf6af2de9a8","sha256":"84c397df3adc89e32d1c2389561375aa1e4e6dfca8abf83904d6823b23ebabd9","sha512":"aa60f6192d2eefb81b7214b48341cf89275a42cac953e8579465ea9257b68b77c56abec8d16bc840d0b01ed530b65d21ffe5eba7a0a9ebc611c2302b544ced48","ssdeep":"","tlshash":"68c01200fd9d2c0c11abd7c691a0b9dca9283aa2c990928aa8acef21bd431907801a84","first_seen":"2025-01-10T12:51:25.856543Z","last_seen":"2026-06-07T01:38:16.117847Z","times_seen":590,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/translation/list","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /api/translation/list HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":393,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"58b9dcda65416e86d6127ec925acb3cf","sha1":"ec490693d6856fbcf0358f57db94d7dad6fe89e2","sha256":"f0ccaef475d6ccd03875475914cec7efa0be8df1a40f9c3e681b87244ac35310","sha512":"3ff1da6625134d9c10bf75c9d1cc7739e03a8ebbba01316bdbeccec626103d28ec6cd5363bf87b3d2982dcba7923ddb64eba2e5e75aa96d656804e2d66d4881e","ssdeep":"","tlshash":"57e02b30854cbcebf94284c28e0ef21224ec4531ab093a1ce5c8173511deb2682c4853","first_seen":"2025-06-28T06:26:51.110564Z","last_seen":"2026-06-04T10:55:59.601326Z","times_seen":294,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7qvg9-ljz4jys8ea8md1","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7qvg9-ljz4jys8ea8md1 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 51888\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"9f7952972a9b34d1d93362fe96bc41ee\"\r\nx-mms-request-id: 513bc637235b45e88e6a4ff2127273c5-6993f894\r\nx-ser: i1911849_c11460, i2289103_c27117\r\nx-cache: HIT from i1911849_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51888,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1000x1000, components 3","md5":"9f7952972a9b34d1d93362fe96bc41ee","sha1":"984bffb7bbaef6a9e80b2586c856b2104f2da9bd","sha256":"acbdce53239936b87003eb63c28d88c32a39da8684616f178b2498ed70676519","sha512":"f9f77002eee6233f192974a31287571edf4f142e1110e7aae05a7f7b7d9561d1033b324f2f48e1e6238f4687f0e60178dd58c460f66eeaa2e5b513762430c729","ssdeep":"768:baaMJ4VVQI++rGbPpxLL17LDC89O7AsgywMX1l4vLYRWz6nmN71fO:baaMod+eo3lD7OvgywMXKLEWz6ARm","tlshash":"1e330a1388088b92f46897a4fe470e9d2f1a2a1cf9c339fe15530edb6e643650d9d53e","first_seen":"2025-05-14T11:33:51.350262Z","last_seen":"2026-03-03T12:33:03.401757Z","times_seen":2,"resource_available":false,"data":null}},"time_used":619,"timings":{"blocked":269,"dns":0,"connect":0,"send":0,"wait":295,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-082f7c94.7a0562b7.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-082f7c94.7a0562b7.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-95cd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38349,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37923), with no line terminators","md5":"848811af1ef0d2462b2d2b68b6fe2187","sha1":"67c9f1766dc68e90922e71bde19be5a4a5a97c65","sha256":"b31c98ee1d0fe2ae990f17ec861302677e25f443ec1ad18f914b1e3f83285055","sha512":"bb762d3b2ff857fe8dd1ab103c637f008400cabe3112c50047432554b7b63184c8ca4a11d09780faefac81df6e0fe15b2d2e32116eb67ae0ca17d0c665cec853","ssdeep":"384:C/2PAOQqtUnc7GL2YoxbonZXWFznML/ZevZt09uCcDnVfvg4iisTh:CYKqoAx711bHCcrVQ4Yt","tlshash":"d8037405b487e5af8c6aa061402f2635f1b53ed5d026e041f730cec599e9db4372ebad","first_seen":"2025-04-07T11:12:04.233531Z","last_seen":"2026-06-07T01:38:16.115544Z","times_seen":534,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-084d1f6a.fb88f4bd.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-084d1f6a.fb88f4bd.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-11c4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4548,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4519), with no line terminators","md5":"ec3ae05446f1b917438c1a29ece9c604","sha1":"0b177280325f840517358451d2b3597826aceedf","sha256":"3233e51497870d2d87f17ea03441d0e91e7b5435c3d327a4897e9f19eeccfc75","sha512":"d93cfa017ea512c409999c1a610a41f4ea1f267fe497fc5e6b9fda447d2a5cbf7b297e5f71028e3e53260ff8ff693cff231e124254632c37b480454718deabb3","ssdeep":"96:CTiMK8MKPFG2mhCoxlPKEgeNNlo4nerCUPXFp3zT+5:CZehConKEvN7o4erCmXFxq","tlshash":"f291b54cf5c7f16547a77873801f156af2653ed498055a82ee30e0c17a38c28233baed","first_seen":"2025-04-11T11:01:20.47154Z","last_seen":"2026-06-07T01:38:16.10274Z","times_seen":408,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-1ae0d026.9c0a4db5.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:31.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-1ae0d026.9c0a4db5.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-b82\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2946,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2938), with no line terminators","md5":"1cdb27ecc836ba8a76674653178fa40d","sha1":"4f58ff0c140cffa78fbfcd3b191339d134f10544","sha256":"52aae7c29ebf7d6a2242adf285ae523ed6e1546e480daf21c9ef4643db76bd26","sha512":"ca9b922d96db8ff08a22cdf42489804bb87adfe3745874fb96dee2b82e42aee18a86c63094b833a528e0194829ed01ce955ac4b412a6ed5422fad96c255bc089","ssdeep":"","tlshash":"5e51836d3587f06bce726062810f28b892b62d88710d74d2fb7cd98871a94d05b39abd","first_seen":"2024-09-29T13:50:38Z","last_seen":"2026-06-07T01:38:16.234661Z","times_seen":592,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-5915ee8d.1676c5db.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-5915ee8d.1676c5db.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-4b4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1204,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1092), with no line terminators","md5":"8b5e78b24520aacf7bec8f2419e1be5c","sha1":"62903d24b0f133599f40b273d371b21fb174ec25","sha256":"2fa561a50af8cb8d65d1565fcaf942bc2639da23d62626aa5cb772cd6228e024","sha512":"ab33cdb620aef3c9474596d68774fbebd1806e85f8e09592b9160090c4ea8a24d26c8d628edcd0df2d1c835937bc6b55c693601fadecd22f7a314bed51233859","ssdeep":"","tlshash":"ca21e084f4d3f67edd2b4446110f3a30f0921ea91410a4c2b174c4966779ee5571fe7c","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.21095Z","times_seen":811,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-9fd116e2.eb8f591f.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:32.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-9fd116e2.eb8f591f.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1c66\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7270,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7258), with no line terminators","md5":"6292f7d901ec6aa7e1792e247f1f7813","sha1":"af6b1d49c095e8e24b9cf461eedbbe970d0c7da0","sha256":"205421f27996f9c325621bbd21e5c1dfed12b03a3c987b17ee7dac58edc95b40","sha512":"406bfbc3b5d7078949dac9ab9c4b673872a938ffbb2b0ec9eb5eaec7e1c5f4d27502b79c7b0e460f0cd3bb73694eb1353b345a4bb12b2b8a7753544bc70a5f46","ssdeep":"192:r3zwKcPhlGNQnrvGEeGVy/tugdtHw1gt/+tA99C:r3JcZG4ow1gts","tlshash":"48e1d7c8a49efe5a1c529152203f32e5e109686a7639e8daf730cfce4ddd5410b2873e","first_seen":"2025-01-10T12:51:25.930485Z","last_seen":"2026-06-07T01:38:16.146205Z","times_seen":533,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-210173e0.537894f3.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-210173e0.537894f3.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-157\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":343,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (343), with no line terminators","md5":"643a797580011f455a862f50acd92063","sha1":"461f0575f4d431d9dbc27709700cfa1d70e919b6","sha256":"0566ae96aaaeed7044a777f84e0d99bcf9e1e15b991615e46d88c8b146eeb72e","sha512":"04a2e5cdc39d2f2840ce565bc4210c825b98b8dbc4ff9226dd68388d8f878aff66c65d81281a7303c966e451b90bbeac24c3a190c8a6efffc80bfa165514782f","ssdeep":"","tlshash":"48e086007b4c195db867f36485b095852e3873178142575a7decc7e09d47189743b9c5","first_seen":"2025-01-10T12:51:25.860033Z","last_seen":"2026-06-07T01:38:16.142091Z","times_seen":596,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/api//file/banner/202512/18/a65fc0e95c0b46fc88b28004851b9277_.jpeg","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /api//file/banner/202512/18/a65fc0e95c0b46fc88b28004851b9277_.jpeg HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 138876\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Thu, 18 Dec 2025 04:27:25 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138876,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1280x480, components 3","md5":"15c65e1d4c28bba8665a21e52645585d","sha1":"eea649c37bb727e6e54e3e59d9749c6c41659c82","sha256":"a22207110afd7ef4730113a9e9f57f87806fc995169bd49c1f9797f4822f0d8a","sha512":"31864c4f4d4ac1000cab8528ad9058d20b9c27e0befa4e726a57f5d830498d163960ab86f2694a3ae428add44ad1ef65ee70907273df739a74ea253ea404e513","ssdeep":"3072:sHkmFn2r6jFQcorSCkbMTagvWBcbDHbt7U+uWo24bmhAQ6AuZvSfRQv:sHkG2gBrCkopvWBcbDHZ7U+uWo24bmh2","tlshash":"e8d31236e17a0ce2ec1e0b71db95bea61053cb3005dc004ef9a4eda9b14b4e5ee18e5c","first_seen":"2025-12-18T19:47:47.633299Z","last_seen":"2026-04-22T09:54:52.065192Z","times_seen":224,"resource_available":false,"data":null}},"time_used":1639,"timings":{"blocked":1102,"dns":0,"connect":0,"send":0,"wait":179,"receive":358,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/1.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/1.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 18722\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-4922\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18722,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"3959345f02bfd3d6d23caea239421486","sha1":"6b3a7d485bf821b44756370daafe7887eac3faef","sha256":"9c31875158648f5fd608decaa75ef24630d45a12a9950f301fce4ac2814c827f","sha512":"5895c63b0d04e95e847d30b72cb774f65373ebc6f2b39fa9f81e82a687a85754cfb26a666c9ce61be566f2a265738da37acc893ac5f25210ccb4274f47575e88","ssdeep":"384:6OJnQgn+7xREPkpGf5Pp3t7yqujGILm2D6aOI0/Jnu6+hyQ75cV+:bJOxREdpkqujBLm/5I0tge+","tlshash":"5d82e026fb1a2d45ebd9b24a65c2663eb4671b935360e3a0fcc8ccd44c601a2d41eed2","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-06-06T07:45:56.742548Z","times_seen":321,"resource_available":false,"data":null}},"time_used":1226,"timings":{"blocked":502,"dns":0,"connect":0,"send":0,"wait":360,"receive":1,"ssl":363},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"down-sg.img.susercontent.com/file/sg-11134201-7rbmt-llyv4jlelut5b1","fqdn":"down-sg.img.susercontent.com","domain":"susercontent.com","tld":"com"},"ip":{"addr":"154.85.94.35","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.img.susercontent.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 09 May 2025 11:16:37 GMT","end":"Wed, 10 Jun 2026 11:16:36 GMT"},"fingerprint":{"sha1":"B9:53:3F:6C:92:9F:DE:21:2E:C0:94:76:16:B3:A0:29:2D:D7:7D:06","sha256":"03:ED:20:0E:DC:02:16:A1:50:FD:B2:31:62:83:63:37:32:22:7A:7D:FB:01:11:11:2C:AD:72:3A:87:D1:32:CE"}}},"request":{"raw":"GET /file/sg-11134201-7rbmt-llyv4jlelut5b1 HTTP/1.1\r\nHost: down-sg.img.susercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 161836\r\nserver: SGW\r\ncache-control: max-age=15552000\r\netag: \"183ee5e728d022df8ad3e2d97434e67d\"\r\nx-mms-request-id: 9c9623cf74e44faca335f2c3f2ce7038-69a6b8a8\r\nx-ser: i2315739_c11460, i2289153_c27117\r\nx-cache: HIT from i2315739_c11460(cloudsvr)\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nx-cdn: baishan\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":161836,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 1001x1001, components 3","md5":"183ee5e728d022df8ad3e2d97434e67d","sha1":"e0f7edf55f623128d2240870ba346ac57c39c692","sha256":"50355be55a0249afb5902e619287b87b489cb82c59f6b4d4a610f6cbd80a868d","sha512":"b030009f31d375372d0dba35bb7fb298c66342be9024df5d7468a4bc6ba3abd4c77a2753ec5f2634f11cba681e216977e8661a6e4a429841fe5976efe084332a","ssdeep":"3072:dZ1QCroqq1qx0H/FfkAJtGVTQt2EqZe7sVs8xdYvxkoY1W2HfR/L2UDTY:dfRSHNVJQyocsVzxEyoKZHfRz2UDk","tlshash":"5df3e0178c518b87611d83edbe635d182b4f2b2da5c67afe50630ecbbf597260c8902d","first_seen":"2026-03-03T12:33:03.4079Z","last_seen":"2026-03-03T12:33:03.4079Z","times_seen":1,"resource_available":false,"data":null}},"time_used":677,"timings":{"blocked":274,"dns":0,"connect":0,"send":0,"wait":315,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-1bd77d07.2e307eb7.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-1bd77d07.2e307eb7.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-2f5\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":757,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (757), with no line terminators","md5":"e82c61743b39a8b378d7b1d0333b2573","sha1":"958db5e32d1127244cc04ec0fee59f8e0427a422","sha256":"a6203164949b9bda17edc0fdc31a063a9e9976f67cee62ea34f3ef7d682f1d46","sha512":"920a9a06fdaef6e6307d6b6693f189948fce7cb4058a98ac5e0e6372c81042e14b3ecfb3dc8d002fc9171e968bacef357a5e8cda4f1d87529e9ac96952f23c14","ssdeep":"","tlshash":"7a0190e8788c623b3c37cffd341009d01212271251884ba57c68a070cd4f4e627f1b67","first_seen":"2025-05-18T06:03:19.595065Z","last_seen":"2026-06-07T01:38:16.222553Z","times_seen":398,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":170,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/api/websocket/server/info?t=1772541148307","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /api/websocket/server/info?t=1772541148307 HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: application/json;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nCache-Control: no-store, no-cache, must-revalidate, max-age=0\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"951804afa3e38290f2035329f4757cf7","sha1":"343b6a302df4cf9ad0c23ad9ff114ca4020b5485","sha256":"c13640c46eb8c559d4ef88cb66ff6a6911d78e6c6e93c65a19d5b53757ebc797","sha512":"df99f4d9f33c93f10723acff78a168185875b4fc1869cacde60be661a2fed6fa8821a9c79c0009c68ba9a88e8c921ae50853feaeaa04e0edf52283f81fdc8893","ssdeep":"","tlshash":"13a0121bc42c20684c485f0102005d02541814a7010050f56328661802d2411101054b","first_seen":"2026-03-03T12:33:03.409252Z","last_seen":"2026-03-03T12:33:03.409252Z","times_seen":1,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/icon?family=Material+Icons","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /icon?family=Material+Icons HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 03 Mar 2026 12:32:27 GMT\r\ndate: Tue, 03 Mar 2026 12:32:27 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":565,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2b7a8d84952a9183b106df19f711324e","sha1":"a92c5e12b422bba9ebb447e1852d9681487361bc","sha256":"282801a0d182035440d5ef6d429d227126d2e6720a52b91d31a7d746c758154e","sha512":"d7ef3f86fe9fa5730a118c688b8f779e82ec3695df5ec48953905ed078ef4d78a3c8005021574d936f69ff0467968b6e68fbcb0680894470abf8f26200af2e0c","ssdeep":"","tlshash":"c0f0c064be0a988566110c42370f3f164d1d401fa80ac8fe8b911d4c8cff1bb134670f","first_seen":"2025-09-17T21:11:07.996842Z","last_seen":"2026-06-08T22:15:02.712935Z","times_seen":46930,"resource_available":false,"data":null}},"time_used":780,"timings":{"blocked":370,"dns":1,"connect":7,"send":0,"wait":18,"receive":0,"ssl":379},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/js/chunk-06ae24a4.686330fb.js","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /js/chunk-06ae24a4.686330fb.js HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-81\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"676e3a2df47d8e40c29c2d1a67127eec","sha1":"e54e8144ef939162c151a843933a98ff020a2641","sha256":"6499fae751b066d09b0d93a067502c15d6fecd5b460c7f5a981dc1fb3b286fb4","sha512":"4314d28a687dba60202a2a5974ea1b39b02a45a2fea359503396553b4bf9c1eebcc4168357fe2e43875ddd2e61c2af72b926ee6a61bc978fae9474a77de421bb","ssdeep":"","tlshash":"c0b02bbe2804790808bfa0e4300b33d8048301003f711ce507b020902b74e8e4303a4b","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.434355Z","times_seen":841,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-1ae0d026.b7b2afed.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-1ae0d026.b7b2afed.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1fe\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":510,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (510), with no line terminators","md5":"c92ecb7cfe406e6db3138f17bb8c156f","sha1":"3843aec44f19cb9f0e1e2faa9869f67764c3256b","sha256":"ee9b5957ed2f73d18209811c66d7ddb231089550f344c21a8be6878da3c514e4","sha512":"a56c4a0dd66be71f7ccbba8c8379c6133f1127b908dbf24f0bf3e1e2c0b432235a049b1e7b676df927915f44ed683694fa8f21cc4bc45f3110af4c7439394c74","ssdeep":"","tlshash":"94f09e26d0114508900bf9343ba0071691e4f02be69333ac0c5fe666cfdb4c70af9789","first_seen":"2024-09-29T13:50:37Z","last_seen":"2026-06-07T01:38:16.141404Z","times_seen":609,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/static/theme3/tabbar/mine.png","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:29.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /static/theme3/tabbar/mine.png HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/css/chunk-9c1c641c.2704964a.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 4660\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-1234\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 138 x 134, 8-bit/color RGBA, non-interlaced","md5":"9257d7d41f0aeb65c674ea3ee19ef1b4","sha1":"826e3ae0ef20a7f48f69fd5740ff48212d05ecb0","sha256":"f4e0220e488ebe9e5176c587603b0756cc755a8649c13344aea8652d57cd5562","sha512":"e459264955355f76655df49a7ee28a76e31b84ebd37a8fcd2703d011b8eb29696ed01177dbf79758c952b29802b4afb7da894aa869b6e6c596f988764a444de0","ssdeep":"96:F9ICo03ee/GROo9AO7s0BPYx6GYWNHo6JxG/jgIZpEN25Vnj802NKo+pTp3p1:4L0uqrydGthNI6DOgIZzVnjj2NAp3p1","tlshash":"95a16e1391ede97e449c890166d2053db96b3bf0c68897f4149b2fdcd3b0e72b6810b8","first_seen":"2023-05-03T23:27:44Z","last_seen":"2026-06-08T12:58:48.463625Z","times_seen":478,"resource_available":false,"data":null}},"time_used":497,"timings":{"blocked":307,"dns":0,"connect":0,"send":0,"wait":189,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kosmetikskin.net/static/mobile/link/2.png","fqdn":"kosmetikskin.net","domain":"kosmetikskin.net","tld":"net"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kosmetikskin.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 06:21:06 GMT","end":"Thu, 07 May 2026 06:21:05 GMT"},"fingerprint":{"sha1":"11:CF:1F:ED:D5:02:4E:FB:3C:7F:8C:B4:37:3C:AF:60:CF:88:9D:03","sha256":"67:F3:2B:42:84:19:48:90:FB:A9:B2:45:84:BD:43:06:6F:82:6B:C8:6D:97:22:F8:81:67:CE:28:0B:BA:09:1B"}}},"request":{"raw":"GET /static/mobile/link/2.png HTTP/1.1\r\nHost: kosmetikskin.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 36342\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nConnection: keep-alive\r\nETag: \"696e6470-8df6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced","md5":"ff2583db35c4acd87cbf195af9e9b202","sha1":"accfcd83b3d9f5de5aefe233ab1add6f800486c4","sha256":"8ce9d693209b66c96c19a29f83c57bf0389d81fc8e5ce4dcea63a4cc2c821928","sha512":"a5c52846621635a06e1ba79aaac03280f0c1ac38a51430b833afe536657eee5f703c432fbd23f5a8f82a4e47bf4e4aa21449ec597c8686e19c962d8c0d3d8060","ssdeep":"768:RJfYhYn07EF8k04B5h2FBHS/6W9tvQpxzP+QwV8QSciig7ETgzbCU:HfeeqRAUFBHSiMt4zD+QwaQSz4Cd","tlshash":"b9f2f1f1d0039a1166296b56eca2dcf3253a0c95807325fe1490c56f26ed1f9f17af8e","first_seen":"2023-05-02T09:51:09Z","last_seen":"2026-06-06T04:24:34.444433Z","times_seen":329,"resource_available":false,"data":null}},"time_used":1235,"timings":{"blocked":506,"dns":0,"connect":0,"send":0,"wait":362,"receive":1,"ssl":366},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"kosmetikskin.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"kosmetikskin.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-df347502.6ac9adb2.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:30.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-df347502.6ac9adb2.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:31 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-410b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16651,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (16651), with no line terminators","md5":"d2696c0e2cf69c62af86f021189dc03a","sha1":"316f82f781689dac89c63c1e5980a485cf322f3f","sha256":"85e6c8935cfef86a0704481bd31643e1cb5bfaeb32dd0ae59c3e709fde6abf0a","sha512":"63c5c9a39c65f9cc31b6f105121d5335e5ac09c90544bdf716da4d5413f00be43026a66600e7e79191526e537f8475c51733a946e2ff87051c4f09a8bd1766a6","ssdeep":"192:DDXXnHjXTdlUvHdYrpMG2zIlYlpTkvQ8jF20ROlQlyuB7aekTYz8Elltl9lKtKb:DDX3HjDwfy0kvQ8jmQB3k8znlytKb","tlshash":"7072773b246c1328f0bbdf206a7c679c92a6e133e34116bd55426e30cfdb9da11b658d","first_seen":"2026-01-20T14:17:30.658134Z","last_seen":"2026-06-04T10:55:59.559324Z","times_seen":178,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vue/2.6.10/vue.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 30769\r\ncf-ray: 9d68a9f6eab432fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402c-16deb\"\r\nlast-modified: Mon, 04 May 2020 16:17:48 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1104738\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=C0KurMMutRQTSj3Fp2sJf%2FfobYtvoFB6MfoNmKuFG0mM2XYbno3jx2vzXwRxbim5GGGBJiJd8TVCRsJDgzVs6HjOyL0ipd4MEJq0cpz%2BsMlF8yNTKfNH0pTIyHfc9LrzODOMhDyY\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93675,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65449)","md5":"17e942ea0854bd9dce2070bae6826937","sha1":"434cdec1669f2c6c7406297a72120936bc56ed52","sha256":"72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26","sha512":"3f0439fa3817c71a6b34673cd32707137b29823e93b8389e1deff24e46c427e5396a897b753ba98bfe156f01c7ce54155bbed56f418b388b22622807802e6f72","ssdeep":"1536:1UXY7qLtpHt2Pqe1mZ8I6H82RaLiMBlo2VV2B/S/g:MYeJpN2yefjMBlPV00/g","tlshash":"529308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","first_seen":"2023-03-07T01:18:07Z","last_seen":"2026-06-08T12:58:48.433882Z","times_seen":4059,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":2,"connect":1,"send":0,"wait":13,"receive":1,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/sockjs-client/1.3.0/sockjs.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 16651\r\ncf-ray: 9d68a9f6a95f32fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03fd5-f54d\"\r\nlast-modified: Mon, 04 May 2020 16:16:21 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 61864\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=609xV%2FsHyuL7CUroPBiFUxy3UvkABquKxkRAz5rQjyaFObNkqMoKyQ8VRPuB3fiT1fgVoWFsARk24BgMapTlgVb8w1%2BEenYZHaPtyfvmQFA7cbp%2FiohzeDfKBAzWBPU4O0HL1Q1U\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62797,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (62696)","md5":"f0a01fa31e644ca44836356a172ba7c9","sha1":"e81438a79e8a7f34423168c70696cff2a820dbf1","sha256":"840ea076b43dbf564a909bb082dc287740a96f3c4483fcc024f7176306daecc7","sha512":"a18f9c600996f8f31c046e80334cc794efff550c2286bc822ba7bbc197d99e4ce5f032133866b18cb9743a717b76e578cdb2a9fb5f6ebe42614d08ea1ea2e47c","ssdeep":"1536:XFWQV1ZGORGWiB67hAHLY/IyYT3uu+OLFckh:XFW8tG967hAHM/IyYT/Law","tlshash":"5853e8c5f46134a213e7a2b582bf11032376953a640c85b4b798dcf98d7d98c532bf7a","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.423793Z","times_seen":1157,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:26.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs//Swiper/4.5.1/js/swiper.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Mar 2026 12:32:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 28993\r\ncf-ray: 9d68a9f6b98832fa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03cf2-1f6e9\"\r\nlast-modified: Mon, 04 May 2020 16:04:02 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1107136\r\nexpires: Sun, 21 Feb 2027 12:32:26 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=9Qt%2BNo4Jzwoeihvt2YVpQ%2BePIwdyKUyFowWcbSJ1x45DElnTYUj%2FOB6kaQVOymu3nXOEiIR9BxChDRplVKzdGOkZvm%2ByKk8VL%2BEwhapK%2FSWoFv1dQPQpDmR4leJ1CUqytvWtPIcy\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":128745,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65269)","md5":"2ac19265b38d14235141d184bca54d9a","sha1":"c725eb5a33d093e331e25c3a5ef1272b0f1f648c","sha256":"e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e","sha512":"6476ae51cfef0724ba254cff1e5d68f2cda477840954b01b933f1c9608ed6ca5094fe006d5cef7e5a32d54b25fb4a418a3e2c3eb642bcafa0d6bebaacbeac21d","ssdeep":"1536:O/pPCitsufJthaK85kqzOAkRlojU6tU8r5MhkhGllpcXvH7WcWUKcOqylFE8BtOa:+JthJkOAkaRaaGl4fH7WcWUKcOqjtYD","tlshash":"2bc31849b35071e551e72256539ed601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","first_seen":"2023-03-07T12:58:52Z","last_seen":"2026-06-08T19:37:58.80964Z","times_seen":2389,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"predictivebeautyy.com/css/chunk-082f7c94.4fb78762.css","fqdn":"predictivebeautyy.com","domain":"predictivebeautyy.com","tld":"com"},"ip":{"addr":"182.16.78.67","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://predictivebeautyy.com/","date":"2026-03-03T12:32:28.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"predictivebeautyy.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 29 Jan 2026 10:55:08 GMT","end":"Wed, 29 Apr 2026 10:55:07 GMT"},"fingerprint":{"sha1":"79:B1:A7:01:B1:98:95:00:4A:39:BA:94:CA:1C:5C:8C:AB:BE:36:74","sha256":"2A:13:18:B4:9D:61:EE:DA:D4:FF:1A:D9:9B:DA:56:DC:FA:BC:E9:74:84:F3:D1:A4:7F:CF:5E:EB:9F:16:B4:5F"}}},"request":{"raw":"GET /css/chunk-082f7c94.4fb78762.css HTTP/1.1\r\nHost: predictivebeautyy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://predictivebeautyy.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Tue, 03 Mar 2026 12:32:28 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 19 Jan 2026 17:05:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"696e6470-1050\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4176,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4176), with no line terminators","md5":"3bb0a325933a9ab0e88dc2ba85602ce5","sha1":"a8c722a6abc46b8783857bbc0c5bcd45dc4e7c04","sha256":"28e8c50ef6cb0ebc5145933d38ff0ad53754d5f3ab46d7dedff06df249183fba","sha512":"86d63977f4da3dc9eb87ce04e27c499b0dc030c2adc4138216cdcd6ba1dd85436012054e28a142d900ff37a5462462851840a3c1c9792ea409472712780dcd6e","ssdeep":"96:DJH1W27B/QV+Saol3mLycpSzGi//ktfAV+:DJH1N7B/e+SaolkS+1","tlshash":"27818672a21d4208f53bf6b025789ddd1970e22ba1834be85e597421cfc72933376ace","first_seen":"2025-01-10T12:51:25.853356Z","last_seen":"2026-06-07T01:38:16.219188Z","times_seen":548,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"predictivebeautyy.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"predictivebeautyy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}